adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/560ad646-3e08-4331-87b2-cfb8950d210b.json

38281 lines
No EOL
1.6 MiB
Raw Blame History

{
"type": "bundle",
"id": "bundle--560ad646-3e08-4331-87b2-cfb8950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:47.000Z",
"modified": "2015-09-30T06:19:47.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--560ad646-3e08-4331-87b2-cfb8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:47.000Z",
"modified": "2015-09-30T06:19:47.000Z",
"name": "OSINT Recorded Future using shodan to find RAT controllers",
"published": "2015-09-29T18:45:53Z",
"object_refs": [
"observed-data--560ad661-7c50-4a44-93b3-cf67950d210b",
"url--560ad661-7c50-4a44-93b3-cf67950d210b",
"observed-data--560ad662-d638-4901-a2c9-cf67950d210b",
"url--560ad662-d638-4901-a2c9-cf67950d210b",
"indicator--560ad78e-5f2c-47a4-9cb3-985b950d210b",
"indicator--560ad78e-a75c-408d-aae4-985b950d210b",
"indicator--560ad7b7-475c-4b33-9b49-b3da950d210b",
"indicator--560ad7b7-2730-43da-a8ea-b3da950d210b",
"indicator--560ad7b7-d14c-4533-b1de-b3da950d210b",
"indicator--560ad7b8-f368-4879-a986-b3da950d210b",
"indicator--560ad7b8-653c-464c-b270-b3da950d210b",
"indicator--560ad7b9-4ed8-4a75-9b1d-b3da950d210b",
"indicator--560ad7b9-5d7c-4d2d-aa39-b3da950d210b",
"indicator--560ad7b9-13f4-49ed-bfeb-b3da950d210b",
"indicator--560ad7ba-1b88-413e-9017-b3da950d210b",
"indicator--560ad7ba-f898-4fd0-b391-b3da950d210b",
"indicator--560ad7ba-3b20-44c8-8a6f-b3da950d210b",
"indicator--560ad7bb-0dcc-4095-9799-b3da950d210b",
"indicator--560ad7bb-6130-49d6-9fc9-b3da950d210b",
"indicator--560ad7bb-dc90-407e-a1de-b3da950d210b",
"indicator--560ad7bc-e504-47a6-a93e-b3da950d210b",
"indicator--560ad7bc-4b84-4293-9540-b3da950d210b",
"indicator--560ad7bc-87b8-4bfb-8961-b3da950d210b",
"indicator--560ad7bd-3ea0-4c57-8a7d-b3da950d210b",
"indicator--560ad7bd-59b0-40ad-a688-b3da950d210b",
"indicator--560ad7bd-8f28-4f74-8697-b3da950d210b",
"indicator--560ad7be-c6d0-41a7-80d7-b3da950d210b",
"indicator--560ad7be-21fc-425c-9366-b3da950d210b",
"indicator--560ad7be-6e4c-42cd-b651-b3da950d210b",
"indicator--560ad7bf-a168-4557-a147-b3da950d210b",
"indicator--560ad7bf-05fc-4e93-bdcb-b3da950d210b",
"indicator--560ad7c0-aa6c-47fa-bf45-b3da950d210b",
"indicator--560ad7c0-55b0-4fbb-9d1d-b3da950d210b",
"indicator--560ad7c0-d588-427c-92fd-b3da950d210b",
"indicator--560ad7c1-352c-49e9-af40-b3da950d210b",
"indicator--560ad7c1-76d0-4026-8e0b-b3da950d210b",
"indicator--560ad7c1-98b0-4562-a71a-b3da950d210b",
"indicator--560ad7c2-a8ec-4180-b134-b3da950d210b",
"indicator--560ad7c2-a4c8-42f8-a51c-b3da950d210b",
"indicator--560ad7c2-6e00-4b34-a82b-b3da950d210b",
"indicator--560ad7c3-b3b0-4f2b-8835-b3da950d210b",
"indicator--560ad7c3-6ef0-4bae-b292-b3da950d210b",
"indicator--560ad7c3-0e1c-41a1-a08d-b3da950d210b",
"indicator--560ad7c4-d40c-4212-b397-b3da950d210b",
"indicator--560ad7c4-8d50-4f0c-91bd-b3da950d210b",
"indicator--560ad7c4-2de0-45b2-833b-b3da950d210b",
"indicator--560ad7c5-b05c-448c-9f73-b3da950d210b",
"indicator--560ad7c5-6514-4598-a23c-b3da950d210b",
"indicator--560ad7c5-5c74-4b51-8b5f-b3da950d210b",
"indicator--560ad7c6-4364-452a-8f63-b3da950d210b",
"indicator--560ad7c6-7d48-4066-a902-b3da950d210b",
"indicator--560ad7c7-b3d4-4582-8d2e-b3da950d210b",
"indicator--560ad7c7-62b8-4098-9279-b3da950d210b",
"indicator--560ad7c7-ca28-4b90-a092-b3da950d210b",
"indicator--560ad7c8-2850-428b-b5d7-b3da950d210b",
"indicator--560ad7c8-8478-474c-acea-b3da950d210b",
"indicator--560ad7c8-4b18-4000-9af6-b3da950d210b",
"indicator--560ad7c9-9e10-4e19-9d51-b3da950d210b",
"indicator--560ad7c9-a940-4cb9-9d70-b3da950d210b",
"indicator--560ad7c9-9e9c-48bb-833b-b3da950d210b",
"indicator--560ad7ca-63a0-4afb-8ed9-b3da950d210b",
"indicator--560ad7ca-01f0-4a4f-ab5b-b3da950d210b",
"indicator--560ad7ca-4228-496c-8e6c-b3da950d210b",
"indicator--560ad7cb-04e4-418e-bd6b-b3da950d210b",
"indicator--560ad7cb-a578-4214-8184-b3da950d210b",
"indicator--560ad7cb-acc0-4e38-857f-b3da950d210b",
"indicator--560ad7cc-0ecc-4ff7-a476-b3da950d210b",
"indicator--560ad7cc-3ac4-4c66-af1b-b3da950d210b",
"indicator--560ad7cc-2508-4c68-8413-b3da950d210b",
"indicator--560ad7cd-2b58-42de-8118-b3da950d210b",
"indicator--560ad7cd-6e3c-436a-97e8-b3da950d210b",
"indicator--560ad7cd-a23c-4bc5-96b2-b3da950d210b",
"indicator--560ad7ce-7e34-404b-b8f2-b3da950d210b",
"indicator--560ad7ce-53d8-4e35-b3f8-b3da950d210b",
"indicator--560ad7cf-b05c-4143-ad68-b3da950d210b",
"indicator--560ad7cf-8fc4-4a59-895b-b3da950d210b",
"indicator--560ad7cf-766c-4f08-a702-b3da950d210b",
"indicator--560ad7d0-6bac-455b-b75c-b3da950d210b",
"indicator--560ad7d0-9084-48ab-85d6-b3da950d210b",
"indicator--560ad7d0-6f48-4c40-be6e-b3da950d210b",
"indicator--560ad7d1-1458-4437-9003-b3da950d210b",
"indicator--560ad7d1-b6e4-4dce-be19-b3da950d210b",
"indicator--560ad7d1-ebdc-410c-81f6-b3da950d210b",
"indicator--560ad7d2-1644-4596-a5d2-b3da950d210b",
"indicator--560ad7d2-c29c-4ecb-85f5-b3da950d210b",
"indicator--560ad7d2-ecd0-49a4-ba71-b3da950d210b",
"indicator--560ad7d3-9650-4589-a6cb-b3da950d210b",
"indicator--560ad7d3-c740-4f25-ac3a-b3da950d210b",
"indicator--560ad7d3-ebc4-4cf3-9e61-b3da950d210b",
"indicator--560ad7d4-c760-4c44-b7e7-b3da950d210b",
"indicator--560ad7d4-fa94-449b-a7a0-b3da950d210b",
"indicator--560ad7d4-8e20-407b-95c5-b3da950d210b",
"indicator--560ad7d5-2db0-45d9-9114-b3da950d210b",
"indicator--560ad7d5-5628-4b0d-bf4c-b3da950d210b",
"indicator--560ad7d5-3f08-4418-b7b4-b3da950d210b",
"indicator--560ad7d6-acc4-4797-a55c-b3da950d210b",
"indicator--560ad7d6-2c9c-4362-949f-b3da950d210b",
"indicator--560ad7d7-780c-4d5b-a5d9-b3da950d210b",
"indicator--560ad7d7-f580-4951-8ed7-b3da950d210b",
"indicator--560ad7d7-40a8-4ece-88d9-b3da950d210b",
"indicator--560ad7d8-7d14-4b86-9fa6-b3da950d210b",
"indicator--560ad7d8-91a8-480a-9eaf-b3da950d210b",
"indicator--560ad7d8-3aa8-487b-bb55-b3da950d210b",
"indicator--560ad7d9-5510-4381-9b6f-b3da950d210b",
"indicator--560ad7d9-5d74-49de-93fe-b3da950d210b",
"indicator--560ad7d9-4300-4afd-8f3f-b3da950d210b",
"indicator--560ad7da-c51c-4040-96ee-b3da950d210b",
"indicator--560ad7da-e150-40b1-8737-b3da950d210b",
"indicator--560ad7da-f534-4c7c-a627-b3da950d210b",
"indicator--560ad7db-5300-4a96-bf28-b3da950d210b",
"indicator--560ad7db-1814-481a-a97a-b3da950d210b",
"indicator--560ad7db-dcec-455f-8461-b3da950d210b",
"indicator--560ad7dc-d790-4f28-a2a9-b3da950d210b",
"indicator--560ad7dc-5aac-4499-8f17-b3da950d210b",
"indicator--560ad7dc-6070-411a-b353-b3da950d210b",
"indicator--560ad7dd-7dbc-49f6-9454-b3da950d210b",
"indicator--560ad7dd-870c-4a12-80f9-b3da950d210b",
"indicator--560ad7de-53f4-464c-bd4f-b3da950d210b",
"indicator--560ad7de-3d44-4f58-8cdd-b3da950d210b",
"indicator--560ad7de-6374-4e70-8239-b3da950d210b",
"indicator--560ad7df-241c-4715-b96c-b3da950d210b",
"indicator--560ad7df-c988-48f3-a960-b3da950d210b",
"indicator--560ad7df-500c-4318-9c6a-b3da950d210b",
"indicator--560ad7e0-9edc-4d46-b23b-b3da950d210b",
"indicator--560ad7e0-393c-444b-b759-b3da950d210b",
"indicator--560ad7e0-7554-4400-8acc-b3da950d210b",
"indicator--560ad7e1-19ec-431c-b995-b3da950d210b",
"indicator--560ad7e1-8634-47a1-9a21-b3da950d210b",
"indicator--560ad7e1-555c-4fee-a462-b3da950d210b",
"indicator--560ad7e2-ea44-453a-8bb4-b3da950d210b",
"indicator--560ad7e2-4804-4768-8a9a-b3da950d210b",
"indicator--560ad7e2-d98c-4611-97a4-b3da950d210b",
"indicator--560ad7e3-ca5c-4ffa-8a24-b3da950d210b",
"indicator--560ad7e3-8848-4ee1-bab8-b3da950d210b",
"indicator--560ad7e3-d63c-4a1e-a72c-b3da950d210b",
"indicator--560ad7e4-3900-48dc-a485-b3da950d210b",
"indicator--560ad7e4-c314-4cc0-89ae-b3da950d210b",
"indicator--560ad7e5-5378-49ef-bd77-b3da950d210b",
"indicator--560ad7e5-97c4-4139-9216-b3da950d210b",
"indicator--560ad7e5-e6dc-45c5-b31b-b3da950d210b",
"indicator--560ad7e6-23b4-4058-a4e3-b3da950d210b",
"indicator--560ad7e6-be54-4209-a460-b3da950d210b",
"indicator--560ad7e6-f730-431d-9d95-b3da950d210b",
"indicator--560ad7e7-6b1c-40c4-b5b4-b3da950d210b",
"indicator--560ad7e7-41ec-4c85-ad7a-b3da950d210b",
"indicator--560ad7e7-f174-41ef-86a7-b3da950d210b",
"indicator--560ad7e8-978c-48de-80b4-b3da950d210b",
"indicator--560ad7e8-4b74-4bd5-9a83-b3da950d210b",
"indicator--560ad7e8-5940-4778-a162-b3da950d210b",
"indicator--560ad7e9-55b0-4319-b297-b3da950d210b",
"indicator--560ad7e9-8d74-40bc-aaf2-b3da950d210b",
"indicator--560ad7e9-5a4c-4c7b-add7-b3da950d210b",
"indicator--560ad7ea-c96c-4ff0-8986-b3da950d210b",
"indicator--560ad7ea-1fd8-47fb-97e2-b3da950d210b",
"indicator--560ad7ea-6ea8-41ca-a77d-b3da950d210b",
"indicator--560ad7eb-f9e8-4730-891f-b3da950d210b",
"indicator--560ad7eb-9e38-4936-9504-b3da950d210b",
"indicator--560ad7eb-4cf0-4648-8cbb-b3da950d210b",
"indicator--560ad7ec-6dcc-4829-97ce-b3da950d210b",
"indicator--560ad7ec-f1b0-4206-bdfa-b3da950d210b",
"indicator--560ad7ed-c8b0-4073-945a-b3da950d210b",
"indicator--560ad7ed-a220-45c1-bc2a-b3da950d210b",
"indicator--560ad7ed-3b70-4933-8619-b3da950d210b",
"indicator--560ad7ee-8e38-4e4e-98b7-b3da950d210b",
"indicator--560ad7ee-c828-423f-823b-b3da950d210b",
"indicator--560ad7ee-2fc8-4c2d-83e5-b3da950d210b",
"indicator--560ad7ef-b860-4e39-a6a3-b3da950d210b",
"indicator--560ad7ef-63c4-411e-8232-b3da950d210b",
"indicator--560ad7ef-ad48-4579-ab77-b3da950d210b",
"indicator--560ad7f0-266c-4608-8a79-b3da950d210b",
"indicator--560ad7f0-0b24-4792-9743-b3da950d210b",
"indicator--560ad7f0-336c-496b-93e2-b3da950d210b",
"indicator--560ad7f1-fa38-4b64-ba58-b3da950d210b",
"indicator--560ad7f1-6c30-4404-ac8e-b3da950d210b",
"indicator--560ad7f1-1390-4d3c-8bc2-b3da950d210b",
"indicator--560ad7f2-652c-438b-86b1-b3da950d210b",
"indicator--560ad7f2-dac4-4f8c-9aa3-b3da950d210b",
"indicator--560ad7f2-7330-465a-b29e-b3da950d210b",
"indicator--560ad7f3-bc80-4236-a8ef-b3da950d210b",
"indicator--560ad7f3-e658-407f-88d1-b3da950d210b",
"indicator--560ad7f4-b9fc-4a84-964e-b3da950d210b",
"indicator--560ad7f4-92b8-432c-96f5-b3da950d210b",
"indicator--560ad7f4-895c-455e-a456-b3da950d210b",
"indicator--560ad7f5-0cc4-4551-93b0-b3da950d210b",
"indicator--560ad7f5-d37c-4a31-b90d-b3da950d210b",
"indicator--560ad7f5-7a78-48ef-bfcd-b3da950d210b",
"indicator--560ad7f6-b470-45b2-bbd2-b3da950d210b",
"indicator--560ad7f6-16c0-45f0-a0dc-b3da950d210b",
"indicator--560ad7f6-4a90-40b2-af53-b3da950d210b",
"indicator--560ad7f7-4ac8-4ba1-973e-b3da950d210b",
"indicator--560ad7f7-0a5c-40d9-93f5-b3da950d210b",
"indicator--560ad7f7-d718-49c5-81e4-b3da950d210b",
"indicator--560ad7f8-3930-4c51-90f4-b3da950d210b",
"indicator--560ad7f8-7760-4a85-8ecd-b3da950d210b",
"indicator--560ad7f8-5700-479c-b129-b3da950d210b",
"indicator--560ad7f9-4e18-4f50-90bf-b3da950d210b",
"indicator--560ad7f9-6a48-48bd-ac8d-b3da950d210b",
"indicator--560ad7f9-c0b8-4cf3-823d-b3da950d210b",
"indicator--560ad7fa-3370-4031-8f15-b3da950d210b",
"indicator--560ad7fa-b07c-4f16-84c8-b3da950d210b",
"indicator--560ad7fb-b9a8-43db-85cb-b3da950d210b",
"indicator--560ad7fb-3378-4f50-bcf0-b3da950d210b",
"indicator--560ad7fb-77cc-4475-b6dc-b3da950d210b",
"indicator--560ad7fc-ee2c-4f9b-b982-b3da950d210b",
"indicator--560ad7fc-5bc4-4e65-8858-b3da950d210b",
"indicator--560ad7fc-ddec-4a94-ab6c-b3da950d210b",
"indicator--560ad7fd-8748-4b8d-951e-b3da950d210b",
"indicator--560ad7fd-017c-4d6a-9308-b3da950d210b",
"indicator--560ad7fd-8aa8-435f-aecd-b3da950d210b",
"indicator--560ad7fe-c69c-47dd-8365-b3da950d210b",
"indicator--560ad7fe-af14-48a2-8417-b3da950d210b",
"indicator--560ad7fe-7548-445b-a52b-b3da950d210b",
"indicator--560ad7ff-a2c8-478b-8fa7-b3da950d210b",
"indicator--560ad7ff-06d4-4932-b165-b3da950d210b",
"indicator--560ad7ff-f868-4de9-92d5-b3da950d210b",
"indicator--560ad800-9410-4b43-9c69-b3da950d210b",
"indicator--560ad800-8ff4-4c26-83fa-b3da950d210b",
"indicator--560ad800-b718-447c-b82b-b3da950d210b",
"indicator--560ad801-8d84-4ff5-be73-b3da950d210b",
"indicator--560ad801-de00-4f05-a317-b3da950d210b",
"indicator--560ad802-8074-4a8a-805a-b3da950d210b",
"indicator--560ad802-3500-4594-bebb-b3da950d210b",
"indicator--560ad802-a798-4981-b951-b3da950d210b",
"indicator--560ad803-577c-41e4-8f19-b3da950d210b",
"indicator--560ad803-83b4-41a3-897a-b3da950d210b",
"indicator--560ad803-1028-4cb7-ad89-b3da950d210b",
"indicator--560ad804-f620-4a09-93ef-b3da950d210b",
"indicator--560ad804-8d3c-4597-ae4f-b3da950d210b",
"indicator--560ad804-1ab8-45fb-9847-b3da950d210b",
"indicator--560ad805-c1bc-42b9-a0cb-b3da950d210b",
"indicator--560ad805-a92c-47bb-97ad-b3da950d210b",
"indicator--560ad805-71ec-4b4b-bd31-b3da950d210b",
"indicator--560ad806-4c70-4cf6-bbba-b3da950d210b",
"indicator--560ad806-a180-43ce-92b7-b3da950d210b",
"indicator--560ad806-17d4-4805-90c3-b3da950d210b",
"indicator--560ad807-c75c-4c3e-88ee-b3da950d210b",
"indicator--560ad807-2884-4534-b94f-b3da950d210b",
"indicator--560ad807-6af8-46bc-bed2-b3da950d210b",
"indicator--560ad808-bb14-47f8-9ea0-b3da950d210b",
"indicator--560ad808-1c84-45a2-a4d1-b3da950d210b",
"indicator--560ad808-3fdc-4faa-82ab-b3da950d210b",
"indicator--560ad809-8a2c-44b3-a692-b3da950d210b",
"indicator--560ad809-88f0-4937-a2a6-b3da950d210b",
"indicator--560ad80a-f6dc-4686-b957-b3da950d210b",
"indicator--560ad80a-e8d8-4606-873f-b3da950d210b",
"indicator--560ad80a-31d4-469e-8044-b3da950d210b",
"indicator--560ad80b-70f0-4121-bd95-b3da950d210b",
"indicator--560ad80b-cfcc-449b-b0ad-b3da950d210b",
"indicator--560ad80b-5060-4c85-839a-b3da950d210b",
"indicator--560ad80c-6558-4d5b-b7a9-b3da950d210b",
"indicator--560ad80c-1028-4e66-a753-b3da950d210b",
"indicator--560ad80c-058c-4b5b-9229-b3da950d210b",
"indicator--560ad80d-590c-4df7-b05c-b3da950d210b",
"indicator--560ad80d-741c-495c-a6ba-b3da950d210b",
"indicator--560ad80d-8e18-4657-af34-b3da950d210b",
"indicator--560ad80e-2e60-4523-897d-b3da950d210b",
"indicator--560ad80e-9f68-4420-b14b-b3da950d210b",
"indicator--560ad827-d0f4-4b0f-9769-48b8950d210b",
"indicator--560ad827-9b70-4cc6-83ef-436c950d210b",
"indicator--560ad828-00f8-4b0b-b14e-450c950d210b",
"indicator--560ad828-9c58-4c36-b42a-44cb950d210b",
"indicator--560ad829-b24c-49b4-b025-4477950d210b",
"indicator--560ad829-97b4-4a37-8658-48fa950d210b",
"indicator--560ad829-42d8-4eb2-bd29-43b3950d210b",
"indicator--560ad82a-fe24-455a-976d-4ebf950d210b",
"indicator--560ad82a-70ac-441d-8ac4-4f88950d210b",
"indicator--560ad82a-223c-4e52-afcd-4494950d210b",
"indicator--560ad82b-0358-4041-8eb3-4310950d210b",
"indicator--560ad82b-0394-4c71-a46f-4c16950d210b",
"indicator--560ad82b-62e4-48b5-ae2f-4b47950d210b",
"indicator--560ad82c-80a4-4434-9821-448c950d210b",
"indicator--560ad82c-c0c8-4819-aede-46cd950d210b",
"indicator--560ad82c-3c98-49c9-bd29-4377950d210b",
"indicator--560ad82d-e8a4-4a4a-82a1-43fe950d210b",
"indicator--560ad82d-acf4-4552-bad2-47c7950d210b",
"indicator--560ad82d-1208-4858-a468-4e0f950d210b",
"indicator--560ad82e-6f78-4244-a6b2-4166950d210b",
"indicator--560ad82e-d710-49cc-935a-44cf950d210b",
"indicator--560ad82e-4b4c-4cf1-ad94-47b6950d210b",
"indicator--560ad843-5bec-42f7-af01-cf65950d210b",
"indicator--560ad843-1bb0-4adb-b688-cf65950d210b",
"indicator--560ad843-9e84-4fd8-9030-cf65950d210b",
"indicator--560ad844-45d0-42d8-8c8d-cf65950d210b",
"indicator--560ad844-f010-41eb-a9a0-cf65950d210b",
"indicator--560ad844-9ca8-4eaa-8bff-cf65950d210b",
"indicator--560ad845-d0f8-425c-ac3c-cf65950d210b",
"indicator--560ad845-949c-441d-a7e4-cf65950d210b",
"indicator--560ad845-9f80-4467-abdb-cf65950d210b",
"indicator--560ad846-a284-4ab5-be65-cf65950d210b",
"indicator--560ad846-53d4-47e5-83a4-cf65950d210b",
"indicator--560ad846-241c-4f13-86be-cf65950d210b",
"indicator--560ad847-1ed4-4912-b5be-cf65950d210b",
"indicator--560ad847-49bc-4422-8275-cf65950d210b",
"indicator--560ad847-6c9c-4279-af1b-cf65950d210b",
"indicator--560ad848-9e58-42ea-bc60-cf65950d210b",
"indicator--560ad848-4940-4f7c-90b7-cf65950d210b",
"indicator--560ad848-735c-4d86-9ffd-cf65950d210b",
"indicator--560ad849-8110-4240-97c3-cf65950d210b",
"indicator--560ad849-7fc4-450a-9de8-cf65950d210b",
"indicator--560ad849-e668-4584-a888-cf65950d210b",
"indicator--560ad84a-0f90-4078-ba25-cf65950d210b",
"indicator--560ad84a-9800-460b-a3eb-cf65950d210b",
"indicator--560ad84b-424c-4800-b0b2-cf65950d210b",
"indicator--560ad84b-1eac-4afe-aa7e-cf65950d210b",
"indicator--560ad84b-8770-4d1b-b078-cf65950d210b",
"indicator--560ad84c-90c0-4a8f-af93-cf65950d210b",
"indicator--560ad84c-357c-4564-91b7-cf65950d210b",
"indicator--560ad84c-0384-4590-866e-cf65950d210b",
"indicator--560ad84d-11c0-4187-9d1d-cf65950d210b",
"indicator--560ad84d-f4b4-4af3-b816-cf65950d210b",
"indicator--560ad84d-ab58-4440-8b58-cf65950d210b",
"indicator--560ad84e-653c-4f45-afc6-cf65950d210b",
"indicator--560ad84e-38d4-494c-af41-cf65950d210b",
"indicator--560ad84e-17e0-41f4-8b28-cf65950d210b",
"indicator--560ad84f-87c0-4df9-a3e1-cf65950d210b",
"indicator--560ad84f-f91c-474a-b297-cf65950d210b",
"indicator--560ad84f-5120-479f-89b1-cf65950d210b",
"indicator--560ad850-56fc-427e-9428-cf65950d210b",
"indicator--560ad850-7ce4-45b5-b3a2-cf65950d210b",
"indicator--560ad850-1074-4348-b9c6-cf65950d210b",
"indicator--560ad851-876c-4a08-94c0-cf65950d210b",
"indicator--560ad851-11a4-42d7-b69e-cf65950d210b",
"indicator--560ad851-4d58-462c-b6e1-cf65950d210b",
"indicator--560ad852-395c-456c-8061-cf65950d210b",
"indicator--560ad852-3454-4c77-9db4-cf65950d210b",
"indicator--560ad852-3f40-427b-a2d6-cf65950d210b",
"indicator--560ad853-7100-4761-bb4c-cf65950d210b",
"indicator--560ad853-8758-4750-aded-cf65950d210b",
"indicator--560ad854-a2c0-4bfd-8c52-cf65950d210b",
"indicator--560ad854-c3c0-4b85-8903-cf65950d210b",
"indicator--560ad854-d108-437c-a6ed-cf65950d210b",
"indicator--560ad855-5cb4-47f6-b4e2-cf65950d210b",
"indicator--560ad855-1570-411a-b0fc-cf65950d210b",
"indicator--560ad855-6698-44b7-95f2-cf65950d210b",
"indicator--560ad856-2064-428f-a2e3-cf65950d210b",
"indicator--560ad856-ae84-4e11-b393-cf65950d210b",
"indicator--560ad856-ebc0-4f98-9e80-cf65950d210b",
"indicator--560ad857-2e6c-4a4c-b718-cf65950d210b",
"indicator--560ad857-3cac-4222-b321-cf65950d210b",
"indicator--560ad857-17d8-480c-ba31-cf65950d210b",
"indicator--560ad858-1a8c-43c1-af12-cf65950d210b",
"indicator--560ad858-2d24-4e5b-b1ee-cf65950d210b",
"indicator--560ad858-3870-40ad-9fd2-cf65950d210b",
"indicator--560ad859-2e78-4ef2-8ba8-cf65950d210b",
"indicator--560ad859-dfb4-4ceb-9d14-cf65950d210b",
"indicator--560ad85a-084c-4d38-b8c6-cf65950d210b",
"indicator--560ad85a-5218-4bbf-bbb4-cf65950d210b",
"indicator--560ad85a-a7f4-4997-b159-cf65950d210b",
"indicator--560ad85b-e5a4-432f-b6db-cf65950d210b",
"indicator--560ad85b-407c-41a2-9d79-cf65950d210b",
"indicator--560ad85b-4204-48d6-9f2a-cf65950d210b",
"indicator--560ad85c-e7f4-459f-91ba-cf65950d210b",
"indicator--560ad85c-9fcc-4769-a0d0-cf65950d210b",
"indicator--560ad85c-ba8c-4d6b-9149-cf65950d210b",
"indicator--560ad85d-04bc-4025-9ec2-cf65950d210b",
"indicator--560ad85d-5268-43ed-8fdd-cf65950d210b",
"indicator--560ad85d-02ac-451d-866c-cf65950d210b",
"indicator--560ad85e-058c-4da6-aee0-cf65950d210b",
"indicator--560ad85e-d974-43c5-bb6f-cf65950d210b",
"indicator--560ad85e-a724-47bd-9bca-cf65950d210b",
"indicator--560ad873-a020-4c02-bf4f-b3da950d210b",
"indicator--560ad873-6744-4d50-9636-b3da950d210b",
"indicator--560ad873-5f08-49e0-a9ab-b3da950d210b",
"indicator--560ad874-5e30-435e-8997-b3da950d210b",
"indicator--560ad874-aa4c-4cb3-b191-b3da950d210b",
"indicator--560ad874-9ba4-4601-899c-b3da950d210b",
"indicator--560ad875-0d24-4afe-b0f8-b3da950d210b",
"indicator--560ad875-0988-468d-b624-b3da950d210b",
"indicator--560ad876-cbec-4196-b61b-b3da950d210b",
"indicator--560ad876-6f08-4bd0-97d6-b3da950d210b",
"indicator--560ad876-8d8c-4256-8a49-b3da950d210b",
"indicator--560ad877-1e68-442d-bed5-b3da950d210b",
"indicator--560ad888-fbc0-4d75-8f05-9b03950d210b",
"indicator--560ad888-66ac-4b87-a98a-9b03950d210b",
"indicator--560ad889-e2d8-41a2-bc33-9b03950d210b",
"indicator--560ad889-f0b0-4cee-91dd-9b03950d210b",
"indicator--560ad889-e9b4-471f-a33d-9b03950d210b",
"indicator--560ad88a-d8bc-431e-8687-9b03950d210b",
"indicator--560ad88a-d79c-4995-aff4-9b03950d210b",
"indicator--560ad88a-2dbc-4ac6-a6ca-9b03950d210b",
"indicator--560ad88b-c394-480e-8473-9b03950d210b",
"indicator--560ad88b-00c0-4224-ad51-9b03950d210b",
"indicator--560ad88b-7de0-4877-bf27-9b03950d210b",
"indicator--560ad88c-3630-4721-b7c2-9b03950d210b",
"indicator--560ad88c-05b8-4b81-a10b-9b03950d210b",
"indicator--560ad88d-4088-44c9-a131-9b03950d210b",
"indicator--560ad88d-db54-4849-953d-9b03950d210b",
"indicator--560ad88d-6f00-4400-b573-9b03950d210b",
"indicator--560ad88e-6a20-4e8b-9826-9b03950d210b",
"indicator--560ad88e-a9bc-44eb-b35f-9b03950d210b",
"indicator--560ad88e-d190-456e-95c1-9b03950d210b",
"indicator--560ad88f-a460-495e-908e-9b03950d210b",
"indicator--560ad88f-e308-47df-aaa5-9b03950d210b",
"indicator--560ad890-8bc0-4a5b-9da3-9b03950d210b",
"indicator--560ad890-cf7c-46e8-ac3c-9b03950d210b",
"indicator--560ad890-14f0-4ff7-920e-9b03950d210b",
"indicator--560ad891-7a44-43f7-b2f4-9b03950d210b",
"indicator--560ad891-f72c-479a-a97f-9b03950d210b",
"indicator--560ad891-3220-43cd-8ef9-9b03950d210b",
"indicator--560ad892-4a68-4603-8c16-9b03950d210b",
"indicator--560ad8fd-3d04-4546-8243-cf65950d210b",
"indicator--560ad927-9cc4-42cf-8862-985b950d210b",
"indicator--560ad928-2518-44ca-a96d-985b950d210b",
"indicator--560ad928-0ed8-4af2-aa6f-985b950d210b",
"indicator--560ad929-3640-4081-8f68-985b950d210b",
"indicator--560ad929-98d8-44dc-b518-985b950d210b",
"indicator--560ad929-08d0-42f0-82ae-985b950d210b",
"indicator--560ad92a-19e4-4cb7-b8c7-985b950d210b",
"indicator--560ad92a-72d0-494d-8150-985b950d210b",
"indicator--560ad92a-7510-4ce3-b268-985b950d210b",
"indicator--560ad92b-a798-4f34-8b87-985b950d210b",
"indicator--560ad92b-2564-4a53-9bbb-985b950d210b",
"indicator--560ad92c-a5c8-4d66-9bc5-985b950d210b",
"indicator--560ad92c-d3f8-4af8-b6cd-985b950d210b",
"indicator--560ad92c-b4f0-4c2b-a40d-985b950d210b",
"indicator--560ad92d-255c-4752-b37c-985b950d210b",
"indicator--560ad92d-8e40-4475-9631-985b950d210b",
"indicator--560ad92d-faf4-4b84-92f7-985b950d210b",
"indicator--560ad92e-bc40-415b-a4d8-985b950d210b",
"indicator--560ad92e-9c88-49ee-89b1-985b950d210b",
"indicator--560ad92f-1348-49cb-8064-985b950d210b",
"indicator--560ad92f-0fe4-4f33-a7a9-985b950d210b",
"indicator--560ad92f-7210-4a49-be68-985b950d210b",
"indicator--560ad930-00b8-4de9-b2c8-985b950d210b",
"indicator--560ad930-501c-4f74-93e7-985b950d210b",
"indicator--560ad930-0f0c-492c-a7ee-985b950d210b",
"indicator--560ad931-2fe4-4f20-8d60-985b950d210b",
"indicator--560ad931-1648-4ddf-9701-985b950d210b",
"indicator--560ad931-5a9c-4f42-970f-985b950d210b",
"indicator--560ad932-8e88-4aa4-af4f-985b950d210b",
"indicator--560ad932-0540-44d8-946d-985b950d210b",
"indicator--560ad933-2120-495d-91ba-985b950d210b",
"indicator--560ad933-a4fc-42f4-b75d-985b950d210b",
"indicator--560ad934-7424-420f-8393-985b950d210b",
"indicator--560ad934-e34c-40c3-8a92-985b950d210b",
"indicator--560ad935-6d48-4c1f-a147-985b950d210b",
"indicator--560ad935-16dc-47a6-a4e6-985b950d210b",
"indicator--560ad935-c194-49d3-a412-985b950d210b",
"indicator--560ad936-70fc-43cb-98cc-985b950d210b",
"indicator--560ad936-567c-49fd-896a-985b950d210b",
"indicator--560ad936-2010-453f-9db1-985b950d210b",
"indicator--560ad937-09dc-4001-83c8-985b950d210b",
"indicator--560ad937-98ac-4085-8155-985b950d210b",
"indicator--560ad937-b1c0-4662-b151-985b950d210b",
"indicator--560ad938-c758-4e2e-b9c6-985b950d210b",
"indicator--560ad938-439c-418d-862a-985b950d210b",
"indicator--560ad938-53d0-4098-b73e-985b950d210b",
"indicator--560ad939-9c54-4f90-965b-985b950d210b",
"indicator--560ad939-3838-4c8d-9de8-985b950d210b",
"indicator--560ad93a-c610-428c-9e47-985b950d210b",
"indicator--560ad93a-0478-472d-a88b-985b950d210b",
"indicator--560ad93a-4884-4119-820d-985b950d210b",
"indicator--560ad93b-3cbc-4bce-be2e-985b950d210b",
"indicator--560ad93b-9f34-46ff-9c10-985b950d210b",
"indicator--560ad93b-65dc-4e88-85a9-985b950d210b",
"indicator--560ad93c-39a0-4055-9767-985b950d210b",
"indicator--560ad93c-a9f0-4b73-89a0-985b950d210b",
"indicator--560ad93c-9268-459e-b228-985b950d210b",
"indicator--560ad93d-ff60-46ef-a312-985b950d210b",
"indicator--560ad93d-dd78-4e7e-8a28-985b950d210b",
"indicator--560ad93e-3838-4daa-9c9f-985b950d210b",
"indicator--560ad93e-4c68-4c76-952d-985b950d210b",
"indicator--560ad93e-fa10-46c1-83b7-985b950d210b",
"indicator--560ad93f-69ec-48f5-b74a-985b950d210b",
"indicator--560ad93f-8e2c-43ce-aa26-985b950d210b",
"indicator--560ad940-c8f0-4998-8ba7-985b950d210b",
"indicator--560ad940-0ebc-480d-9957-985b950d210b",
"indicator--560ad940-9e28-4dd3-8b2f-985b950d210b",
"indicator--560ad941-94c0-4453-afca-985b950d210b",
"indicator--560ad941-23b4-40a1-934e-985b950d210b",
"indicator--560ad942-0060-4e7f-a098-985b950d210b",
"indicator--560ad942-5818-4e08-9ae5-985b950d210b",
"indicator--560ad942-c7bc-4624-899a-985b950d210b",
"indicator--560ad943-44ec-437e-a355-985b950d210b",
"indicator--560ad943-cef0-4d8c-b0b4-985b950d210b",
"indicator--560ad943-433c-4555-8b9c-985b950d210b",
"indicator--560ad944-a48c-49a3-8327-985b950d210b",
"indicator--560ad944-6da8-4b75-94c1-985b950d210b",
"indicator--560ad944-fc50-42d7-bc47-985b950d210b",
"indicator--560ad945-3d98-40fa-8a4f-985b950d210b",
"indicator--560ad945-5050-473e-ba85-985b950d210b",
"indicator--560ad945-3cc4-4b7d-9349-985b950d210b",
"indicator--560ad946-def4-41fb-bb1e-985b950d210b",
"indicator--560ad946-9f3c-43f7-b027-985b950d210b",
"indicator--560ad946-9af8-45be-b01c-985b950d210b",
"indicator--560ad947-23d4-4104-a9b4-985b950d210b",
"indicator--560ad947-cc7c-4950-9004-985b950d210b",
"indicator--560ad947-5c14-451d-b68f-985b950d210b",
"indicator--560ad948-d1bc-4302-a975-985b950d210b",
"indicator--560ad948-141c-4862-b51c-985b950d210b",
"indicator--560ad948-78b4-4c68-bb14-985b950d210b",
"indicator--560ad949-2ecc-4aca-8c2b-985b950d210b",
"indicator--560ad949-8374-46c7-98eb-985b950d210b",
"indicator--560ad94a-99d8-4e18-b20f-985b950d210b",
"indicator--560ad94a-5cf4-4596-b685-985b950d210b",
"indicator--560ad94b-6290-4a5b-a20d-985b950d210b",
"indicator--560ad94b-3930-4719-8888-985b950d210b",
"indicator--560ad94b-e728-4ddf-9e41-985b950d210b",
"indicator--560ad94c-df98-4321-aa22-985b950d210b",
"indicator--560ad94d-06c8-461b-a42a-985b950d210b",
"indicator--560ad94d-f0dc-4562-a8b5-985b950d210b",
"indicator--560ad94d-b530-4635-8fe1-985b950d210b",
"indicator--560ad94e-ed08-4e8d-96cf-985b950d210b",
"indicator--560ad94e-cb20-45fa-846a-985b950d210b",
"indicator--560ad94e-8ff8-469b-9c56-985b950d210b",
"indicator--560ad94f-a4b8-4dde-a545-985b950d210b",
"indicator--560ad94f-116c-406f-85ba-985b950d210b",
"indicator--560ad950-97a0-426d-bf28-985b950d210b",
"indicator--560ad950-a348-4951-a51e-985b950d210b",
"indicator--560ad950-73e0-425d-91b8-985b950d210b",
"indicator--560ad951-1080-4bef-a678-985b950d210b",
"indicator--560ad951-0da0-4dfb-9221-985b950d210b",
"indicator--560ad952-67e4-4f00-bad5-985b950d210b",
"indicator--560ad952-3c04-4f92-8d9a-985b950d210b",
"indicator--560ad952-3cb8-4a63-ae9e-985b950d210b",
"indicator--560ad953-4f9c-4009-9886-985b950d210b",
"indicator--560ad953-1f60-49d8-b1c2-985b950d210b",
"indicator--560ad953-fef8-437b-93d0-985b950d210b",
"indicator--560ad954-209c-400b-81c7-985b950d210b",
"indicator--560ad954-94f4-41b4-b740-985b950d210b",
"indicator--560ad955-4dc0-4014-bfca-985b950d210b",
"indicator--560ad955-12f4-4c47-898e-985b950d210b",
"indicator--560ad955-3a54-4a8b-8ee3-985b950d210b",
"indicator--560ad956-8164-4914-9d72-985b950d210b",
"indicator--560ad956-ec38-4d59-b129-985b950d210b",
"indicator--560ad956-df74-4ceb-b639-985b950d210b",
"indicator--560ad957-3574-4f42-99ac-985b950d210b",
"indicator--560ad957-5850-4940-88fd-985b950d210b",
"indicator--560ad957-9c08-44a5-913d-985b950d210b",
"indicator--560ad958-0680-4f7f-b189-985b950d210b",
"indicator--560ad958-d274-4acd-b075-985b950d210b",
"indicator--560ad959-72b8-411b-a764-985b950d210b",
"indicator--560ad959-69bc-489b-8f46-985b950d210b",
"indicator--560ad95a-bce4-468d-9149-985b950d210b",
"indicator--560ad95a-5134-4eaa-afd2-985b950d210b",
"indicator--560ad95a-1e58-45ed-bba4-985b950d210b",
"indicator--560ad95b-f868-4ace-92ab-985b950d210b",
"indicator--560ad95b-345c-480b-93d6-985b950d210b",
"indicator--560ad95c-1c90-4c45-8977-985b950d210b",
"indicator--560ad95c-cfb0-47a8-b73d-985b950d210b",
"indicator--560ad95c-96d8-4428-bca6-985b950d210b",
"indicator--560ad95d-d4d0-4ff0-8269-985b950d210b",
"indicator--560ad95d-9fdc-436c-b88e-985b950d210b",
"indicator--560ad95e-f7cc-4454-805b-985b950d210b",
"indicator--560ad95e-1534-49db-97a3-985b950d210b",
"indicator--560ad95f-9348-41b2-9c42-985b950d210b",
"indicator--560ad95f-c8f8-4ff2-aa93-985b950d210b",
"indicator--560ad95f-2f38-4bd5-9686-985b950d210b",
"indicator--560ad960-115c-4083-9661-985b950d210b",
"indicator--560ad960-c01c-4d4d-be8b-985b950d210b",
"indicator--560ad960-f7fc-4d76-9b30-985b950d210b",
"indicator--560ad961-1f80-4433-bf7d-985b950d210b",
"indicator--560ad961-4fcc-4777-9273-985b950d210b",
"indicator--560ad961-a464-4cf6-b5a0-985b950d210b",
"indicator--560ad962-5c70-48b1-b1ee-985b950d210b",
"indicator--560ad962-0350-4605-bfcf-985b950d210b",
"indicator--560ad962-4f1c-4ea6-a29b-985b950d210b",
"indicator--560ad963-b198-4959-8870-985b950d210b",
"indicator--560ad963-6ecc-4c5f-ba79-985b950d210b",
"indicator--560ad963-6af0-4823-93cd-985b950d210b",
"indicator--560ad964-ad3c-401c-982e-985b950d210b",
"indicator--560ad964-b1b8-458e-b4bb-985b950d210b",
"indicator--560ad965-2e74-4dc3-b66f-985b950d210b",
"indicator--560ad965-e5b4-42a2-b0fe-985b950d210b",
"indicator--560ad965-22ec-40b0-a74c-985b950d210b",
"indicator--560ad966-2854-4122-b2af-985b950d210b",
"indicator--560ad966-21d8-40ba-8789-985b950d210b",
"indicator--560ad966-6598-4f00-9b4f-985b950d210b",
"indicator--560ad967-b3c0-4f07-b991-985b950d210b",
"indicator--560ad967-47a4-4d7c-8dd6-985b950d210b",
"indicator--560ad968-ae8c-450a-aaad-985b950d210b",
"indicator--560ad968-e268-4810-b265-985b950d210b",
"indicator--560ad968-acd4-4e93-aae2-985b950d210b",
"indicator--560ad969-49a8-47f0-995d-985b950d210b",
"indicator--560ad969-0a78-4abd-91aa-985b950d210b",
"indicator--560ad96a-9318-41a2-a16b-985b950d210b",
"indicator--560ad9ac-afb8-4f50-b5f7-b3da950d210b",
"indicator--560ad9ad-3fe8-43aa-9ff4-b3da950d210b",
"indicator--560ad9ae-6004-4054-ae0d-b3da950d210b",
"indicator--560ad9ae-5ba4-48ef-9c18-b3da950d210b",
"indicator--560ad9af-dea8-4f47-b640-b3da950d210b",
"indicator--560ad9af-4208-4a54-ab3d-b3da950d210b",
"indicator--560ad9af-2b5c-4b3a-805a-b3da950d210b",
"indicator--560ad9b0-e3ac-4816-9eb6-b3da950d210b",
"indicator--560ad9b0-5258-4ddf-99e0-b3da950d210b",
"indicator--560ad9b1-92fc-42fa-87ad-b3da950d210b",
"indicator--560ad9c9-ddc0-4755-bb72-494d950d210b",
"indicator--560ad9c9-11a4-44a9-8c30-4889950d210b",
"indicator--560ad9ca-4b3c-47dc-8a26-4c08950d210b",
"indicator--560ad9ca-7418-4e3f-8e21-46e3950d210b",
"indicator--560ad9cb-ec84-4865-94c4-48b5950d210b",
"indicator--560ad9cb-0e50-4c85-aa61-48a8950d210b",
"indicator--560ad9cb-91cc-457b-86c8-4a65950d210b",
"indicator--560ad9cc-d208-4e23-9c3b-4d16950d210b",
"indicator--560ad9cc-6d90-4bf5-a73a-4594950d210b",
"indicator--560ad9cc-3b34-43af-99f1-413d950d210b",
"indicator--560ad9cd-29c4-4529-bc88-49fa950d210b",
"indicator--560ad9cd-eea4-4a39-8b22-44ae950d210b",
"indicator--560ad9cd-cf14-4ebd-9046-4f19950d210b",
"indicator--560ad9ce-85a0-4ab2-861b-4b73950d210b",
"indicator--560ad9ce-48a0-4157-9930-45d8950d210b",
"indicator--560ad9cf-27b4-4e55-9d18-4bf7950d210b",
"indicator--560ad9cf-aab0-4761-ac2d-48e3950d210b",
"indicator--560ad9cf-da0c-471b-bd3f-4a48950d210b",
"indicator--560ad9d0-cee0-4cbd-8803-4f40950d210b",
"indicator--560ad9d0-3b64-4ea1-943c-47d6950d210b",
"indicator--560ad9d0-1960-49e5-9c98-44d0950d210b",
"indicator--560ad9d1-7eb4-49c6-8921-4f3c950d210b",
"indicator--560ad9d1-4330-46c4-bf40-4601950d210b",
"indicator--560ad9d2-c0dc-46f1-b023-4a6e950d210b",
"indicator--560ad9d2-0590-4ed4-b30e-4b15950d210b",
"indicator--560ad9d2-9968-4682-97c3-4407950d210b",
"indicator--560ad9d3-d01c-489c-967f-4ca0950d210b",
"indicator--560ad9d3-dec8-4d8a-b32b-491a950d210b",
"indicator--560ad9d3-953c-4f03-8a70-4d0d950d210b",
"indicator--560ad9d4-e958-479a-a6af-461a950d210b",
"indicator--560ad9d4-278c-4e5c-99b6-4e0d950d210b",
"indicator--560ad9d4-4b58-442c-8ebd-4525950d210b",
"indicator--560ad9d5-be10-4ee5-9ca4-4bdf950d210b",
"indicator--560ad9d5-1b4c-4302-9da9-4ba1950d210b",
"indicator--560ad9d5-1a40-4f4e-930e-4026950d210b",
"indicator--560ad9d6-3de8-49cb-a81d-4bf3950d210b",
"indicator--560ad9d6-e6a4-479a-8e30-4d2a950d210b",
"indicator--560ad9d6-0388-4ba9-99fd-4141950d210b",
"indicator--560ad9d7-f078-40f5-bf99-46c6950d210b",
"indicator--560ad9d7-8428-4256-aea1-4c33950d210b",
"indicator--560ad9d8-1c94-41c0-9413-4eb0950d210b",
"indicator--560ad9d8-9c94-4f34-99d0-436e950d210b",
"indicator--560ad9d8-1bcc-4ee3-b616-43e8950d210b",
"indicator--560ad9d9-278c-4f7d-a089-41a0950d210b",
"indicator--560ad9d9-77f0-4f1c-aeed-411f950d210b",
"indicator--560ad9d9-8878-4152-a178-4587950d210b",
"indicator--560ad9da-d560-42ef-8cc7-499f950d210b",
"indicator--560ad9da-882c-4589-a597-441f950d210b",
"indicator--560ad9da-d380-4e0b-9770-4d84950d210b",
"indicator--560ad9db-2140-493e-b5d2-4989950d210b",
"indicator--560ad9db-d60c-4c5f-bfb6-489a950d210b",
"indicator--560ad9db-8cc8-4ba9-b63d-4184950d210b",
"indicator--560ad9dc-59d4-412a-9d1a-4033950d210b",
"indicator--560ad9dc-e7fc-4457-84b4-4826950d210b",
"indicator--560ad9dd-4654-4faf-a913-4554950d210b",
"indicator--560ad9dd-2d20-4efb-9522-4f70950d210b",
"indicator--560ad9dd-9f04-4246-acde-4906950d210b",
"indicator--560adaa7-2558-4b3e-a47d-4dab950d210b",
"indicator--560adaa8-fa48-407e-bdb6-45cd950d210b",
"indicator--560adaa8-4298-4471-94d0-4a39950d210b",
"indicator--560adaa8-d768-4f88-b006-4df0950d210b",
"indicator--560adabe-015c-43f4-89d8-4272950d210b",
"indicator--560adabe-dac8-43fd-8db5-4bda950d210b",
"indicator--560adabf-6a94-42a4-8a34-45fc950d210b",
"indicator--560adabf-8d18-41b3-af7f-429f950d210b",
"indicator--560adac0-fad4-45fd-99bd-4992950d210b",
"indicator--560adac0-ad00-41f2-b55c-4f58950d210b",
"indicator--560adac0-3b18-4d87-b5bf-4d0c950d210b",
"indicator--560adac1-4990-4723-9ae3-4536950d210b",
"indicator--560adac1-be30-4200-b14f-4db1950d210b",
"indicator--560adac1-7cd0-4706-8fec-4779950d210b",
"indicator--560adac2-1650-48a7-abc1-4737950d210b",
"indicator--560adac2-99b0-491a-b460-43e1950d210b",
"indicator--560adac2-1fd0-43c2-9c19-4658950d210b",
"indicator--560adac3-ae38-46f7-a971-4d71950d210b",
"indicator--560adac3-35dc-4afd-826b-4d89950d210b",
"indicator--560adac4-9e20-417d-a638-4069950d210b",
"indicator--560adac4-66d8-43b7-93cb-4c5b950d210b",
"indicator--560adac4-5830-46b0-aa15-46a1950d210b",
"indicator--560adac5-0ee8-4b84-b125-4315950d210b",
"indicator--560adac5-89d8-4b47-ac72-43a1950d210b",
"indicator--560adac5-a300-4efc-86a8-4763950d210b",
"indicator--560adac6-d360-4384-8233-4828950d210b",
"indicator--560adac6-1220-4c4a-a938-44f8950d210b",
"indicator--560adac6-b880-403f-bc0d-413c950d210b",
"indicator--560adac7-fbc0-425c-b96f-4224950d210b",
"indicator--560adac7-a278-47ff-b5c3-481b950d210b",
"indicator--560adac7-b140-4f00-9c50-421f950d210b",
"indicator--560adac8-4bd4-45b0-90f0-42c1950d210b",
"indicator--560adaf9-a060-4c2f-bbe7-985b950d210b",
"indicator--560adafa-37b4-4d32-a3f0-985b950d210b",
"indicator--560adafa-1604-4c9a-a280-985b950d210b",
"indicator--560adafa-c29c-443c-9f1a-985b950d210b",
"indicator--560adafb-1564-451f-9298-985b950d210b",
"indicator--560adafb-7e6c-4786-a6af-985b950d210b",
"indicator--560adafb-a184-475b-9edd-985b950d210b",
"indicator--560adafc-3618-45a9-982b-985b950d210b",
"indicator--560adafc-cf2c-4f71-8d12-985b950d210b",
"indicator--560adafc-920c-4c17-a34d-985b950d210b",
"indicator--560adafd-9618-4f88-a4a7-985b950d210b",
"indicator--560adafd-bfec-4703-bb9a-985b950d210b",
"indicator--560adafd-eac0-46b9-9029-985b950d210b",
"indicator--560adafe-2898-4264-8810-985b950d210b",
"indicator--560adafe-ee98-4498-ab75-985b950d210b",
"indicator--560adafe-9880-44ad-b54c-985b950d210b",
"indicator--560adaff-9a48-463a-9cf0-985b950d210b",
"indicator--560adaff-cdf8-4cac-9cef-985b950d210b",
"indicator--560adaff-c5fc-45ee-ba3a-985b950d210b",
"indicator--560adb00-ec54-4643-8ed5-985b950d210b",
"indicator--560adb00-b304-4982-952f-985b950d210b",
"indicator--560adb01-0080-4438-8eac-985b950d210b",
"indicator--560adb01-9840-4561-8467-985b950d210b",
"indicator--560adb01-0360-4b54-bcbd-985b950d210b",
"indicator--560adb02-d4fc-4220-91c5-985b950d210b",
"indicator--560adb02-4560-408f-afd3-985b950d210b",
"indicator--560adb02-155c-446c-bff7-985b950d210b",
"indicator--560adb03-7870-4981-84c4-985b950d210b",
"indicator--560adb03-6390-42be-a0a8-985b950d210b",
"indicator--560adb03-3638-49d4-afa1-985b950d210b",
"indicator--560adb04-89d4-472b-a4e6-985b950d210b",
"indicator--560adb04-9bc4-4d65-80f6-985b950d210b",
"indicator--560adb04-8eb4-4a22-87d4-985b950d210b",
"indicator--560adb05-cad4-41e6-8348-985b950d210b",
"indicator--560adb05-b120-4dee-80c6-985b950d210b",
"indicator--560adb05-b934-4699-bf1a-985b950d210b",
"indicator--560adb06-8f78-4576-b4ce-985b950d210b",
"indicator--560adb06-d81c-4317-b391-985b950d210b",
"indicator--560adb06-1984-46b1-a25c-985b950d210b",
"indicator--560adb07-ae90-4d8c-93c1-985b950d210b",
"indicator--560adb07-46fc-4007-acae-985b950d210b",
"indicator--560adb07-09d8-411a-a6d5-985b950d210b",
"indicator--560adb08-d280-4802-9ea0-985b950d210b",
"indicator--560adb08-b740-4d19-adda-985b950d210b",
"indicator--560adb08-dcdc-4483-abd0-985b950d210b",
"indicator--560adb09-980c-4605-8223-985b950d210b",
"indicator--560adb09-86d4-432b-a350-985b950d210b",
"indicator--560adb09-9f5c-4279-a5de-985b950d210b",
"indicator--560adb0a-4db8-4e9b-b369-985b950d210b",
"indicator--560adb0a-6af0-4815-9222-985b950d210b",
"indicator--560adb0a-f448-40a8-87a4-985b950d210b",
"indicator--560adb0b-becc-4e62-981c-985b950d210b",
"indicator--560adb0b-6294-48df-b7ce-985b950d210b",
"indicator--560adb0c-0684-4bad-99ae-985b950d210b",
"indicator--560adb0c-7578-47e3-8552-985b950d210b",
"indicator--560adb0c-0bc8-4aa7-9393-985b950d210b",
"indicator--560adb0d-9278-4d91-8492-985b950d210b",
"indicator--560adb0d-6a30-4a3b-8707-985b950d210b",
"indicator--560adb0d-11b4-42fb-ad73-985b950d210b",
"indicator--560adb0e-5a20-4fe6-91d7-985b950d210b",
"indicator--560adb0e-d400-44d3-aab7-985b950d210b",
"indicator--560adb0e-1190-4d07-baa6-985b950d210b",
"indicator--560adb0f-1770-4c2e-9703-985b950d210b",
"indicator--560adb0f-9188-4e86-9d86-985b950d210b",
"indicator--560adb0f-58e4-44ea-921e-985b950d210b",
"indicator--560adb10-468c-49d4-a35b-985b950d210b",
"indicator--560adb10-9418-43dd-8c1b-985b950d210b",
"indicator--560adb10-c6d4-4e85-881f-985b950d210b",
"indicator--560adb11-82c8-4838-8867-985b950d210b",
"indicator--560adb11-8528-4662-9e8b-985b950d210b",
"indicator--560adb11-4f9c-4502-83d9-985b950d210b",
"indicator--560adb12-b430-43af-b3fc-985b950d210b",
"indicator--560adb12-e440-459c-aa03-985b950d210b",
"indicator--560adb12-5f48-4531-862a-985b950d210b",
"indicator--560adb13-1278-4fdc-b603-985b950d210b",
"indicator--560adb13-e988-4be9-b76b-985b950d210b",
"indicator--560adb13-20d0-43d2-b57c-985b950d210b",
"indicator--560adb14-c45c-4ed4-b86f-985b950d210b",
"indicator--560adb14-d7ec-44a2-af70-985b950d210b",
"indicator--560adb14-054c-408f-972d-985b950d210b",
"indicator--560adb15-86b0-430e-802d-985b950d210b",
"indicator--560adb15-fbb8-41e9-9c7a-985b950d210b",
"indicator--560adb15-a0e4-4ae8-aefc-985b950d210b",
"indicator--560adb16-90d8-4961-8178-985b950d210b",
"indicator--560adb16-dad4-40ed-8a95-985b950d210b",
"indicator--560adb16-5ce8-4a2a-a084-985b950d210b",
"indicator--560adb17-c65c-451b-bcd5-985b950d210b",
"indicator--560adb17-2010-4d55-ba88-985b950d210b",
"indicator--560adb18-3cc0-46c1-9205-985b950d210b",
"indicator--560adb18-3208-4b7c-ac27-985b950d210b",
"indicator--560adb18-45c8-44f6-8d0f-985b950d210b",
"indicator--560adb19-e130-4d91-82aa-985b950d210b",
"indicator--560adb19-39f0-49b7-80ac-985b950d210b",
"indicator--560adb19-17ec-44de-a269-985b950d210b",
"indicator--560adb1a-29f0-4645-885e-985b950d210b",
"indicator--560adb1a-fd70-4043-a217-985b950d210b",
"indicator--560adb1a-2948-46bf-ac0b-985b950d210b",
"indicator--560adb1b-4e50-460a-8b0b-985b950d210b",
"indicator--560adb1b-de1c-444f-a4ac-985b950d210b",
"indicator--560adb1b-6cd0-4270-b8fe-985b950d210b",
"indicator--560adb1c-d1b8-47be-a896-985b950d210b",
"indicator--560adb1c-d8a4-4bb7-b4a0-985b950d210b",
"indicator--560adb1c-92e8-400a-8a3a-985b950d210b",
"indicator--560adb1d-2494-423d-a993-985b950d210b",
"indicator--560adb1d-f944-44b4-9da3-985b950d210b",
"indicator--560adb1d-471c-4688-83fa-985b950d210b",
"indicator--560adb1e-1104-4729-8ade-985b950d210b",
"indicator--560adb1e-6634-4cbf-8ff0-985b950d210b",
"indicator--560adb1e-d354-42a3-aad0-985b950d210b",
"indicator--560adb1f-5b08-4518-884d-985b950d210b",
"indicator--560adb1f-e0a8-423e-a18e-985b950d210b",
"indicator--560adb1f-1250-4671-9377-985b950d210b",
"indicator--560adb20-89f0-40ca-bdc7-985b950d210b",
"indicator--560adb20-2d28-4716-bb58-985b950d210b",
"indicator--560adb20-08b8-4628-afd9-985b950d210b",
"indicator--560adb21-3f9c-4a04-9c07-985b950d210b",
"indicator--560adb21-6980-4e3a-804c-985b950d210b",
"indicator--560adb21-33bc-4400-b73b-985b950d210b",
"indicator--560adb22-7064-42f2-a819-985b950d210b",
"indicator--560adb22-4b6c-4958-90fa-985b950d210b",
"indicator--560adb23-b35c-423e-aa9a-985b950d210b",
"indicator--560adb23-76f0-4b43-a118-985b950d210b",
"indicator--560adb23-6c10-4fb1-b44a-985b950d210b",
"indicator--560adb24-11d0-42da-8227-985b950d210b",
"indicator--560adb24-388c-47ac-a758-985b950d210b",
"indicator--560adb24-990c-4c66-98a2-985b950d210b",
"indicator--560adb25-0ea0-49f2-a9f2-985b950d210b",
"indicator--560adb25-aa1c-465f-bf22-985b950d210b",
"indicator--560adb25-3e84-496e-a44f-985b950d210b",
"indicator--560adb26-ce48-4a75-900b-985b950d210b",
"indicator--560adb26-fa70-477b-ab44-985b950d210b",
"indicator--560adb26-4970-459f-b244-985b950d210b",
"indicator--560adb27-738c-488a-b93b-985b950d210b",
"indicator--560adb27-ccbc-473d-bdee-985b950d210b",
"indicator--560adb27-20d8-43a5-9125-985b950d210b",
"indicator--560adb28-9f04-4bfd-97d6-985b950d210b",
"indicator--560adb28-89d4-478c-8aba-985b950d210b",
"indicator--560adb28-4ff4-4297-ad3c-985b950d210b",
"indicator--560adb29-8448-4a09-b672-985b950d210b",
"indicator--560adb29-5680-4c27-9b74-985b950d210b",
"indicator--560adb29-c660-4c1f-abe6-985b950d210b",
"indicator--560adb2a-2d88-41b1-8063-985b950d210b",
"indicator--560adb2a-76f4-4f48-987f-985b950d210b",
"indicator--560adb2a-a678-482f-84f1-985b950d210b",
"indicator--560adb2b-14b8-4fcd-9163-985b950d210b",
"indicator--560adb2b-b2dc-4920-94d4-985b950d210b",
"indicator--560adb2c-f4ac-4cd7-bbe2-985b950d210b",
"indicator--560adb2c-b2c0-41c2-a8b2-985b950d210b",
"indicator--560adb2c-20dc-410f-b3d7-985b950d210b",
"indicator--560adb2d-89cc-47a3-afc1-985b950d210b",
"indicator--560adb2d-1f54-48cd-a3ff-985b950d210b",
"indicator--560adb2d-b9bc-4cfe-92e2-985b950d210b",
"indicator--560adb2e-2f74-4d9f-aa9f-985b950d210b",
"indicator--560adb2e-0a6c-4ec1-a15e-985b950d210b",
"indicator--560adb2e-0464-4af3-b1ea-985b950d210b",
"indicator--560adb2f-9a18-47da-b402-985b950d210b",
"indicator--560adb2f-40b4-46d8-9372-985b950d210b",
"indicator--560adb2f-1aac-4c7a-8e7d-985b950d210b",
"indicator--560adb30-a790-414f-8478-985b950d210b",
"indicator--560adb30-5c5c-46b5-a78e-985b950d210b",
"indicator--560adb30-f220-43d7-bb2e-985b950d210b",
"indicator--560adb31-6278-44ff-883b-985b950d210b",
"indicator--560adb31-cb34-4b00-98e8-985b950d210b",
"indicator--560adb31-4980-4ec0-88f0-985b950d210b",
"indicator--560adb32-f148-4784-86bf-985b950d210b",
"indicator--560adb32-a7d4-4cbf-99af-985b950d210b",
"indicator--560adb32-c70c-4965-afb5-985b950d210b",
"indicator--560adb33-5000-4da4-b02a-985b950d210b",
"indicator--560adb33-7a0c-4639-bf3d-985b950d210b",
"indicator--560adb33-f2ec-4a88-991f-985b950d210b",
"indicator--560adb34-929c-4714-bf26-985b950d210b",
"indicator--560adb34-fe64-47f3-8b41-985b950d210b",
"indicator--560adb35-5df4-4edf-8b03-985b950d210b",
"indicator--560adb35-3b38-4963-8936-985b950d210b",
"indicator--560adb5b-2bb8-4b3d-a33c-42ec950d210b",
"indicator--560adb5c-0c40-4c85-a59d-49a9950d210b",
"indicator--560adb5c-1828-452f-88ad-4a87950d210b",
"indicator--560adb5d-b6a4-4be0-95f2-4926950d210b",
"indicator--560adb5d-32d4-454b-9891-484f950d210b",
"indicator--560adb5d-1cd8-4172-95a4-427a950d210b",
"indicator--560adb5e-1c18-4033-bf79-4ba4950d210b",
"indicator--560adb5e-2cf0-4625-98df-44c0950d210b",
"indicator--560adb5e-d36c-4eb8-b3f5-45a5950d210b",
"indicator--560adb5f-cc20-451e-9e72-4204950d210b",
"indicator--560adb5f-04d0-45c0-8bf1-4091950d210b",
"indicator--560adb5f-69ec-4e51-9a23-4b15950d210b",
"indicator--560adb60-be68-4073-b6d7-4723950d210b",
"indicator--560adb60-1a64-4d14-b320-47b3950d210b",
"indicator--560adb60-c078-4f5a-8b93-4df3950d210b",
"indicator--560adb61-a7c4-4797-8274-4f9d950d210b",
"indicator--560adb61-6544-4d38-a61e-4528950d210b",
"indicator--560adb61-f7e0-42da-a137-418a950d210b",
"indicator--560adb62-9ea0-4a68-913f-4074950d210b",
"indicator--560adb62-8240-4533-a0f0-4ece950d210b",
"indicator--560adb63-4134-4ced-9f94-4be4950d210b",
"indicator--560adb63-1600-47d1-bd01-4046950d210b",
"indicator--560adb63-4afc-47d0-b0ee-4b6b950d210b",
"indicator--560adb64-78d4-40fa-946f-49c6950d210b",
"indicator--560adb64-a7f8-49b1-9bb9-4c6c950d210b",
"indicator--560adb64-02e0-4988-b217-449a950d210b",
"indicator--560adb65-87ec-4c51-a61f-4bd8950d210b",
"indicator--560adb65-65f8-4456-92ba-467c950d210b",
"indicator--560adb65-1738-41ea-b72f-4cdf950d210b",
"indicator--560adb66-6914-438c-959f-4d78950d210b",
"indicator--560adb66-135c-4cda-8c8a-4e55950d210b",
"indicator--560adb66-bd70-484d-9ff5-4063950d210b",
"indicator--560adb67-4a34-4ab6-8aac-4fa0950d210b",
"indicator--560adb67-8f24-4279-86f6-462b950d210b",
"indicator--560adb67-082c-4212-bf0f-410f950d210b",
"indicator--560adb68-0eac-45f8-817b-485d950d210b",
"indicator--560adb68-9754-46cc-a239-4528950d210b",
"indicator--560adb68-d9e8-43d3-ba7c-48c5950d210b",
"indicator--560adb69-2284-4ee3-bed1-4ecd950d210b",
"indicator--560adb69-d298-4c6f-a834-4668950d210b",
"indicator--560adb69-1248-49a2-bcff-44c8950d210b",
"indicator--560adb6a-1418-4efa-8226-4406950d210b",
"indicator--560adb6a-a10c-49ac-b7f6-4a0f950d210b",
"indicator--560adb6a-4760-48f4-8dd1-46e4950d210b",
"indicator--560adb6b-c578-4b20-9d8a-43f1950d210b",
"indicator--560adb6b-aaf8-4428-aa1a-45bc950d210b",
"indicator--560adb6c-e7dc-4502-9f5a-40c3950d210b",
"indicator--560adb6c-5660-4048-a8ee-46cd950d210b",
"indicator--560adb6c-b8a4-475f-9be9-4ad6950d210b",
"indicator--560adb6d-c138-497f-a7ed-4830950d210b",
"indicator--560adb6d-e7ec-4afe-a970-4554950d210b",
"indicator--560adb6d-0234-4075-95b5-406b950d210b",
"indicator--560adb6e-3e60-4a39-af54-4d03950d210b",
"indicator--560adb6e-2d80-4d5f-b04a-4800950d210b",
"indicator--560adb6e-a1f8-475a-abc9-427e950d210b",
"indicator--560adb6f-b260-4f33-a841-42f8950d210b",
"indicator--560adb6f-3e48-45a7-a197-46a5950d210b",
"indicator--560adb6f-a6d8-4774-bcb0-491b950d210b",
"indicator--560adb70-5e70-4482-8332-4cdf950d210b",
"indicator--560adb70-985c-418c-bc0e-44dd950d210b",
"indicator--560adb70-e5c4-4be8-9148-4e32950d210b",
"indicator--560adb71-c254-4c0a-b64c-41c3950d210b",
"indicator--560adb71-a3a4-44af-8286-448d950d210b",
"indicator--560adb71-cc78-4ac2-8b9c-4f4c950d210b",
"indicator--560adb72-abd0-48d0-9173-4370950d210b",
"indicator--560adb72-b4e4-401d-9f03-46a2950d210b",
"indicator--560adb73-a490-4d62-b49e-42ec950d210b",
"indicator--560adb73-16cc-44db-99e2-42f3950d210b",
"indicator--560adb73-7a84-4fd6-a3b3-403a950d210b",
"indicator--560adb74-2640-4b6b-bee9-4aee950d210b",
"indicator--560adb74-f320-4a9d-b298-496c950d210b",
"indicator--560adb74-86c4-4696-8084-4798950d210b",
"indicator--560adb75-7bd0-45f3-9a45-45ac950d210b",
"indicator--560adb75-5a04-476b-a59d-4c5e950d210b",
"indicator--560adb75-3fc0-4dbf-bf08-45ca950d210b",
"indicator--560adb76-e68c-4ccc-8c69-4f5d950d210b",
"indicator--560adb76-f980-4533-83cf-45cf950d210b",
"indicator--560adb76-20c4-4286-9402-4bf8950d210b",
"indicator--560adb77-e84c-4ba2-905c-456b950d210b",
"indicator--560adb77-b57c-403a-b381-4bfc950d210b",
"indicator--560adb77-69d0-4417-a8e4-4d8b950d210b",
"indicator--560adb78-a564-43c4-95c0-4416950d210b",
"indicator--560adb78-6af8-4ae5-b7fb-444d950d210b",
"indicator--560adb78-36c4-4df6-b205-4e54950d210b",
"indicator--560adb79-607c-463d-885f-40ae950d210b",
"indicator--560adb79-6e54-49e8-b25c-4288950d210b",
"indicator--560adba0-70b8-41dc-8dbb-4d3b950d210b",
"indicator--560adba1-4308-48b7-9a59-4e8b950d210b",
"indicator--560adba1-5e68-4ea9-aed4-449c950d210b",
"indicator--560adba2-40c4-48f2-80ae-48e5950d210b",
"indicator--560adba2-36a0-4e68-87a9-45f4950d210b",
"indicator--560adba2-e15c-454c-b1cc-4482950d210b",
"indicator--560adba3-6a10-4478-94e3-4600950d210b",
"indicator--560adba3-9fa4-4bbc-a6cf-49c7950d210b",
"indicator--560adba3-027c-4b2e-8151-428c950d210b",
"indicator--560adba4-a9e8-4bef-9041-4ef6950d210b",
"indicator--560adba4-fbc8-4484-ae00-4066950d210b",
"indicator--560adba4-ed14-46a6-9a44-4301950d210b",
"indicator--560adba5-5418-4b7b-815c-4987950d210b",
"indicator--560adba5-d600-42f6-b62e-46e4950d210b",
"indicator--560adba5-f0f4-4f0d-87d5-43bf950d210b",
"indicator--560adba6-8b84-426e-b532-4920950d210b",
"indicator--560adba6-6df0-4165-b53a-4538950d210b",
"indicator--560adba6-6f70-4a1c-9ab1-4710950d210b",
"indicator--560adba7-70c8-45c2-a695-4280950d210b",
"indicator--560adba7-0c94-46e2-8c05-48f7950d210b",
"indicator--560adba8-82b0-4100-a545-4ee5950d210b",
"indicator--560adba8-7fc8-4683-8527-4f68950d210b",
"indicator--560adba8-3cfc-487c-94b0-40ff950d210b",
"indicator--560adba9-3a98-44bb-8ec9-44af950d210b",
"indicator--560adba9-9c64-42db-b0cf-4c4c950d210b",
"indicator--560adba9-d7dc-4e47-a228-4043950d210b",
"indicator--560adbaa-cf44-4f5c-8aae-40a4950d210b",
"indicator--560adbaa-7598-4494-93da-4649950d210b",
"indicator--560adbaa-a570-4d64-beea-4e78950d210b",
"indicator--560adbab-89f4-4703-9761-406c950d210b",
"indicator--560adbab-2f50-4af1-8d78-4c3b950d210b",
"indicator--560adbab-367c-4767-aa58-43f6950d210b",
"indicator--560adbac-ed78-4b15-a0a8-4e9e950d210b",
"indicator--560adbac-c2e8-4347-9072-4440950d210b",
"indicator--560adbac-4db0-4ca1-aaf1-44fe950d210b",
"indicator--560adbad-62ec-40e7-bc18-497c950d210b",
"indicator--560adbad-8a10-4afb-89cd-4ac5950d210b",
"indicator--560adbad-979c-4a4a-a77d-479b950d210b",
"indicator--560adbae-da84-4dec-8490-45c0950d210b",
"indicator--560adbae-b510-474e-9899-41a4950d210b",
"indicator--560adbaf-40dc-4f9c-807b-4e74950d210b",
"indicator--560adbaf-ae04-4c46-af45-4596950d210b",
"indicator--560adbaf-09e4-4725-a4f8-4b56950d210b",
"indicator--560adbb0-3534-4c85-8c64-47d8950d210b",
"indicator--560adbb0-e8f0-4bdc-ada4-4c5a950d210b",
"indicator--560adbb0-baa4-40b3-8274-404f950d210b",
"indicator--560adbb1-6150-4848-bae9-42e4950d210b",
"indicator--560adbb1-29bc-4247-af02-4f9f950d210b",
"indicator--560adbb1-4664-47bf-bebe-4287950d210b",
"indicator--560adbb2-1fd8-44ae-b381-4e69950d210b",
"indicator--560adbb2-1df0-45b0-84e5-4092950d210b",
"indicator--560adbb2-9828-4609-b1b8-4ca4950d210b",
"indicator--560adbb3-1248-4ccc-aaaf-46a5950d210b",
"indicator--560adbb3-5c24-4de1-937c-466b950d210b",
"indicator--560adbb3-89ac-469d-b1b8-4d91950d210b",
"indicator--560adbb4-3c28-486d-ba2c-4751950d210b",
"indicator--560adbb4-a770-49c0-ab85-45b1950d210b",
"indicator--560adbb4-2070-4303-ada0-4cb9950d210b",
"indicator--560adbb5-5bb0-43ec-8279-47c1950d210b",
"indicator--560adbb5-f8cc-4f77-9fb8-4699950d210b",
"indicator--560adbb6-7a24-4190-ac67-4959950d210b",
"indicator--560adbb6-a7a8-4d3c-87ef-4d73950d210b",
"indicator--560adbb6-74e4-4189-8787-4774950d210b",
"indicator--560adbb7-89b8-4f42-9686-49fe950d210b",
"indicator--560adbb7-31f8-4ad5-95a0-4bed950d210b",
"indicator--560adbb7-3598-40a5-9748-4d8b950d210b",
"indicator--560adbb8-2ff0-4641-b57e-445a950d210b",
"indicator--560adbb8-19f8-422f-a73f-46e6950d210b",
"indicator--560adbb8-be68-4c53-9a8d-4c82950d210b",
"indicator--560adbb9-a250-45d6-93f7-4ffc950d210b",
"indicator--560adbb9-d5e4-49e2-b9fe-48ad950d210b",
"indicator--560adbb9-5fac-4a2a-967f-4ca7950d210b",
"indicator--560adbba-278c-40ff-ba50-415e950d210b",
"indicator--560adbba-f0fc-4941-be41-486b950d210b",
"indicator--560adbba-5a1c-4502-a78e-4813950d210b",
"indicator--560adbbb-67f4-4a38-a729-42fc950d210b",
"indicator--560adbfc-9dac-4729-865e-43fa950d210b",
"indicator--560adbfe-38dc-40a0-8a93-491b950d210b",
"indicator--560adbff-4014-4cfc-8c91-489b950d210b",
"indicator--560adbff-2df8-4e82-a653-46aa950d210b",
"indicator--560adc07-67c8-4f57-9470-42af950d210b",
"indicator--560b7f04-09b4-405d-9335-ecee950d210b",
"indicator--560b7f04-89fc-4cc7-bcd4-ecee950d210b",
"observed-data--560b7f04-b2f0-40b2-88d1-ecee950d210b",
"url--560b7f04-b2f0-40b2-88d1-ecee950d210b",
"indicator--560b7f05-e170-43bf-9b6b-ecee950d210b",
"indicator--560b7f05-2f50-492a-9367-ecee950d210b",
"observed-data--560b7f05-3c48-4464-a4fa-ecee950d210b",
"url--560b7f05-3c48-4464-a4fa-ecee950d210b",
"indicator--560b7f06-b90c-4a74-a7a4-ecee950d210b",
"indicator--560b7f06-6aa4-42f2-b267-ecee950d210b",
"observed-data--560b7f06-c9a4-4d10-a819-ecee950d210b",
"url--560b7f06-c9a4-4d10-a819-ecee950d210b",
"indicator--560b7f07-a600-46af-83bf-ecee950d210b",
"indicator--560b7f07-92dc-4d4f-a8e3-ecee950d210b",
"observed-data--560b7f08-b4b0-45c8-9d1a-ecee950d210b",
"url--560b7f08-b4b0-45c8-9d1a-ecee950d210b",
"indicator--560b7f08-679c-4e12-b6b3-ecee950d210b",
"indicator--560b7f08-dafc-47ea-9605-ecee950d210b",
"observed-data--560b7f09-d194-4761-bd05-ecee950d210b",
"url--560b7f09-d194-4761-bd05-ecee950d210b",
"indicator--560b7f09-e558-4d2d-a97f-ecee950d210b",
"indicator--560b7f09-d1a0-4bf0-b404-ecee950d210b",
"observed-data--560b7f0a-684c-43cd-95b3-ecee950d210b",
"url--560b7f0a-684c-43cd-95b3-ecee950d210b",
"indicator--560b7f0a-ce98-48f8-b35f-ecee950d210b",
"indicator--560b7f0a-96c0-461a-abfc-ecee950d210b",
"observed-data--560b7f0b-caa8-40dc-be28-ecee950d210b",
"url--560b7f0b-caa8-40dc-be28-ecee950d210b",
"indicator--560b7f0b-ee64-46d9-a877-ecee950d210b",
"indicator--560b7f0b-4234-4031-b970-ecee950d210b",
"observed-data--560b7f0c-d048-44c9-a65a-ecee950d210b",
"url--560b7f0c-d048-44c9-a65a-ecee950d210b",
"indicator--560b7f0c-1b08-47ce-b39d-ecee950d210b",
"indicator--560b7f0c-39a4-4c86-bb3b-ecee950d210b",
"observed-data--560b7f0d-bfd8-4eac-a848-ecee950d210b",
"url--560b7f0d-bfd8-4eac-a848-ecee950d210b",
"indicator--560b7f0d-e704-4535-8a81-ecee950d210b",
"indicator--560b7f0d-66d0-4918-96a7-ecee950d210b",
"observed-data--560b7f0e-07e4-4f85-8d52-ecee950d210b",
"url--560b7f0e-07e4-4f85-8d52-ecee950d210b",
"indicator--560b7f0e-f154-4574-b882-ecee950d210b",
"indicator--560b7f0e-d5f8-48cd-9bbf-ecee950d210b",
"observed-data--560b7f0f-0730-49b4-8088-ecee950d210b",
"url--560b7f0f-0730-49b4-8088-ecee950d210b",
"indicator--560b7f0f-970c-4be3-b4ae-ecee950d210b",
"indicator--560b7f0f-cd54-4336-b1eb-ecee950d210b",
"observed-data--560b7f10-8d3c-4136-ae74-ecee950d210b",
"url--560b7f10-8d3c-4136-ae74-ecee950d210b",
"indicator--560b7f10-58a0-48dc-ba72-ecee950d210b",
"indicator--560b7f11-5368-43d5-af0d-ecee950d210b",
"observed-data--560b7f11-7d6c-4d6e-be9e-ecee950d210b",
"url--560b7f11-7d6c-4d6e-be9e-ecee950d210b",
"indicator--560b7f11-da70-4693-ada4-ecee950d210b",
"indicator--560b7f12-a20c-4338-8cdb-ecee950d210b",
"observed-data--560b7f12-a4fc-4ed8-9f40-ecee950d210b",
"url--560b7f12-a4fc-4ed8-9f40-ecee950d210b",
"indicator--560b7f12-f66c-4107-8dd5-ecee950d210b",
"indicator--560b7f13-0770-42ba-9a80-ecee950d210b",
"observed-data--560b7f13-b4d0-4561-ac9d-ecee950d210b",
"url--560b7f13-b4d0-4561-ac9d-ecee950d210b",
"indicator--560b7f13-90ec-4f2b-8344-ecee950d210b",
"indicator--560b7f14-84d0-4c6e-83bd-ecee950d210b",
"observed-data--560b7f14-0de4-478e-afb8-ecee950d210b",
"url--560b7f14-0de4-478e-afb8-ecee950d210b",
"indicator--560b7f14-3aac-4f5e-b9b8-ecee950d210b",
"indicator--560b7f15-5e88-4754-a4d3-ecee950d210b",
"observed-data--560b7f15-8ba4-495d-9a89-ecee950d210b",
"url--560b7f15-8ba4-495d-9a89-ecee950d210b",
"indicator--560b7f15-5984-400b-a4fd-ecee950d210b",
"indicator--560b7f16-5500-456d-a558-ecee950d210b",
"observed-data--560b7f16-8990-4f67-9bfb-ecee950d210b",
"url--560b7f16-8990-4f67-9bfb-ecee950d210b",
"indicator--560b7f16-5b98-49ea-97ca-ecee950d210b",
"indicator--560b7f17-b4c4-446f-ade4-ecee950d210b",
"observed-data--560b7f17-dba8-4f0a-9851-ecee950d210b",
"url--560b7f17-dba8-4f0a-9851-ecee950d210b",
"indicator--560b7f17-42b0-4442-861a-ecee950d210b",
"indicator--560b7f18-332c-4e04-bcf5-ecee950d210b",
"observed-data--560b7f18-bf7c-4e45-9a03-ecee950d210b",
"url--560b7f18-bf7c-4e45-9a03-ecee950d210b",
"indicator--560b7f19-c1d8-47ae-8816-ecee950d210b",
"indicator--560b7f19-cefc-4bb1-b26c-ecee950d210b",
"observed-data--560b7f19-ef6c-4069-a9e2-ecee950d210b",
"url--560b7f19-ef6c-4069-a9e2-ecee950d210b",
"indicator--560b7f1a-346c-4f37-87d6-ecee950d210b",
"indicator--560b7f1a-3044-4df8-b823-ecee950d210b",
"observed-data--560b7f1a-4470-4251-859b-ecee950d210b",
"url--560b7f1a-4470-4251-859b-ecee950d210b",
"indicator--560b7f1b-b520-44ce-87d6-ecee950d210b",
"indicator--560b7f1b-eea8-486b-bb96-ecee950d210b",
"observed-data--560b7f1b-bf5c-4b88-a02a-ecee950d210b",
"url--560b7f1b-bf5c-4b88-a02a-ecee950d210b",
"indicator--560b7f1c-5798-4209-9aab-ecee950d210b",
"indicator--560b7f1c-8564-47b9-b417-ecee950d210b",
"observed-data--560b7f1c-d48c-476a-a48e-ecee950d210b",
"url--560b7f1c-d48c-476a-a48e-ecee950d210b",
"indicator--560b7f1d-ba60-4861-8f3b-ecee950d210b",
"indicator--560b7f1d-7714-4708-9e7d-ecee950d210b",
"observed-data--560b7f1d-7aac-4386-b3ce-ecee950d210b",
"url--560b7f1d-7aac-4386-b3ce-ecee950d210b",
"indicator--560b7f1e-c1b0-406d-8a06-ecee950d210b",
"indicator--560b7f1e-c92c-46d0-8075-ecee950d210b",
"observed-data--560b7f1e-be04-4d0d-863f-ecee950d210b",
"url--560b7f1e-be04-4d0d-863f-ecee950d210b",
"indicator--560b7f1f-963c-46d6-8e2c-ecee950d210b",
"indicator--560b7f1f-6754-44d9-b616-ecee950d210b",
"observed-data--560b7f1f-6230-435a-a4a1-ecee950d210b",
"url--560b7f1f-6230-435a-a4a1-ecee950d210b",
"indicator--560b7f20-27a4-490c-9e3d-ecee950d210b",
"indicator--560b7f20-cf30-4acc-9a42-ecee950d210b",
"observed-data--560b7f20-5590-4b11-99d0-ecee950d210b",
"url--560b7f20-5590-4b11-99d0-ecee950d210b",
"indicator--560b7f21-e88c-491f-8627-ecee950d210b",
"indicator--560b7f21-a374-4286-a274-ecee950d210b",
"observed-data--560b7f21-8140-4bec-add0-ecee950d210b",
"url--560b7f21-8140-4bec-add0-ecee950d210b",
"indicator--560b7f22-b66c-4d12-bcd8-ecee950d210b",
"indicator--560b7f22-3628-474d-9923-ecee950d210b",
"observed-data--560b7f23-7ab8-48ee-855f-ecee950d210b",
"url--560b7f23-7ab8-48ee-855f-ecee950d210b",
"indicator--560b7f23-2bd4-4de7-9622-ecee950d210b",
"indicator--560b7f23-5e24-4e01-833f-ecee950d210b",
"observed-data--560b7f24-11f8-48b9-a21d-ecee950d210b",
"url--560b7f24-11f8-48b9-a21d-ecee950d210b",
"indicator--560b7f24-c7d0-4bfb-8057-ecee950d210b",
"indicator--560b7f24-f904-4dbb-b064-ecee950d210b",
"observed-data--560b7f25-1658-4f44-ad99-ecee950d210b",
"url--560b7f25-1658-4f44-ad99-ecee950d210b",
"indicator--560b7f25-77d4-4e6e-b6c7-ecee950d210b",
"indicator--560b7f25-75f8-4cfa-a303-ecee950d210b",
"observed-data--560b7f26-7498-4e44-b1f0-ecee950d210b",
"url--560b7f26-7498-4e44-b1f0-ecee950d210b",
"indicator--560b7f26-10a0-41c7-8aa6-ecee950d210b",
"indicator--560b7f26-0b30-4507-afb8-ecee950d210b",
"observed-data--560b7f27-04a8-44b1-92fe-ecee950d210b",
"url--560b7f27-04a8-44b1-92fe-ecee950d210b",
"indicator--560b7f27-f570-4481-8bda-ecee950d210b",
"indicator--560b7f27-53f0-4378-b259-ecee950d210b",
"observed-data--560b7f28-5bf8-4fc1-b806-ecee950d210b",
"url--560b7f28-5bf8-4fc1-b806-ecee950d210b",
"indicator--560b7f28-e4b4-4488-a3e0-ecee950d210b",
"indicator--560b7f28-fc24-4779-84b8-ecee950d210b",
"observed-data--560b7f29-232c-47c1-bd4e-ecee950d210b",
"url--560b7f29-232c-47c1-bd4e-ecee950d210b",
"indicator--560b7f29-0980-4da4-afb2-ecee950d210b",
"indicator--560b7f29-0bb8-4427-a6c6-ecee950d210b",
"observed-data--560b7f2a-73cc-40cb-9fba-ecee950d210b",
"url--560b7f2a-73cc-40cb-9fba-ecee950d210b",
"indicator--560b7f2a-d608-45ed-89a0-ecee950d210b",
"indicator--560b7f2a-31b0-42b7-9cda-ecee950d210b",
"observed-data--560b7f2b-1ebc-459e-a33e-ecee950d210b",
"url--560b7f2b-1ebc-459e-a33e-ecee950d210b",
"indicator--560b7f2b-7494-4fe9-b9cb-ecee950d210b",
"indicator--560b7f2c-f278-4a9b-8e69-ecee950d210b",
"observed-data--560b7f2c-34e0-4331-9632-ecee950d210b",
"url--560b7f2c-34e0-4331-9632-ecee950d210b",
"indicator--560b7f2c-7a30-41c6-a716-ecee950d210b",
"indicator--560b7f2d-8b3c-4bd4-8829-ecee950d210b",
"observed-data--560b7f2d-9a68-45aa-8df1-ecee950d210b",
"url--560b7f2d-9a68-45aa-8df1-ecee950d210b",
"indicator--560b7f2d-3bf0-436f-aede-ecee950d210b",
"indicator--560b7f2e-4348-421d-b54f-ecee950d210b",
"observed-data--560b7f2e-9f5c-415f-ba49-ecee950d210b",
"url--560b7f2e-9f5c-415f-ba49-ecee950d210b",
"indicator--560b7f2e-3264-42af-8ea8-ecee950d210b",
"indicator--560b7f2f-2d6c-4b68-875c-ecee950d210b",
"observed-data--560b7f2f-3008-4716-b5c5-ecee950d210b",
"url--560b7f2f-3008-4716-b5c5-ecee950d210b",
"indicator--560b7f2f-8e80-4468-8048-ecee950d210b",
"indicator--560b7f30-228c-42b1-b9da-ecee950d210b",
"observed-data--560b7f30-0724-4390-ba24-ecee950d210b",
"url--560b7f30-0724-4390-ba24-ecee950d210b",
"indicator--560b7f30-e0f8-4b13-9fee-ecee950d210b",
"indicator--560b7f31-ee84-49eb-852b-ecee950d210b",
"observed-data--560b7f31-b7a8-45d6-bc35-ecee950d210b",
"url--560b7f31-b7a8-45d6-bc35-ecee950d210b",
"indicator--560b7f31-da28-4282-934f-ecee950d210b",
"indicator--560b7f32-4898-41e5-9f8f-ecee950d210b",
"observed-data--560b7f32-0b34-4816-90ed-ecee950d210b",
"url--560b7f32-0b34-4816-90ed-ecee950d210b",
"indicator--560b7f33-431c-4a5a-a6d4-ecee950d210b",
"indicator--560b7f33-48d8-4faa-b6ec-ecee950d210b",
"observed-data--560b7f33-6414-4f7c-999c-ecee950d210b",
"url--560b7f33-6414-4f7c-999c-ecee950d210b",
"indicator--560b7f34-e2b0-48d3-80e7-ecee950d210b",
"indicator--560b7f34-c81c-4349-902f-ecee950d210b",
"observed-data--560b7f34-cdd0-4ec8-9f2b-ecee950d210b",
"url--560b7f34-cdd0-4ec8-9f2b-ecee950d210b",
"indicator--560b7f35-4ca0-40f3-bd34-ecee950d210b",
"indicator--560b7f35-e70c-4276-a925-ecee950d210b",
"observed-data--560b7f35-105c-4530-91a9-ecee950d210b",
"url--560b7f35-105c-4530-91a9-ecee950d210b",
"indicator--560b7f36-c434-4632-9b7c-ecee950d210b",
"indicator--560b7f36-da30-410a-9e2f-ecee950d210b",
"observed-data--560b7f36-ce8c-4039-99eb-ecee950d210b",
"url--560b7f36-ce8c-4039-99eb-ecee950d210b",
"indicator--560b7f37-6218-44ea-8c03-ecee950d210b",
"indicator--560b7f37-6340-4c90-a444-ecee950d210b",
"observed-data--560b7f37-0e84-4ab0-9b7b-ecee950d210b",
"url--560b7f37-0e84-4ab0-9b7b-ecee950d210b",
"indicator--560b7f38-a238-4b90-bbf6-ecee950d210b",
"indicator--560b7f38-8828-4fc2-b9a1-ecee950d210b",
"observed-data--560b7f38-d764-4a09-add5-ecee950d210b",
"url--560b7f38-d764-4a09-add5-ecee950d210b",
"indicator--560b7f39-7180-4bf0-9e17-ecee950d210b",
"indicator--560b7f39-7974-4125-be0f-ecee950d210b",
"observed-data--560b7f39-b884-4bb7-9314-ecee950d210b",
"url--560b7f39-b884-4bb7-9314-ecee950d210b",
"indicator--560b7f3a-f92c-42ec-be01-ecee950d210b",
"indicator--560b7f3a-ed2c-418c-972d-ecee950d210b",
"observed-data--560b7f3a-ee90-4cfe-aeae-ecee950d210b",
"url--560b7f3a-ee90-4cfe-aeae-ecee950d210b",
"indicator--560b7f3b-d638-4743-9008-ecee950d210b",
"indicator--560b7f3b-e52c-479f-80f3-ecee950d210b",
"observed-data--560b7f3c-b2e4-4e4f-b669-ecee950d210b",
"url--560b7f3c-b2e4-4e4f-b669-ecee950d210b",
"indicator--560b7f3c-8794-44d9-8a4b-ecee950d210b",
"indicator--560b7f3c-6d98-4eb0-8547-ecee950d210b",
"observed-data--560b7f3d-0be8-4917-b496-ecee950d210b",
"url--560b7f3d-0be8-4917-b496-ecee950d210b",
"indicator--560b7f3d-07a0-449f-a146-ecee950d210b",
"indicator--560b7f3d-4a70-428f-91f3-ecee950d210b",
"observed-data--560b7f3e-e358-4b68-8bba-ecee950d210b",
"url--560b7f3e-e358-4b68-8bba-ecee950d210b",
"indicator--560b7f3e-df58-4508-b33e-ecee950d210b",
"indicator--560b7f3e-e590-4496-88e9-ecee950d210b",
"observed-data--560b7f3f-43d0-4799-8ec9-ecee950d210b",
"url--560b7f3f-43d0-4799-8ec9-ecee950d210b",
"indicator--560b7f3f-9f5c-4779-813e-ecee950d210b",
"indicator--560b7f3f-f330-4f07-b2ee-ecee950d210b",
"observed-data--560b7f40-6ad4-4e7c-8ab2-ecee950d210b",
"url--560b7f40-6ad4-4e7c-8ab2-ecee950d210b",
"indicator--560b7f40-4e48-4316-a323-ecee950d210b",
"indicator--560b7f40-9a1c-435e-b1b0-ecee950d210b",
"observed-data--560b7f41-202c-4ba1-b11b-ecee950d210b",
"url--560b7f41-202c-4ba1-b11b-ecee950d210b",
"indicator--560b7f41-2358-4609-a5b4-ecee950d210b",
"indicator--560b7f41-7f2c-4005-9bb2-ecee950d210b",
"observed-data--560b7f42-f49c-4980-a8dc-ecee950d210b",
"url--560b7f42-f49c-4980-a8dc-ecee950d210b",
"indicator--560b7f42-6c28-4074-b92c-ecee950d210b",
"indicator--560b7f42-f85c-4357-843a-ecee950d210b",
"observed-data--560b7f43-b45c-4082-a0ea-ecee950d210b",
"url--560b7f43-b45c-4082-a0ea-ecee950d210b",
"indicator--560b7f43-ed44-42d6-bf9c-ecee950d210b",
"indicator--560b7f43-0e04-4669-b1f6-ecee950d210b",
"observed-data--560b7f44-91e8-4d44-9b2f-ecee950d210b",
"url--560b7f44-91e8-4d44-9b2f-ecee950d210b",
"indicator--560b7f44-3668-47da-b512-ecee950d210b",
"indicator--560b7f45-05c8-4f45-a96f-ecee950d210b",
"observed-data--560b7f45-e9b0-40ab-b330-ecee950d210b",
"url--560b7f45-e9b0-40ab-b330-ecee950d210b",
"indicator--560b7f45-ae14-4645-8a6c-ecee950d210b",
"indicator--560b7f46-cbbc-477c-a8d4-ecee950d210b",
"observed-data--560b7f46-ba7c-4cb8-a33e-ecee950d210b",
"url--560b7f46-ba7c-4cb8-a33e-ecee950d210b",
"indicator--560b7f46-bf54-41bd-8039-ecee950d210b",
"indicator--560b7f47-20fc-4e8a-a333-ecee950d210b",
"observed-data--560b7f47-ce64-47a9-a28d-ecee950d210b",
"url--560b7f47-ce64-47a9-a28d-ecee950d210b",
"indicator--560b7f47-5228-41cb-8b07-ecee950d210b",
"indicator--560b7f48-3e20-4107-b260-ecee950d210b",
"observed-data--560b7f48-376c-456f-9a79-ecee950d210b",
"url--560b7f48-376c-456f-9a79-ecee950d210b",
"indicator--560b7f48-28d8-47f2-813e-ecee950d210b",
"indicator--560b7f49-8b24-45b0-84b3-ecee950d210b",
"observed-data--560b7f49-c958-413c-b7b4-ecee950d210b",
"url--560b7f49-c958-413c-b7b4-ecee950d210b",
"indicator--560b7f49-0174-487c-8019-ecee950d210b",
"indicator--560b7f4a-1c68-4d19-bbd3-ecee950d210b",
"observed-data--560b7f4a-084c-489c-be89-ecee950d210b",
"url--560b7f4a-084c-489c-be89-ecee950d210b",
"indicator--560b7f4a-9dc4-45d8-945b-ecee950d210b",
"indicator--560b7f4b-c0ac-450e-be22-ecee950d210b",
"observed-data--560b7f4b-7644-4bd8-9330-ecee950d210b",
"url--560b7f4b-7644-4bd8-9330-ecee950d210b",
"indicator--560b7f4b-8a20-447d-a08a-ecee950d210b",
"indicator--560b7f4c-d8a4-4bc4-af68-ecee950d210b",
"observed-data--560b7f4c-751c-412e-9991-ecee950d210b",
"url--560b7f4c-751c-412e-9991-ecee950d210b",
"indicator--560b7f4c-9688-49f9-9899-ecee950d210b",
"indicator--560b7f4d-5df4-4903-b724-ecee950d210b",
"observed-data--560b7f4d-eaf0-48ad-940a-ecee950d210b",
"url--560b7f4d-eaf0-48ad-940a-ecee950d210b",
"indicator--560b7f4e-2314-48a6-a771-ecee950d210b",
"indicator--560b7f4e-feac-4c7e-b3b2-ecee950d210b",
"observed-data--560b7f4e-60e0-4b5f-98f1-ecee950d210b",
"url--560b7f4e-60e0-4b5f-98f1-ecee950d210b",
"indicator--560b7f4f-789c-49ec-8e55-ecee950d210b",
"indicator--560b7f4f-4998-4623-b088-ecee950d210b",
"observed-data--560b7f4f-e678-4831-a812-ecee950d210b",
"url--560b7f4f-e678-4831-a812-ecee950d210b",
"indicator--560b7f50-3f34-44a7-b20d-ecee950d210b",
"indicator--560b7f50-caf8-44a5-b85e-ecee950d210b",
"observed-data--560b7f50-9f54-4fc6-83ea-ecee950d210b",
"url--560b7f50-9f54-4fc6-83ea-ecee950d210b",
"indicator--560b7f51-8fdc-4737-ac1e-ecee950d210b",
"indicator--560b7f51-9344-4b12-be31-ecee950d210b",
"observed-data--560b7f51-564c-4d2e-a8cd-ecee950d210b",
"url--560b7f51-564c-4d2e-a8cd-ecee950d210b",
"indicator--560b7f52-0768-4ca0-8da2-ecee950d210b",
"indicator--560b7f52-ad24-461a-88bd-ecee950d210b",
"observed-data--560b7f52-d4d0-4736-886e-ecee950d210b",
"url--560b7f52-d4d0-4736-886e-ecee950d210b",
"indicator--560b7f53-9544-4f7d-bbb3-ecee950d210b",
"indicator--560b7f53-c100-4116-a546-ecee950d210b",
"observed-data--560b7f53-e038-4fb3-8a8f-ecee950d210b",
"url--560b7f53-e038-4fb3-8a8f-ecee950d210b",
"indicator--560b7f54-8c88-4202-84b5-ecee950d210b",
"indicator--560b7f54-5e8c-4bc0-8ba7-ecee950d210b",
"observed-data--560b7f54-53a4-488f-9849-ecee950d210b",
"url--560b7f54-53a4-488f-9849-ecee950d210b",
"indicator--560b7f55-3854-47b5-b64a-ecee950d210b",
"indicator--560b7f55-5d78-468a-9082-ecee950d210b",
"observed-data--560b7f56-6994-4235-a832-ecee950d210b",
"url--560b7f56-6994-4235-a832-ecee950d210b",
"indicator--560b7f56-c3d0-4f29-a0ed-ecee950d210b",
"indicator--560b7f56-75f8-4754-995c-ecee950d210b",
"observed-data--560b7f57-e4a0-466c-9e18-ecee950d210b",
"url--560b7f57-e4a0-466c-9e18-ecee950d210b",
"indicator--560b7f57-3d2c-4396-ab6d-ecee950d210b",
"indicator--560b7f57-8eb0-40a1-8578-ecee950d210b",
"observed-data--560b7f58-53c4-43ce-8048-ecee950d210b",
"url--560b7f58-53c4-43ce-8048-ecee950d210b",
"indicator--560b7f58-cca8-4566-bd44-ecee950d210b",
"indicator--560b7f58-0054-49c2-9bea-ecee950d210b",
"observed-data--560b7f59-fb94-4e50-a43b-ecee950d210b",
"url--560b7f59-fb94-4e50-a43b-ecee950d210b",
"indicator--560b7f59-9428-476b-aa4f-ecee950d210b",
"indicator--560b7f59-7a68-4dec-93df-ecee950d210b",
"observed-data--560b7f5a-7b84-444e-b617-ecee950d210b",
"url--560b7f5a-7b84-444e-b617-ecee950d210b",
"indicator--560b7f5a-5f0c-48cb-930c-ecee950d210b",
"indicator--560b7f5a-1804-47a9-a1e0-ecee950d210b",
"observed-data--560b7f5b-a7d0-4c3d-ac3a-ecee950d210b",
"url--560b7f5b-a7d0-4c3d-ac3a-ecee950d210b",
"indicator--560b7f5b-b62c-480c-803e-ecee950d210b",
"indicator--560b7f5b-dc60-4a3c-8edc-ecee950d210b",
"observed-data--560b7f5c-9b64-4dc3-b61b-ecee950d210b",
"url--560b7f5c-9b64-4dc3-b61b-ecee950d210b",
"indicator--560b7f5c-0678-4a9f-afa3-ecee950d210b",
"indicator--560b7f5c-70d4-4325-874c-ecee950d210b",
"observed-data--560b7f5d-c970-415e-baa9-ecee950d210b",
"url--560b7f5d-c970-415e-baa9-ecee950d210b",
"indicator--560b7f5d-e128-4a49-bcd6-ecee950d210b",
"indicator--560b7f5d-4c60-4cf0-aa72-ecee950d210b",
"observed-data--560b7f5e-48f0-4d27-8d45-ecee950d210b",
"url--560b7f5e-48f0-4d27-8d45-ecee950d210b",
"indicator--560b7f5e-24a0-4531-83a3-ecee950d210b",
"indicator--560b7f5f-2434-403d-a22f-ecee950d210b",
"observed-data--560b7f5f-2664-4bd1-aad1-ecee950d210b",
"url--560b7f5f-2664-4bd1-aad1-ecee950d210b",
"indicator--560b7f5f-a214-4444-932b-ecee950d210b",
"indicator--560b7f60-37d4-460c-948a-ecee950d210b",
"observed-data--560b7f60-36c8-4153-8303-ecee950d210b",
"url--560b7f60-36c8-4153-8303-ecee950d210b",
"indicator--560b7f60-8e38-4cf0-b854-ecee950d210b",
"indicator--560b7f61-a604-46f4-a5ae-ecee950d210b",
"observed-data--560b7f61-7208-4d79-9d40-ecee950d210b",
"url--560b7f61-7208-4d79-9d40-ecee950d210b",
"indicator--560b7f61-26b8-4802-a843-ecee950d210b",
"indicator--560b7f62-b290-4edc-b275-ecee950d210b",
"observed-data--560b7f62-b790-4902-bdc8-ecee950d210b",
"url--560b7f62-b790-4902-bdc8-ecee950d210b",
"indicator--560b7f62-34c0-4a94-a5d5-ecee950d210b",
"indicator--560b7f63-1f24-4531-b94e-ecee950d210b",
"observed-data--560b7f63-02ac-403e-b215-ecee950d210b",
"url--560b7f63-02ac-403e-b215-ecee950d210b",
"indicator--560b7f63-f3b4-4b32-82ce-ecee950d210b",
"indicator--560b7f64-e968-4f98-8116-ecee950d210b",
"observed-data--560b7f64-2a94-491d-8fcb-ecee950d210b",
"url--560b7f64-2a94-491d-8fcb-ecee950d210b",
"indicator--560b7f64-6a60-4677-ae01-ecee950d210b",
"indicator--560b7f65-49f4-42b6-a2b8-ecee950d210b",
"observed-data--560b7f65-fb1c-4665-b6c6-ecee950d210b",
"url--560b7f65-fb1c-4665-b6c6-ecee950d210b",
"indicator--560b7f65-0a2c-462e-b45a-ecee950d210b",
"indicator--560b7f66-b8a4-44f5-b78b-ecee950d210b",
"observed-data--560b7f66-b300-40a1-914b-ecee950d210b",
"url--560b7f66-b300-40a1-914b-ecee950d210b",
"indicator--560b7f67-b664-4d0c-b13f-ecee950d210b",
"indicator--560b7f67-cb7c-4452-9dbb-ecee950d210b",
"observed-data--560b7f67-41ac-438b-9f40-ecee950d210b",
"url--560b7f67-41ac-438b-9f40-ecee950d210b",
"indicator--560b7f68-2a80-4e59-83df-ecee950d210b",
"indicator--560b7f68-3e64-4b55-b78e-ecee950d210b",
"observed-data--560b7f68-0b54-4d05-b8ef-ecee950d210b",
"url--560b7f68-0b54-4d05-b8ef-ecee950d210b",
"indicator--560b7f69-f3a0-41c1-90bc-ecee950d210b",
"indicator--560b7f69-8764-453b-aacc-ecee950d210b",
"observed-data--560b7f69-52c4-4c12-87f9-ecee950d210b",
"url--560b7f69-52c4-4c12-87f9-ecee950d210b",
"indicator--560b7f6a-b7ac-41a5-8ad0-ecee950d210b",
"indicator--560b7f6a-8a78-4529-81e1-ecee950d210b",
"observed-data--560b7f6a-9300-4c8d-b3ba-ecee950d210b",
"url--560b7f6a-9300-4c8d-b3ba-ecee950d210b",
"indicator--560b7f6b-c510-4750-a916-ecee950d210b",
"indicator--560b7f6b-8e04-4c48-bd98-ecee950d210b",
"observed-data--560b7f6b-7754-4be4-9715-ecee950d210b",
"url--560b7f6b-7754-4be4-9715-ecee950d210b",
"indicator--560b7f6c-b738-48f9-bb72-ecee950d210b",
"indicator--560b7f6c-1b8c-49c8-ada3-ecee950d210b",
"observed-data--560b7f6c-15a4-4260-a827-ecee950d210b",
"url--560b7f6c-15a4-4260-a827-ecee950d210b",
"indicator--560b7f6d-2dac-4c0d-95fb-ecee950d210b",
"indicator--560b7f6d-d01c-4ee4-b4d8-ecee950d210b",
"observed-data--560b7f6d-b72c-490c-8be8-ecee950d210b",
"url--560b7f6d-b72c-490c-8be8-ecee950d210b",
"indicator--560b7f6e-4678-4a2a-894e-ecee950d210b",
"indicator--560b7f6e-5c50-422a-99ce-ecee950d210b",
"observed-data--560b7f6f-76bc-40bc-90bc-ecee950d210b",
"url--560b7f6f-76bc-40bc-90bc-ecee950d210b",
"indicator--560b7f6f-0098-4002-b350-ecee950d210b",
"indicator--560b7f6f-0f14-4cdc-996d-ecee950d210b",
"observed-data--560b7f70-3a58-4350-967a-ecee950d210b",
"url--560b7f70-3a58-4350-967a-ecee950d210b",
"indicator--560b7f70-271c-4c6e-bb05-ecee950d210b",
"indicator--560b7f70-88a4-444e-9caa-ecee950d210b",
"observed-data--560b7f71-ffa4-4806-9536-ecee950d210b",
"url--560b7f71-ffa4-4806-9536-ecee950d210b",
"indicator--560b7f71-110c-44d8-becb-ecee950d210b",
"indicator--560b7f71-a878-4ff9-bc21-ecee950d210b",
"observed-data--560b7f72-febc-4a90-80bc-ecee950d210b",
"url--560b7f72-febc-4a90-80bc-ecee950d210b",
"indicator--560b7f72-c7d8-4291-bcb8-ecee950d210b",
"indicator--560b7f72-57d8-4fe1-ba69-ecee950d210b",
"observed-data--560b7f73-9b9c-41f9-9f28-ecee950d210b",
"url--560b7f73-9b9c-41f9-9f28-ecee950d210b",
"indicator--560b7f73-df10-471f-a868-ecee950d210b",
"indicator--560b7f73-ef9c-4c9d-8d35-ecee950d210b",
"observed-data--560b7f74-91a8-4d06-b342-ecee950d210b",
"url--560b7f74-91a8-4d06-b342-ecee950d210b",
"indicator--560b7f74-0eb4-4365-9aa9-ecee950d210b",
"indicator--560b7f74-3a2c-4455-9d9c-ecee950d210b",
"observed-data--560b7f75-7264-45d4-ab4a-ecee950d210b",
"url--560b7f75-7264-45d4-ab4a-ecee950d210b",
"indicator--560b7f75-6f80-4a13-9fe9-ecee950d210b",
"indicator--560b7f75-fd2c-4de3-a435-ecee950d210b",
"observed-data--560b7f76-33f4-4132-a4b5-ecee950d210b",
"url--560b7f76-33f4-4132-a4b5-ecee950d210b",
"indicator--560b7f76-0f50-4033-a71e-ecee950d210b",
"indicator--560b7f76-8d4c-4476-98cd-ecee950d210b",
"observed-data--560b7f77-e090-4916-938b-ecee950d210b",
"url--560b7f77-e090-4916-938b-ecee950d210b",
"indicator--560b7f77-fb64-4527-a356-ecee950d210b",
"indicator--560b7f78-568c-4049-a75f-ecee950d210b",
"observed-data--560b7f78-836c-415c-81f6-ecee950d210b",
"url--560b7f78-836c-415c-81f6-ecee950d210b",
"indicator--560b7f78-2588-44a4-b341-ecee950d210b",
"indicator--560b7f79-e788-4218-abf7-ecee950d210b",
"observed-data--560b7f79-c9d0-49d0-ba5d-ecee950d210b",
"url--560b7f79-c9d0-49d0-ba5d-ecee950d210b",
"indicator--560b7f79-cfd4-4842-8401-ecee950d210b",
"indicator--560b7f7a-29c8-437d-8e0b-ecee950d210b",
"observed-data--560b7f7a-90f4-45f8-a28a-ecee950d210b",
"url--560b7f7a-90f4-45f8-a28a-ecee950d210b",
"indicator--560b7f7a-c814-4fc4-9cfe-ecee950d210b",
"indicator--560b7f7b-c550-4304-a398-ecee950d210b",
"observed-data--560b7f7b-f068-45c6-8453-ecee950d210b",
"url--560b7f7b-f068-45c6-8453-ecee950d210b",
"indicator--560b7f7b-e614-4779-ade4-ecee950d210b",
"indicator--560b7f7c-3c04-48a3-a9a6-ecee950d210b",
"observed-data--560b7f7c-818c-41ec-8926-ecee950d210b",
"url--560b7f7c-818c-41ec-8926-ecee950d210b",
"indicator--560b7f7c-1338-461d-aa0c-ecee950d210b",
"indicator--560b7f7d-9000-4de5-aa9b-ecee950d210b",
"observed-data--560b7f7d-9f6c-467a-8978-ecee950d210b",
"url--560b7f7d-9f6c-467a-8978-ecee950d210b",
"indicator--560b7f7d-edd8-4a35-8198-ecee950d210b",
"indicator--560b7f7e-f47c-487f-bb8c-ecee950d210b",
"observed-data--560b7f7e-413c-4cf9-bf02-ecee950d210b",
"url--560b7f7e-413c-4cf9-bf02-ecee950d210b",
"indicator--560b7f7e-ff60-4af5-a273-ecee950d210b",
"indicator--560b7f7f-9ea4-4f9d-8933-ecee950d210b",
"observed-data--560b7f7f-e2ec-455f-b820-ecee950d210b",
"url--560b7f7f-e2ec-455f-b820-ecee950d210b",
"indicator--560b7f80-2338-422d-b8d6-ecee950d210b",
"indicator--560b7f80-e928-4e3a-b483-ecee950d210b",
"observed-data--560b7f80-53cc-45b9-8513-ecee950d210b",
"url--560b7f80-53cc-45b9-8513-ecee950d210b",
"indicator--560b7f81-0768-4908-a7f6-ecee950d210b",
"indicator--560b7f81-23f4-4d06-a61a-ecee950d210b",
"observed-data--560b7f81-a6e4-4479-bf4b-ecee950d210b",
"url--560b7f81-a6e4-4479-bf4b-ecee950d210b",
"indicator--560b7f82-f354-44c7-844b-ecee950d210b",
"indicator--560b7f82-0b94-4427-ba2f-ecee950d210b",
"observed-data--560b7f82-47d0-4fef-80a5-ecee950d210b",
"url--560b7f82-47d0-4fef-80a5-ecee950d210b",
"indicator--560b7f83-fe1c-4c35-a27c-ecee950d210b",
"indicator--560b7f83-b0e0-48c8-b245-ecee950d210b",
"observed-data--560b7f83-5484-4da2-8a6f-ecee950d210b",
"url--560b7f83-5484-4da2-8a6f-ecee950d210b",
"indicator--560b7f84-6bdc-43e1-a4d8-ecee950d210b",
"indicator--560b7f84-e0e0-480f-beb4-ecee950d210b",
"observed-data--560b7f84-099c-4e03-9db3-ecee950d210b",
"url--560b7f84-099c-4e03-9db3-ecee950d210b",
"indicator--560b7f85-aa88-427c-a7a8-ecee950d210b",
"indicator--560b7f85-8744-464f-867b-ecee950d210b",
"observed-data--560b7f85-23bc-4e40-bd7a-ecee950d210b",
"url--560b7f85-23bc-4e40-bd7a-ecee950d210b",
"indicator--560b7f86-04f0-4346-96d2-ecee950d210b",
"indicator--560b7f86-f084-4d31-a684-ecee950d210b",
"observed-data--560b7f86-740c-4a19-96d1-ecee950d210b",
"url--560b7f86-740c-4a19-96d1-ecee950d210b",
"indicator--560b7f87-0a30-4c42-b997-ecee950d210b",
"indicator--560b7f87-abec-4f39-b43a-ecee950d210b",
"observed-data--560b7f87-b858-434d-b752-ecee950d210b",
"url--560b7f87-b858-434d-b752-ecee950d210b",
"indicator--560b7f88-9300-4dfb-ba3a-ecee950d210b",
"indicator--560b7f88-58bc-4d84-b230-ecee950d210b",
"observed-data--560b7f89-a308-473d-a4c4-ecee950d210b",
"url--560b7f89-a308-473d-a4c4-ecee950d210b",
"indicator--560b7f89-06c0-48ed-82d7-ecee950d210b",
"indicator--560b7f89-5a90-49bc-9072-ecee950d210b",
"observed-data--560b7f8a-6c1c-4198-ac01-ecee950d210b",
"url--560b7f8a-6c1c-4198-ac01-ecee950d210b",
"indicator--560b7f8a-632c-471d-91fb-ecee950d210b",
"indicator--560b7f8a-9540-4c39-a2c7-ecee950d210b",
"observed-data--560b7f8b-fad4-4b44-8641-ecee950d210b",
"url--560b7f8b-fad4-4b44-8641-ecee950d210b",
"indicator--560b7f8b-fd64-4565-8a19-ecee950d210b",
"indicator--560b7f8b-4a84-4dc1-a148-ecee950d210b",
"observed-data--560b7f8c-e854-4495-8062-ecee950d210b",
"url--560b7f8c-e854-4495-8062-ecee950d210b",
"indicator--560b7f8c-0f1c-4ae4-b717-ecee950d210b",
"indicator--560b7f8c-e400-4477-afed-ecee950d210b",
"observed-data--560b7f8d-a898-4f2c-8636-ecee950d210b",
"url--560b7f8d-a898-4f2c-8636-ecee950d210b",
"indicator--560b7f8d-cd4c-4542-b9c2-ecee950d210b",
"indicator--560b7f8d-ce70-44cc-b2f5-ecee950d210b",
"observed-data--560b7f8e-b4c4-4038-95ab-ecee950d210b",
"url--560b7f8e-b4c4-4038-95ab-ecee950d210b",
"indicator--560b7f8e-ec40-41af-aa2e-ecee950d210b",
"indicator--560b7f8e-7950-46eb-9d66-ecee950d210b",
"observed-data--560b7f8f-8a88-4e52-a5dc-ecee950d210b",
"url--560b7f8f-8a88-4e52-a5dc-ecee950d210b",
"indicator--560b7f8f-5400-44f3-b328-ecee950d210b",
"indicator--560b7f8f-739c-4f97-8009-ecee950d210b",
"observed-data--560b7f90-d114-466f-81b5-ecee950d210b",
"url--560b7f90-d114-466f-81b5-ecee950d210b",
"indicator--560b7f90-e71c-4815-981d-ecee950d210b",
"indicator--560b7f91-d2b8-46ea-a766-ecee950d210b",
"observed-data--560b7f91-c804-46e0-858f-ecee950d210b",
"url--560b7f91-c804-46e0-858f-ecee950d210b",
"indicator--560b7f91-7830-4f29-b1bd-ecee950d210b",
"indicator--560b7f92-f66c-4d8e-a056-ecee950d210b",
"observed-data--560b7f92-8a64-478b-9ccf-ecee950d210b",
"url--560b7f92-8a64-478b-9ccf-ecee950d210b",
"indicator--560b7f92-7b34-410c-8753-ecee950d210b",
"indicator--560b7f93-e4d0-4eaf-bf10-ecee950d210b",
"observed-data--560b7f93-9798-4d04-8501-ecee950d210b",
"url--560b7f93-9798-4d04-8501-ecee950d210b",
"indicator--560b7f93-ca98-4424-b38b-ecee950d210b",
"indicator--560b7f94-dd50-4e2f-80b2-ecee950d210b",
"observed-data--560b7f94-0bc4-415e-a0ab-ecee950d210b",
"url--560b7f94-0bc4-415e-a0ab-ecee950d210b",
"indicator--560b7f94-c27c-46d1-80f8-ecee950d210b",
"indicator--560b7f95-c024-4de8-82dc-ecee950d210b",
"observed-data--560b7f95-3cb8-4d6d-9b0b-ecee950d210b",
"url--560b7f95-3cb8-4d6d-9b0b-ecee950d210b",
"indicator--560b7f95-b2a4-4eb7-868b-ecee950d210b",
"indicator--560b7f96-b32c-49c2-a634-ecee950d210b",
"observed-data--560b7f96-98b8-4b48-aad1-ecee950d210b",
"url--560b7f96-98b8-4b48-aad1-ecee950d210b",
"indicator--560b7f96-4060-41c9-b5a6-ecee950d210b",
"indicator--560b7f97-6964-48b7-8c0f-ecee950d210b",
"observed-data--560b7f97-97d0-4388-abc1-ecee950d210b",
"url--560b7f97-97d0-4388-abc1-ecee950d210b",
"indicator--560b7f97-d5b0-492e-91b8-ecee950d210b",
"indicator--560b7f98-6d9c-4207-b84e-ecee950d210b",
"observed-data--560b7f98-8ae0-48dd-a948-ecee950d210b",
"url--560b7f98-8ae0-48dd-a948-ecee950d210b",
"indicator--560b7f99-afc0-4d30-b256-ecee950d210b",
"indicator--560b7f99-33c0-42f4-a43b-ecee950d210b",
"observed-data--560b7f99-f138-4c81-81df-ecee950d210b",
"url--560b7f99-f138-4c81-81df-ecee950d210b",
"indicator--560b7f9a-c6dc-47cd-a167-ecee950d210b",
"indicator--560b7f9a-dd60-4382-be5e-ecee950d210b",
"observed-data--560b7f9a-bab0-4089-814b-ecee950d210b",
"url--560b7f9a-bab0-4089-814b-ecee950d210b",
"indicator--560b7f9b-7380-48a0-b832-ecee950d210b",
"indicator--560b7f9b-bc60-447f-91a8-ecee950d210b",
"observed-data--560b7f9b-56b0-43dc-bb0f-ecee950d210b",
"url--560b7f9b-56b0-43dc-bb0f-ecee950d210b",
"indicator--560b7f9c-7b78-4ed2-bc25-ecee950d210b",
"indicator--560b7f9c-b020-4db1-b23c-ecee950d210b",
"observed-data--560b7f9c-daec-424f-b93d-ecee950d210b",
"url--560b7f9c-daec-424f-b93d-ecee950d210b",
"indicator--560b7f9d-6538-4e41-8f75-ecee950d210b",
"indicator--560b7f9d-f134-4b53-922b-ecee950d210b",
"observed-data--560b7f9d-70e8-4f12-8902-ecee950d210b",
"url--560b7f9d-70e8-4f12-8902-ecee950d210b",
"indicator--560b7f9e-3358-41ee-a9e0-ecee950d210b",
"indicator--560b7f9e-f9a4-406f-950e-ecee950d210b",
"observed-data--560b7f9e-f784-4b30-97f2-ecee950d210b",
"url--560b7f9e-f784-4b30-97f2-ecee950d210b",
"indicator--560b7f9f-cbe4-4bfa-8a59-ecee950d210b",
"indicator--560b7f9f-a428-4bed-86b9-ecee950d210b",
"observed-data--560b7f9f-167c-437b-bc7d-ecee950d210b",
"url--560b7f9f-167c-437b-bc7d-ecee950d210b",
"indicator--560b7fa0-8588-4d94-bc5f-ecee950d210b",
"indicator--560b7fa0-64b4-421c-a967-ecee950d210b",
"observed-data--560b7fa0-2ecc-491f-80a6-ecee950d210b",
"url--560b7fa0-2ecc-491f-80a6-ecee950d210b",
"indicator--560b7fa1-0e8c-4d1e-a945-ecee950d210b",
"indicator--560b7fa1-c3ec-4d13-bc7a-ecee950d210b",
"observed-data--560b7fa2-ad10-4c5e-8d22-ecee950d210b",
"url--560b7fa2-ad10-4c5e-8d22-ecee950d210b",
"indicator--560b7fa2-7fa8-4bc5-b1a1-ecee950d210b",
"indicator--560b7fa2-7d3c-4b8c-bbf2-ecee950d210b",
"observed-data--560b7fa3-9404-486f-b722-ecee950d210b",
"url--560b7fa3-9404-486f-b722-ecee950d210b",
"indicator--560b7fa3-1830-43c3-a01c-ecee950d210b",
"indicator--560b7fa3-8e68-4aba-a462-ecee950d210b",
"observed-data--560b7fa4-b298-4d64-bfa7-ecee950d210b",
"url--560b7fa4-b298-4d64-bfa7-ecee950d210b",
"indicator--560b7fa4-0e1c-47cf-b029-ecee950d210b",
"indicator--560b7fa4-3e38-4b64-8f16-ecee950d210b",
"observed-data--560b7fa5-e340-481e-925d-ecee950d210b",
"url--560b7fa5-e340-481e-925d-ecee950d210b",
"indicator--560b7fa5-1f34-49b7-bad4-ecee950d210b",
"indicator--560b7fa5-2470-4f02-957d-ecee950d210b",
"observed-data--560b7fa6-7b74-45e7-8726-ecee950d210b",
"url--560b7fa6-7b74-45e7-8726-ecee950d210b",
"indicator--560b7fa6-b7dc-4f10-90e5-ecee950d210b",
"indicator--560b7fa6-54c8-4d2c-9680-ecee950d210b",
"observed-data--560b7fa7-a52c-459c-ba36-ecee950d210b",
"url--560b7fa7-a52c-459c-ba36-ecee950d210b",
"indicator--560b7fa7-1100-4a20-bb98-ecee950d210b",
"indicator--560b7fa7-dd70-475e-826b-ecee950d210b",
"observed-data--560b7fa8-f444-4db4-849b-ecee950d210b",
"url--560b7fa8-f444-4db4-849b-ecee950d210b",
"indicator--560b7fa8-e398-4daa-94d5-ecee950d210b",
"indicator--560b7fa8-c434-4af8-8e36-ecee950d210b",
"observed-data--560b7fa9-b16c-4aa2-a88a-ecee950d210b",
"url--560b7fa9-b16c-4aa2-a88a-ecee950d210b",
"indicator--560b7fa9-17e4-4c31-aaf3-ecee950d210b",
"indicator--560b7fa9-fa2c-443c-b6e8-ecee950d210b",
"observed-data--560b7faa-74e8-48da-afe2-ecee950d210b",
"url--560b7faa-74e8-48da-afe2-ecee950d210b",
"indicator--560b7faa-2e60-4a5e-b751-ecee950d210b",
"indicator--560b7fab-9788-49f0-9435-ecee950d210b",
"observed-data--560b7fab-2094-41dd-9cfa-ecee950d210b",
"url--560b7fab-2094-41dd-9cfa-ecee950d210b",
"indicator--560b7fab-a4ac-4f60-8617-ecee950d210b",
"indicator--560b7fac-0a60-4bcd-ad08-ecee950d210b",
"observed-data--560b7fac-61dc-4732-b88a-ecee950d210b",
"url--560b7fac-61dc-4732-b88a-ecee950d210b",
"indicator--560b7fac-9394-4e8c-ad15-ecee950d210b",
"indicator--560b7fad-06d0-45bf-bfef-ecee950d210b",
"observed-data--560b7fad-bdfc-44af-9cea-ecee950d210b",
"url--560b7fad-bdfc-44af-9cea-ecee950d210b",
"indicator--560b7fad-9130-4783-97df-ecee950d210b",
"indicator--560b7fae-e658-4e1c-b1dc-ecee950d210b",
"observed-data--560b7fae-a360-479a-a8d2-ecee950d210b",
"url--560b7fae-a360-479a-a8d2-ecee950d210b",
"indicator--560b7fae-17b0-4ab0-a821-ecee950d210b",
"indicator--560b7faf-246c-4197-9e7b-ecee950d210b",
"observed-data--560b7faf-d2f4-4393-bd9a-ecee950d210b",
"url--560b7faf-d2f4-4393-bd9a-ecee950d210b",
"indicator--560b7faf-9034-477b-8e41-ecee950d210b",
"indicator--560b7fb0-cf98-4a90-9c85-ecee950d210b",
"observed-data--560b7fb0-d574-4c89-bfd2-ecee950d210b",
"url--560b7fb0-d574-4c89-bfd2-ecee950d210b",
"indicator--560b7fb0-d44c-48fd-a54b-ecee950d210b",
"indicator--560b7fb1-64d4-498f-8647-ecee950d210b",
"observed-data--560b7fb1-2470-48a2-a98a-ecee950d210b",
"url--560b7fb1-2470-48a2-a98a-ecee950d210b",
"indicator--560b7fb1-d018-4162-885d-ecee950d210b",
"indicator--560b7fb2-2ab4-43b2-abf7-ecee950d210b",
"observed-data--560b7fb2-aee4-4c14-abdf-ecee950d210b",
"url--560b7fb2-aee4-4c14-abdf-ecee950d210b",
"indicator--560b7fb3-9158-4ec3-824e-ecee950d210b",
"indicator--560b7fb3-282c-4381-a917-ecee950d210b",
"observed-data--560b7fb3-6ea0-4ea1-8e86-ecee950d210b",
"url--560b7fb3-6ea0-4ea1-8e86-ecee950d210b",
"indicator--560b7fb4-e314-407c-9b6e-ecee950d210b",
"indicator--560b7fb4-25fc-405e-b0ee-ecee950d210b",
"observed-data--560b7fb4-324c-481d-85a8-ecee950d210b",
"url--560b7fb4-324c-481d-85a8-ecee950d210b",
"indicator--560b7fb5-481c-4493-baeb-ecee950d210b",
"indicator--560b7fb5-e2bc-4739-a38d-ecee950d210b",
"observed-data--560b7fb5-ec0c-4875-8178-ecee950d210b",
"url--560b7fb5-ec0c-4875-8178-ecee950d210b",
"indicator--560b7fb6-1b08-491a-97f3-ecee950d210b",
"indicator--560b7fb6-958c-49d8-84f3-ecee950d210b",
"observed-data--560b7fb6-0ec0-4fb9-a46b-ecee950d210b",
"url--560b7fb6-0ec0-4fb9-a46b-ecee950d210b",
"indicator--560b7fb7-5ad8-4ebb-94d3-ecee950d210b",
"indicator--560b7fb7-c490-4d51-bda5-ecee950d210b",
"observed-data--560b7fb7-0b20-46f7-a53a-ecee950d210b",
"url--560b7fb7-0b20-46f7-a53a-ecee950d210b",
"indicator--560b7fb8-8224-491b-9a1a-ecee950d210b",
"indicator--560b7fb8-7cc8-4d95-8ce1-ecee950d210b",
"observed-data--560b7fb8-2b5c-4880-b275-ecee950d210b",
"url--560b7fb8-2b5c-4880-b275-ecee950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560ad661-7c50-4a44-93b3-cf67950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:20:17.000Z",
"modified": "2015-09-29T18:20:17.000Z",
"first_observed": "2015-09-29T18:20:17Z",
"last_observed": "2015-09-29T18:20:17Z",
"number_observed": 1,
"object_refs": [
"url--560ad661-7c50-4a44-93b3-cf67950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560ad661-7c50-4a44-93b3-cf67950d210b",
"value": "http://go.recordedfuture.com/hubfs/reports/threat-identification.pdf"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560ad662-d638-4901-a2c9-cf67950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:20:18.000Z",
"modified": "2015-09-29T18:20:18.000Z",
"first_observed": "2015-09-29T18:20:18Z",
"last_observed": "2015-09-29T18:20:18Z",
"number_observed": 1,
"object_refs": [
"url--560ad662-d638-4901-a2c9-cf67950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560ad662-d638-4901-a2c9-cf67950d210b",
"value": "https://github.com/recordedfuture/raw-ioc/tree/master/rats"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad78e-5f2c-47a4-9cb3-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:25:18.000Z",
"modified": "2015-09-29T18:25:18.000Z",
"description": "BlackShades trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.172.154.42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:25:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad78e-a75c-408d-aae4-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:25:18.000Z",
"modified": "2015-09-29T18:25:18.000Z",
"description": "BlackShades trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.116.109.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:25:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7b7-475c-4b33-9b49-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:25:59.000Z",
"modified": "2015-09-29T18:25:59.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.199.32.114']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:25:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7b7-2730-43da-a8ea-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:25:59.000Z",
"modified": "2015-09-29T18:25:59.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.106.40.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:25:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7b7-d14c-4533-b1de-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:25:59.000Z",
"modified": "2015-09-29T18:25:59.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.248.185.117']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:25:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7b8-f368-4879-a986-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:00.000Z",
"modified": "2015-09-29T18:26:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.36.142.63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7b8-653c-464c-b270-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:00.000Z",
"modified": "2015-09-29T18:26:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.217.147.92']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7b9-4ed8-4a75-9b1d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:00.000Z",
"modified": "2015-09-29T18:26:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '187.190.232.248']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7b9-5d7c-4d2d-aa39-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:01.000Z",
"modified": "2015-09-29T18:26:01.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.125.211.128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7b9-13f4-49ed-bfeb-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:01.000Z",
"modified": "2015-09-29T18:26:01.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.248.241.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ba-1b88-413e-9017-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:02.000Z",
"modified": "2015-09-29T18:26:02.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.132.237.76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ba-f898-4fd0-b391-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:02.000Z",
"modified": "2015-09-29T18:26:02.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.50.12.183']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ba-3b20-44c8-8a6f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:02.000Z",
"modified": "2015-09-29T18:26:02.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.43.141.150']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bb-0dcc-4095-9799-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:03.000Z",
"modified": "2015-09-29T18:26:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.193.189.99']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bb-6130-49d6-9fc9-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:03.000Z",
"modified": "2015-09-29T18:26:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '123.26.181.225']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bb-dc90-407e-a1de-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:03.000Z",
"modified": "2015-09-29T18:26:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.169.168.88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bc-e504-47a6-a93e-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:04.000Z",
"modified": "2015-09-29T18:26:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '175.138.158.28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bc-4b84-4293-9540-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:04.000Z",
"modified": "2015-09-29T18:26:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.249.236.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bc-87b8-4bfb-8961-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:04.000Z",
"modified": "2015-09-29T18:26:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.122.53.112']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bd-3ea0-4c57-8a7d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:05.000Z",
"modified": "2015-09-29T18:26:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.28.27.244']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bd-59b0-40ad-a688-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:05.000Z",
"modified": "2015-09-29T18:26:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.213.25.49']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bd-8f28-4f74-8697-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:05.000Z",
"modified": "2015-09-29T18:26:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '75.165.52.41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7be-c6d0-41a7-80d7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:06.000Z",
"modified": "2015-09-29T18:26:06.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '220.240.23.100']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7be-21fc-425c-9366-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:06.000Z",
"modified": "2015-09-29T18:26:06.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.84.196.78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7be-6e4c-42cd-b651-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:06.000Z",
"modified": "2015-09-29T18:26:06.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.194.229.192']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bf-a168-4557-a147-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:07.000Z",
"modified": "2015-09-29T18:26:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.114.180.158']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7bf-05fc-4e93-bdcb-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:07.000Z",
"modified": "2015-09-29T18:26:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.167.141.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c0-aa6c-47fa-bf45-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:08.000Z",
"modified": "2015-09-29T18:26:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.254.106.227']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c0-55b0-4fbb-9d1d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:08.000Z",
"modified": "2015-09-29T18:26:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.10.41.43']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c0-d588-427c-92fd-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:08.000Z",
"modified": "2015-09-29T18:26:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.241.240.81']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c1-352c-49e9-af40-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:09.000Z",
"modified": "2015-09-29T18:26:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '54.149.35.67']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c1-76d0-4026-8e0b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:09.000Z",
"modified": "2015-09-29T18:26:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.124.66.45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c1-98b0-4562-a71a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:09.000Z",
"modified": "2015-09-29T18:26:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.183.214.51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c2-a8ec-4180-b134-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:10.000Z",
"modified": "2015-09-29T18:26:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.58.190.211']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c2-a4c8-42f8-a51c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:10.000Z",
"modified": "2015-09-29T18:26:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.148.21.19']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c2-6e00-4b34-a82b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:10.000Z",
"modified": "2015-09-29T18:26:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.20.33.108']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c3-b3b0-4f2b-8835-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:11.000Z",
"modified": "2015-09-29T18:26:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.117.177.128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c3-6ef0-4bae-b292-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:11.000Z",
"modified": "2015-09-29T18:26:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.154.193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c3-0e1c-41a1-a08d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:11.000Z",
"modified": "2015-09-29T18:26:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.23.101.18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c4-d40c-4212-b397-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:12.000Z",
"modified": "2015-09-29T18:26:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.177.231.191']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c4-8d50-4f0c-91bd-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:12.000Z",
"modified": "2015-09-29T18:26:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.181.155.116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c4-2de0-45b2-833b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:12.000Z",
"modified": "2015-09-29T18:26:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.199.129.133']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c5-b05c-448c-9f73-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:13.000Z",
"modified": "2015-09-29T18:26:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.187.75.132']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c5-6514-4598-a23c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:13.000Z",
"modified": "2015-09-29T18:26:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.109.147.95']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c5-5c74-4b51-8b5f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:13.000Z",
"modified": "2015-09-29T18:26:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.37.151.3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c6-4364-452a-8f63-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:14.000Z",
"modified": "2015-09-29T18:26:14.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.71.57.27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c6-7d48-4066-a902-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:14.000Z",
"modified": "2015-09-29T18:26:14.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '14.48.9.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c7-b3d4-4582-8d2e-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:15.000Z",
"modified": "2015-09-29T18:26:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '116.240.235.151']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c7-62b8-4098-9279-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:15.000Z",
"modified": "2015-09-29T18:26:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.92.201.89']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c7-ca28-4b90-a092-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:15.000Z",
"modified": "2015-09-29T18:26:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.106.197.203']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c8-2850-428b-b5d7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:16.000Z",
"modified": "2015-09-29T18:26:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.132.57.250']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c8-8478-474c-acea-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:16.000Z",
"modified": "2015-09-29T18:26:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.211.171.170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c8-4b18-4000-9af6-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:16.000Z",
"modified": "2015-09-29T18:26:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.173.64.87']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c9-9e10-4e19-9d51-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:17.000Z",
"modified": "2015-09-29T18:26:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '113.176.107.16']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c9-a940-4cb9-9d70-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:17.000Z",
"modified": "2015-09-29T18:26:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '175.144.222.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7c9-9e9c-48bb-833b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:17.000Z",
"modified": "2015-09-29T18:26:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.187.1.85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ca-63a0-4afb-8ed9-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:18.000Z",
"modified": "2015-09-29T18:26:18.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.164.115.93']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ca-01f0-4a4f-ab5b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:18.000Z",
"modified": "2015-09-29T18:26:18.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.204.240.170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ca-4228-496c-8e6c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:18.000Z",
"modified": "2015-09-29T18:26:18.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.148.115.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cb-04e4-418e-bd6b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:19.000Z",
"modified": "2015-09-29T18:26:19.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.242.100.68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cb-a578-4214-8184-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:19.000Z",
"modified": "2015-09-29T18:26:19.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.155.51.128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cb-acc0-4e38-857f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:19.000Z",
"modified": "2015-09-29T18:26:19.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.103.237.51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cc-0ecc-4ff7-a476-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:20.000Z",
"modified": "2015-09-29T18:26:20.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.23.215.193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cc-3ac4-4c66-af1b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:20.000Z",
"modified": "2015-09-29T18:26:20.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.183.29.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cc-2508-4c68-8413-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:20.000Z",
"modified": "2015-09-29T18:26:20.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.129.206.254']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cd-2b58-42de-8118-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:21.000Z",
"modified": "2015-09-29T18:26:21.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.5.175.243']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cd-6e3c-436a-97e8-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:21.000Z",
"modified": "2015-09-29T18:26:21.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.31.59.68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cd-a23c-4bc5-96b2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:21.000Z",
"modified": "2015-09-29T18:26:21.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.126.199.239']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ce-7e34-404b-b8f2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:22.000Z",
"modified": "2015-09-29T18:26:22.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '73.187.82.251']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ce-53d8-4e35-b3f8-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:22.000Z",
"modified": "2015-09-29T18:26:22.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.224.178.178']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cf-b05c-4143-ad68-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:23.000Z",
"modified": "2015-09-29T18:26:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.241.6.106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cf-8fc4-4a59-895b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:23.000Z",
"modified": "2015-09-29T18:26:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.92.84.218']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7cf-766c-4f08-a702-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:23.000Z",
"modified": "2015-09-29T18:26:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.113.254.210']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d0-6bac-455b-b75c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:24.000Z",
"modified": "2015-09-29T18:26:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.82.109.151']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d0-9084-48ab-85d6-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:24.000Z",
"modified": "2015-09-29T18:26:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.228.220.243']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d0-6f48-4c40-be6e-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:24.000Z",
"modified": "2015-09-29T18:26:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.64.224.127']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d1-1458-4437-9003-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:25.000Z",
"modified": "2015-09-29T18:26:25.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.7.96.245']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d1-b6e4-4dce-be19-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:25.000Z",
"modified": "2015-09-29T18:26:25.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.157.16.101']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d1-ebdc-410c-81f6-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:25.000Z",
"modified": "2015-09-29T18:26:25.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.178.53.32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d2-1644-4596-a5d2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:26.000Z",
"modified": "2015-09-29T18:26:26.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.83.193.152']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d2-c29c-4ecb-85f5-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:26.000Z",
"modified": "2015-09-29T18:26:26.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.108.10.121']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d2-ecd0-49a4-ba71-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:26.000Z",
"modified": "2015-09-29T18:26:26.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.116.126.204']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d3-9650-4589-a6cb-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:27.000Z",
"modified": "2015-09-29T18:26:27.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '171.5.185.187']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d3-c740-4f25-ac3a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:27.000Z",
"modified": "2015-09-29T18:26:27.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.140.12.126']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d3-ebc4-4cf3-9e61-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:27.000Z",
"modified": "2015-09-29T18:26:27.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.56.187.251']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d4-c760-4c44-b7e7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:28.000Z",
"modified": "2015-09-29T18:26:28.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.37.104.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d4-fa94-449b-a7a0-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:28.000Z",
"modified": "2015-09-29T18:26:28.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.225.28.6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d4-8e20-407b-95c5-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:28.000Z",
"modified": "2015-09-29T18:26:28.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.146.134.201']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d5-2db0-45d9-9114-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:29.000Z",
"modified": "2015-09-29T18:26:29.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.96.197.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d5-5628-4b0d-bf4c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:29.000Z",
"modified": "2015-09-29T18:26:29.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.17.237.71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d5-3f08-4418-b7b4-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:29.000Z",
"modified": "2015-09-29T18:26:29.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.104.201.5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d6-acc4-4797-a55c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:30.000Z",
"modified": "2015-09-29T18:26:30.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '90.38.55.108']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d6-2c9c-4362-949f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:30.000Z",
"modified": "2015-09-29T18:26:30.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.87.231.216']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d7-780c-4d5b-a5d9-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:31.000Z",
"modified": "2015-09-29T18:26:31.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.164.83.38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d7-f580-4951-8ed7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:31.000Z",
"modified": "2015-09-29T18:26:31.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '90.212.69.216']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d7-40a8-4ece-88d9-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:31.000Z",
"modified": "2015-09-29T18:26:31.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.79.32.71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d8-7d14-4b86-9fa6-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:32.000Z",
"modified": "2015-09-29T18:26:32.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.141.187.86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d8-91a8-480a-9eaf-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:32.000Z",
"modified": "2015-09-29T18:26:32.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.206.74.130']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d8-3aa8-487b-bb55-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:32.000Z",
"modified": "2015-09-29T18:26:32.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '182.208.232.140']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d9-5510-4381-9b6f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:33.000Z",
"modified": "2015-09-29T18:26:33.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '207.255.114.86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d9-5d74-49de-93fe-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:33.000Z",
"modified": "2015-09-29T18:26:33.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.105.131.156']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7d9-4300-4afd-8f3f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:33.000Z",
"modified": "2015-09-29T18:26:33.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.37.52.47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7da-c51c-4040-96ee-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:34.000Z",
"modified": "2015-09-29T18:26:34.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '187.22.84.35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7da-e150-40b1-8737-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:34.000Z",
"modified": "2015-09-29T18:26:34.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.183.30.179']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7da-f534-4c7c-a627-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:34.000Z",
"modified": "2015-09-29T18:26:34.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.80.53.157']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7db-5300-4a96-bf28-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:35.000Z",
"modified": "2015-09-29T18:26:35.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.240.113.148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7db-1814-481a-a97a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:35.000Z",
"modified": "2015-09-29T18:26:35.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.200.59.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7db-dcec-455f-8461-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:35.000Z",
"modified": "2015-09-29T18:26:35.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.232.39.179']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7dc-d790-4f28-a2a9-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:36.000Z",
"modified": "2015-09-29T18:26:36.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.128.44.222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7dc-5aac-4499-8f17-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:36.000Z",
"modified": "2015-09-29T18:26:36.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.31.123.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7dc-6070-411a-b353-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:36.000Z",
"modified": "2015-09-29T18:26:36.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.54.169.172']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7dd-7dbc-49f6-9454-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:37.000Z",
"modified": "2015-09-29T18:26:37.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.87.154.83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7dd-870c-4a12-80f9-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:37.000Z",
"modified": "2015-09-29T18:26:37.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '191.233.97.132']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7de-53f4-464c-bd4f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:37.000Z",
"modified": "2015-09-29T18:26:37.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '24.226.81.46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7de-3d44-4f58-8cdd-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:38.000Z",
"modified": "2015-09-29T18:26:38.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '67.215.4.74']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7de-6374-4e70-8239-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:38.000Z",
"modified": "2015-09-29T18:26:38.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.71.56.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7df-241c-4715-b96c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:39.000Z",
"modified": "2015-09-29T18:26:39.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.91.175.72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7df-c988-48f3-a960-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:39.000Z",
"modified": "2015-09-29T18:26:39.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.65.201.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7df-500c-4318-9c6a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:39.000Z",
"modified": "2015-09-29T18:26:39.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.65.130.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e0-9edc-4d46-b23b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:40.000Z",
"modified": "2015-09-29T18:26:40.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.56.39.218']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e0-393c-444b-b759-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:40.000Z",
"modified": "2015-09-29T18:26:40.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.111.33.57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e0-7554-4400-8acc-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:40.000Z",
"modified": "2015-09-29T18:26:40.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.192.148.149']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e1-19ec-431c-b995-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:41.000Z",
"modified": "2015-09-29T18:26:41.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '175.137.136.159']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e1-8634-47a1-9a21-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:41.000Z",
"modified": "2015-09-29T18:26:41.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.186.238.238']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e1-555c-4fee-a462-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:41.000Z",
"modified": "2015-09-29T18:26:41.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.255.220.193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e2-ea44-453a-8bb4-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:42.000Z",
"modified": "2015-09-29T18:26:42.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.64.175.198']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e2-4804-4768-8a9a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:42.000Z",
"modified": "2015-09-29T18:26:42.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.85.56.64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e2-d98c-4611-97a4-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:42.000Z",
"modified": "2015-09-29T18:26:42.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.146.121.97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e3-ca5c-4ffa-8a24-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:43.000Z",
"modified": "2015-09-29T18:26:43.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.244.7.4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e3-8848-4ee1-bab8-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:43.000Z",
"modified": "2015-09-29T18:26:43.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '24.247.24.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e3-d63c-4a1e-a72c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:43.000Z",
"modified": "2015-09-29T18:26:43.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.39.43.105']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e4-3900-48dc-a485-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:44.000Z",
"modified": "2015-09-29T18:26:44.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.3.191.106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e4-c314-4cc0-89ae-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:44.000Z",
"modified": "2015-09-29T18:26:44.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.50.38.52']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e5-5378-49ef-bd77-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:45.000Z",
"modified": "2015-09-29T18:26:45.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.21.72.110']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e5-97c4-4139-9216-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:45.000Z",
"modified": "2015-09-29T18:26:45.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.206.70.133']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e5-e6dc-45c5-b31b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:45.000Z",
"modified": "2015-09-29T18:26:45.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.106.67.252']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e6-23b4-4058-a4e3-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:46.000Z",
"modified": "2015-09-29T18:26:46.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.250.14.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e6-be54-4209-a460-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:46.000Z",
"modified": "2015-09-29T18:26:46.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.177.89.217']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e6-f730-431d-9d95-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:46.000Z",
"modified": "2015-09-29T18:26:46.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.0.200.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e7-6b1c-40c4-b5b4-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:47.000Z",
"modified": "2015-09-29T18:26:47.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.11.184.17']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e7-41ec-4c85-ad7a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:47.000Z",
"modified": "2015-09-29T18:26:47.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.29.16.217']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e7-f174-41ef-86a7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:47.000Z",
"modified": "2015-09-29T18:26:47.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.136.172.192']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e8-978c-48de-80b4-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:48.000Z",
"modified": "2015-09-29T18:26:48.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.5.113.92']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e8-4b74-4bd5-9a83-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:48.000Z",
"modified": "2015-09-29T18:26:48.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.131.212.225']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e8-5940-4778-a162-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:48.000Z",
"modified": "2015-09-29T18:26:48.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.7.153.185']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e9-55b0-4319-b297-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:49.000Z",
"modified": "2015-09-29T18:26:49.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.15.232.63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e9-8d74-40bc-aaf2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:49.000Z",
"modified": "2015-09-29T18:26:49.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.248.163.230']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7e9-5a4c-4c7b-add7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:49.000Z",
"modified": "2015-09-29T18:26:49.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.65.196.171']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ea-c96c-4ff0-8986-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:50.000Z",
"modified": "2015-09-29T18:26:50.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.236.36.29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ea-1fd8-47fb-97e2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:50.000Z",
"modified": "2015-09-29T18:26:50.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '183.89.114.51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ea-6ea8-41ca-a77d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:50.000Z",
"modified": "2015-09-29T18:26:50.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.174.150.157']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7eb-f9e8-4730-891f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:51.000Z",
"modified": "2015-09-29T18:26:51.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.111.152.54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7eb-9e38-4936-9504-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:51.000Z",
"modified": "2015-09-29T18:26:51.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.206.79.172']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7eb-4cf0-4648-8cbb-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:51.000Z",
"modified": "2015-09-29T18:26:51.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.234.59.253']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ec-6dcc-4829-97ce-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:52.000Z",
"modified": "2015-09-29T18:26:52.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.37.22.100']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ec-f1b0-4206-bdfa-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:52.000Z",
"modified": "2015-09-29T18:26:52.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.233.145.174']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ed-c8b0-4073-945a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:53.000Z",
"modified": "2015-09-29T18:26:53.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.179.20.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ed-a220-45c1-bc2a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:53.000Z",
"modified": "2015-09-29T18:26:53.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.153.32.54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ed-3b70-4933-8619-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:53.000Z",
"modified": "2015-09-29T18:26:53.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.142.4.47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ee-8e38-4e4e-98b7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:54.000Z",
"modified": "2015-09-29T18:26:54.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.138.234.150']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ee-c828-423f-823b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:54.000Z",
"modified": "2015-09-29T18:26:54.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.240.22.62']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ee-2fc8-4c2d-83e5-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:54.000Z",
"modified": "2015-09-29T18:26:54.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.130.45.35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ef-b860-4e39-a6a3-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:55.000Z",
"modified": "2015-09-29T18:26:55.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.95.42.120']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ef-63c4-411e-8232-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:55.000Z",
"modified": "2015-09-29T18:26:55.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.34.112.223']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ef-ad48-4579-ab77-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:55.000Z",
"modified": "2015-09-29T18:26:55.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '187.101.15.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f0-266c-4608-8a79-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:56.000Z",
"modified": "2015-09-29T18:26:56.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.149.80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f0-0b24-4792-9743-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:56.000Z",
"modified": "2015-09-29T18:26:56.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.10.53.244']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f0-336c-496b-93e2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:56.000Z",
"modified": "2015-09-29T18:26:56.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.46.83.34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f1-fa38-4b64-ba58-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:57.000Z",
"modified": "2015-09-29T18:26:57.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.84.64.159']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f1-6c30-4404-ac8e-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:57.000Z",
"modified": "2015-09-29T18:26:57.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.182.234.161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f1-1390-4d3c-8bc2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:57.000Z",
"modified": "2015-09-29T18:26:57.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.138.36.132']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f2-652c-438b-86b1-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:58.000Z",
"modified": "2015-09-29T18:26:58.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.152.211.69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f2-dac4-4f8c-9aa3-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:58.000Z",
"modified": "2015-09-29T18:26:58.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.170.233.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f2-7330-465a-b29e-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:58.000Z",
"modified": "2015-09-29T18:26:58.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.188.48.223']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f3-bc80-4236-a8ef-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:59.000Z",
"modified": "2015-09-29T18:26:59.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.76.197.226']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f3-e658-407f-88d1-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:26:59.000Z",
"modified": "2015-09-29T18:26:59.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.109.69.134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:26:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f4-b9fc-4a84-964e-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:00.000Z",
"modified": "2015-09-29T18:27:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.47.129.247']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f4-92b8-432c-96f5-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:00.000Z",
"modified": "2015-09-29T18:27:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.251.112.39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f4-895c-455e-a456-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:00.000Z",
"modified": "2015-09-29T18:27:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.249.157.192']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f5-0cc4-4551-93b0-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:01.000Z",
"modified": "2015-09-29T18:27:01.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.179.66.52']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f5-d37c-4a31-b90d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:01.000Z",
"modified": "2015-09-29T18:27:01.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.70.80.188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f5-7a78-48ef-bfcd-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:01.000Z",
"modified": "2015-09-29T18:27:01.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.228.12.54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f6-b470-45b2-bbd2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:02.000Z",
"modified": "2015-09-29T18:27:02.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.65.248.251']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f6-16c0-45f0-a0dc-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:02.000Z",
"modified": "2015-09-29T18:27:02.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.137.9.162']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f6-4a90-40b2-af53-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:02.000Z",
"modified": "2015-09-29T18:27:02.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.9.159.83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f7-4ac8-4ba1-973e-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:03.000Z",
"modified": "2015-09-29T18:27:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.5.250.237']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f7-0a5c-40d9-93f5-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:03.000Z",
"modified": "2015-09-29T18:27:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.132.76.174']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f7-d718-49c5-81e4-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:03.000Z",
"modified": "2015-09-29T18:27:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.232.220.192']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f8-3930-4c51-90f4-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:04.000Z",
"modified": "2015-09-29T18:27:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.127.140.40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f8-7760-4a85-8ecd-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:04.000Z",
"modified": "2015-09-29T18:27:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.72.132.218']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f8-5700-479c-b129-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:04.000Z",
"modified": "2015-09-29T18:27:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.249.243.205']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f9-4e18-4f50-90bf-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:05.000Z",
"modified": "2015-09-29T18:27:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.207.6.172']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f9-6a48-48bd-ac8d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:05.000Z",
"modified": "2015-09-29T18:27:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.11.80.6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7f9-c0b8-4cf3-823d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:05.000Z",
"modified": "2015-09-29T18:27:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.187.108.104']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fa-3370-4031-8f15-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:06.000Z",
"modified": "2015-09-29T18:27:06.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '189.58.164.42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fa-b07c-4f16-84c8-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:06.000Z",
"modified": "2015-09-29T18:27:06.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.245.197.27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fb-b9a8-43db-85cb-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:07.000Z",
"modified": "2015-09-29T18:27:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.232.190.51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fb-3378-4f50-bcf0-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:07.000Z",
"modified": "2015-09-29T18:27:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.126.55.97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fb-77cc-4475-b6dc-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:07.000Z",
"modified": "2015-09-29T18:27:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.49.124.206']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fc-ee2c-4f9b-b982-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:08.000Z",
"modified": "2015-09-29T18:27:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.84.240.30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fc-5bc4-4e65-8858-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:08.000Z",
"modified": "2015-09-29T18:27:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.211.255.123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fc-ddec-4a94-ab6c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:08.000Z",
"modified": "2015-09-29T18:27:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.60.20.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fd-8748-4b8d-951e-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:09.000Z",
"modified": "2015-09-29T18:27:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.48.235.224']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fd-017c-4d6a-9308-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:09.000Z",
"modified": "2015-09-29T18:27:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.105.242.135']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fd-8aa8-435f-aecd-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:09.000Z",
"modified": "2015-09-29T18:27:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.57.170.92']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fe-c69c-47dd-8365-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:10.000Z",
"modified": "2015-09-29T18:27:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.51.171.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fe-af14-48a2-8417-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:10.000Z",
"modified": "2015-09-29T18:27:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.69.67.154']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7fe-7548-445b-a52b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:10.000Z",
"modified": "2015-09-29T18:27:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.71.23.116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ff-a2c8-478b-8fa7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:11.000Z",
"modified": "2015-09-29T18:27:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.133.30.171']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ff-06d4-4932-b165-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:11.000Z",
"modified": "2015-09-29T18:27:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.209.122.68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad7ff-f868-4de9-92d5-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:11.000Z",
"modified": "2015-09-29T18:27:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.13.37.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad800-9410-4b43-9c69-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:12.000Z",
"modified": "2015-09-29T18:27:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.83.178.73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad800-8ff4-4c26-83fa-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:12.000Z",
"modified": "2015-09-29T18:27:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.206.76.17']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad800-b718-447c-b82b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:12.000Z",
"modified": "2015-09-29T18:27:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.49.0.178']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad801-8d84-4ff5-be73-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:13.000Z",
"modified": "2015-09-29T18:27:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.153.218.162']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad801-de00-4f05-a317-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:13.000Z",
"modified": "2015-09-29T18:27:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.143.215.53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad802-8074-4a8a-805a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:14.000Z",
"modified": "2015-09-29T18:27:14.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.49.73.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad802-3500-4594-bebb-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:14.000Z",
"modified": "2015-09-29T18:27:14.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.168.35.185']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad802-a798-4981-b951-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:14.000Z",
"modified": "2015-09-29T18:27:14.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.132.65.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad803-577c-41e4-8f19-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:15.000Z",
"modified": "2015-09-29T18:27:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.190.122.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad803-83b4-41a3-897a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:15.000Z",
"modified": "2015-09-29T18:27:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.62.133.139']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad803-1028-4cb7-ad89-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:15.000Z",
"modified": "2015-09-29T18:27:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.250.94.197']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad804-f620-4a09-93ef-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:16.000Z",
"modified": "2015-09-29T18:27:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.49.221.249']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad804-8d3c-4597-ae4f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:16.000Z",
"modified": "2015-09-29T18:27:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '191.223.6.219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad804-1ab8-45fb-9847-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:16.000Z",
"modified": "2015-09-29T18:27:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.15.239.17']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad805-c1bc-42b9-a0cb-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:17.000Z",
"modified": "2015-09-29T18:27:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.25.248.204']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad805-a92c-47bb-97ad-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:17.000Z",
"modified": "2015-09-29T18:27:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.206.77.97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad805-71ec-4b4b-bd31-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:17.000Z",
"modified": "2015-09-29T18:27:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.20.233.76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad806-4c70-4cf6-bbba-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:18.000Z",
"modified": "2015-09-29T18:27:18.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '24.179.211.243']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad806-a180-43ce-92b7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:18.000Z",
"modified": "2015-09-29T18:27:18.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.85.135.59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad806-17d4-4805-90c3-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:18.000Z",
"modified": "2015-09-29T18:27:18.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.89.223.13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad807-c75c-4c3e-88ee-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:19.000Z",
"modified": "2015-09-29T18:27:19.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.103.189.116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad807-2884-4534-b94f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:19.000Z",
"modified": "2015-09-29T18:27:19.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.155.28.250']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad807-6af8-46bc-bed2-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:19.000Z",
"modified": "2015-09-29T18:27:19.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.178.69.196']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad808-bb14-47f8-9ea0-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:20.000Z",
"modified": "2015-09-29T18:27:20.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.145.116.174']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad808-1c84-45a2-a4d1-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:20.000Z",
"modified": "2015-09-29T18:27:20.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.68.175.171']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad808-3fdc-4faa-82ab-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:20.000Z",
"modified": "2015-09-29T18:27:20.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.189.154.253']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad809-8a2c-44b3-a692-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:21.000Z",
"modified": "2015-09-29T18:27:21.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.108.228.116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad809-88f0-4937-a2a6-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:21.000Z",
"modified": "2015-09-29T18:27:21.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.54.7.242']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80a-f6dc-4686-b957-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:22.000Z",
"modified": "2015-09-29T18:27:22.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '14.164.210.175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80a-e8d8-4606-873f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:22.000Z",
"modified": "2015-09-29T18:27:22.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '52.10.96.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80a-31d4-469e-8044-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:22.000Z",
"modified": "2015-09-29T18:27:22.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.183.60.66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80b-70f0-4121-bd95-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:23.000Z",
"modified": "2015-09-29T18:27:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.49.165.179']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80b-cfcc-449b-b0ad-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:23.000Z",
"modified": "2015-09-29T18:27:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.130.156.251']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80b-5060-4c85-839a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:23.000Z",
"modified": "2015-09-29T18:27:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '196.47.148.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80c-6558-4d5b-b7a9-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:24.000Z",
"modified": "2015-09-29T18:27:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.15.119.66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80c-1028-4e66-a753-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:24.000Z",
"modified": "2015-09-29T18:27:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '187.204.135.247']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80c-058c-4b5b-9229-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:24.000Z",
"modified": "2015-09-29T18:27:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.141.118.152']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80d-590c-4df7-b05c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:25.000Z",
"modified": "2015-09-29T18:27:25.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.12.143.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80d-741c-495c-a6ba-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:25.000Z",
"modified": "2015-09-29T18:27:25.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.230.204.181']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80d-8e18-4657-af34-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:25.000Z",
"modified": "2015-09-29T18:27:25.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.161.245.85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80e-2e60-4523-897d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:26.000Z",
"modified": "2015-09-29T18:27:26.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '24.16.228.205']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad80e-9f68-4420-b14b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:26.000Z",
"modified": "2015-09-29T18:27:26.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.105.46.32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad827-d0f4-4b0f-9769-48b8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:51.000Z",
"modified": "2015-09-29T18:27:51.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.216.80.32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad827-9b70-4cc6-83ef-436c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:51.000Z",
"modified": "2015-09-29T18:27:51.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.50.249.39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad828-00f8-4b0b-b14e-450c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:52.000Z",
"modified": "2015-09-29T18:27:52.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.32.0.13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad828-9c58-4c36-b42a-44cb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:52.000Z",
"modified": "2015-09-29T18:27:52.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.250.238.72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad829-b24c-49b4-b025-4477950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:53.000Z",
"modified": "2015-09-29T18:27:53.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '187.174.195.76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad829-97b4-4a37-8658-48fa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:53.000Z",
"modified": "2015-09-29T18:27:53.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.32.0.42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad829-42d8-4eb2-bd29-43b3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:53.000Z",
"modified": "2015-09-29T18:27:53.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.8.240.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82a-fe24-455a-976d-4ebf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:54.000Z",
"modified": "2015-09-29T18:27:54.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '134.107.24.106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82a-70ac-441d-8ac4-4f88950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:54.000Z",
"modified": "2015-09-29T18:27:54.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.196.39.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82a-223c-4e52-afcd-4494950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:54.000Z",
"modified": "2015-09-29T18:27:54.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.28.185.130']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82b-0358-4041-8eb3-4310950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:55.000Z",
"modified": "2015-09-29T18:27:55.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '161.111.232.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82b-0394-4c71-a46f-4c16950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:55.000Z",
"modified": "2015-09-29T18:27:55.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '206.191.135.156']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82b-62e4-48b5-ae2f-4b47950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:55.000Z",
"modified": "2015-09-29T18:27:55.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.92.28.115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82c-80a4-4434-9821-448c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:56.000Z",
"modified": "2015-09-29T18:27:56.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.140.198.134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82c-c0c8-4819-aede-46cd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:56.000Z",
"modified": "2015-09-29T18:27:56.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '72.93.243.242']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82c-3c98-49c9-bd29-4377950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:56.000Z",
"modified": "2015-09-29T18:27:56.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.32.0.48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82d-e8a4-4a4a-82a1-43fe950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:57.000Z",
"modified": "2015-09-29T18:27:57.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.214.140.159']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82d-acf4-4552-bad2-47c7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:57.000Z",
"modified": "2015-09-29T18:27:57.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '36.72.199.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82d-1208-4858-a468-4e0f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:57.000Z",
"modified": "2015-09-29T18:27:57.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.32.0.47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82e-6f78-4244-a6b2-4166950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:58.000Z",
"modified": "2015-09-29T18:27:58.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.25.19.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82e-d710-49cc-935a-44cf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:58.000Z",
"modified": "2015-09-29T18:27:58.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.32.0.46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad82e-4b4c-4cf1-ad94-47b6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:27:58.000Z",
"modified": "2015-09-29T18:27:58.000Z",
"description": "NetBus trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.32.0.41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:27:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad843-5bec-42f7-af01-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:19.000Z",
"modified": "2015-09-29T18:28:19.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.234.26.230']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad843-1bb0-4adb-b688-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:19.000Z",
"modified": "2015-09-29T18:28:19.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.67.102.233']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad843-9e84-4fd8-9030-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:19.000Z",
"modified": "2015-09-29T18:28:19.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.35.132.94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad844-45d0-42d8-8c8d-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:20.000Z",
"modified": "2015-09-29T18:28:20.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.134.131.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad844-f010-41eb-a9a0-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:20.000Z",
"modified": "2015-09-29T18:28:20.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '71.92.115.215']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad844-9ca8-4eaa-8bff-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:20.000Z",
"modified": "2015-09-29T18:28:20.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.186.62.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad845-d0f8-425c-ac3c-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:21.000Z",
"modified": "2015-09-29T18:28:21.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.143.13.201']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad845-949c-441d-a7e4-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:21.000Z",
"modified": "2015-09-29T18:28:21.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.235.17.166']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad845-9f80-4467-abdb-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:21.000Z",
"modified": "2015-09-29T18:28:21.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.81.157.49']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad846-a284-4ab5-be65-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:22.000Z",
"modified": "2015-09-29T18:28:22.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.253.110.4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad846-53d4-47e5-83a4-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:22.000Z",
"modified": "2015-09-29T18:28:22.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.171.184.175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad846-241c-4f13-86be-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:22.000Z",
"modified": "2015-09-29T18:28:22.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.2.204.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad847-1ed4-4912-b5be-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:23.000Z",
"modified": "2015-09-29T18:28:23.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.142.158.77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad847-49bc-4422-8275-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:23.000Z",
"modified": "2015-09-29T18:28:23.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.113.115.203']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad847-6c9c-4279-af1b-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:23.000Z",
"modified": "2015-09-29T18:28:23.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.107.41.235']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad848-9e58-42ea-bc60-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:24.000Z",
"modified": "2015-09-29T18:28:24.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '155.133.18.229']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad848-4940-4f7c-90b7-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:24.000Z",
"modified": "2015-09-29T18:28:24.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.160.193.86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad848-735c-4d86-9ffd-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:24.000Z",
"modified": "2015-09-29T18:28:24.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.109.77.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad849-8110-4240-97c3-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:25.000Z",
"modified": "2015-09-29T18:28:25.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.143.7.223']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad849-7fc4-450a-9de8-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:25.000Z",
"modified": "2015-09-29T18:28:25.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '182.221.108.45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad849-e668-4584-a888-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:25.000Z",
"modified": "2015-09-29T18:28:25.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.161.20.132']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84a-0f90-4078-ba25-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:26.000Z",
"modified": "2015-09-29T18:28:26.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.49.224.244']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84a-9800-460b-a3eb-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:26.000Z",
"modified": "2015-09-29T18:28:26.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.102.121.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84b-424c-4800-b0b2-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:27.000Z",
"modified": "2015-09-29T18:28:27.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.103.109.110']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84b-1eac-4afe-aa7e-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:27.000Z",
"modified": "2015-09-29T18:28:27.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.105.202.59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84b-8770-4d1b-b078-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:27.000Z",
"modified": "2015-09-29T18:28:27.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.8.19.222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84c-90c0-4a8f-af93-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:28.000Z",
"modified": "2015-09-29T18:28:28.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.171.189.72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84c-357c-4564-91b7-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:28.000Z",
"modified": "2015-09-29T18:28:28.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.9.53.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84c-0384-4590-866e-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:28.000Z",
"modified": "2015-09-29T18:28:28.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.18.22.83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84d-11c0-4187-9d1d-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:29.000Z",
"modified": "2015-09-29T18:28:29.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '189.31.116.123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84d-f4b4-4af3-b816-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:29.000Z",
"modified": "2015-09-29T18:28:29.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.35.150.81']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84d-ab58-4440-8b58-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:29.000Z",
"modified": "2015-09-29T18:28:29.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.205.118.108']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84e-653c-4f45-afc6-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:30.000Z",
"modified": "2015-09-29T18:28:30.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '110.171.79.219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84e-38d4-494c-af41-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:30.000Z",
"modified": "2015-09-29T18:28:30.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.67.99.230']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84e-17e0-41f4-8b28-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:30.000Z",
"modified": "2015-09-29T18:28:30.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.155.144.255']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84f-87c0-4df9-a3e1-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:31.000Z",
"modified": "2015-09-29T18:28:31.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.53.191.124']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84f-f91c-474a-b297-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:31.000Z",
"modified": "2015-09-29T18:28:31.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.142.66.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad84f-5120-479f-89b1-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:31.000Z",
"modified": "2015-09-29T18:28:31.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.9.69.53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad850-56fc-427e-9428-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:32.000Z",
"modified": "2015-09-29T18:28:32.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.115.70.97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad850-7ce4-45b5-b3a2-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:32.000Z",
"modified": "2015-09-29T18:28:32.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '200.203.22.152']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad850-1074-4348-b9c6-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:32.000Z",
"modified": "2015-09-29T18:28:32.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.103.129.51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad851-876c-4a08-94c0-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:33.000Z",
"modified": "2015-09-29T18:28:33.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.2.64.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad851-11a4-42d7-b69e-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:33.000Z",
"modified": "2015-09-29T18:28:33.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.159.24']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad851-4d58-462c-b6e1-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:33.000Z",
"modified": "2015-09-29T18:28:33.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.144.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad852-395c-456c-8061-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:34.000Z",
"modified": "2015-09-29T18:28:34.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.109.116.185']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad852-3454-4c77-9db4-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:34.000Z",
"modified": "2015-09-29T18:28:34.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.102.98.161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad852-3f40-427b-a2d6-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:34.000Z",
"modified": "2015-09-29T18:28:34.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.152.241']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad853-7100-4761-bb4c-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:35.000Z",
"modified": "2015-09-29T18:28:35.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.217.122.5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad853-8758-4750-aded-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:35.000Z",
"modified": "2015-09-29T18:28:35.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.145.152']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad854-a2c0-4bfd-8c52-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:35.000Z",
"modified": "2015-09-29T18:28:35.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.1.40.32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad854-c3c0-4b85-8903-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:36.000Z",
"modified": "2015-09-29T18:28:36.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.43.215.56']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad854-d108-437c-a6ed-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:36.000Z",
"modified": "2015-09-29T18:28:36.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.98.73.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad855-5cb4-47f6-b4e2-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:37.000Z",
"modified": "2015-09-29T18:28:37.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.104.28.148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad855-1570-411a-b0fc-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:37.000Z",
"modified": "2015-09-29T18:28:37.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.239.136.247']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad855-6698-44b7-95f2-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:37.000Z",
"modified": "2015-09-29T18:28:37.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.250.97.34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad856-2064-428f-a2e3-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:38.000Z",
"modified": "2015-09-29T18:28:38.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.149.11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad856-ae84-4e11-b393-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:38.000Z",
"modified": "2015-09-29T18:28:38.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.239.8.123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad856-ebc0-4f98-9e80-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:38.000Z",
"modified": "2015-09-29T18:28:38.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.180.164.239']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad857-2e6c-4a4c-b718-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:39.000Z",
"modified": "2015-09-29T18:28:39.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.225.94.238']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad857-3cac-4222-b321-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:39.000Z",
"modified": "2015-09-29T18:28:39.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.102.11.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad857-17d8-480c-ba31-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:39.000Z",
"modified": "2015-09-29T18:28:39.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.151.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad858-1a8c-43c1-af12-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:40.000Z",
"modified": "2015-09-29T18:28:40.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.103.125.243']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad858-2d24-4e5b-b1ee-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:40.000Z",
"modified": "2015-09-29T18:28:40.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.155.90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad858-3870-40ad-9fd2-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:40.000Z",
"modified": "2015-09-29T18:28:40.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.103.159.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad859-2e78-4ef2-8ba8-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:41.000Z",
"modified": "2015-09-29T18:28:41.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.149.246']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad859-dfb4-4ceb-9d14-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:41.000Z",
"modified": "2015-09-29T18:28:41.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.102.178.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85a-084c-4d38-b8c6-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:42.000Z",
"modified": "2015-09-29T18:28:42.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '87.64.185.194']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85a-5218-4bbf-bbb4-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:42.000Z",
"modified": "2015-09-29T18:28:42.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '187.122.130.143']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85a-a7f4-4997-b159-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:42.000Z",
"modified": "2015-09-29T18:28:42.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.32.28.214']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85b-e5a4-432f-b6db-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:43.000Z",
"modified": "2015-09-29T18:28:43.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.196.202.96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85b-407c-41a2-9d79-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:43.000Z",
"modified": "2015-09-29T18:28:43.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.234.104.156']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85b-4204-48d6-9f2a-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:43.000Z",
"modified": "2015-09-29T18:28:43.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.102.15.63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85c-e7f4-459f-91ba-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:44.000Z",
"modified": "2015-09-29T18:28:44.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.230.117.94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85c-9fcc-4769-a0d0-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:44.000Z",
"modified": "2015-09-29T18:28:44.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '45.217.45.206']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85c-ba8c-4d6b-9149-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:44.000Z",
"modified": "2015-09-29T18:28:44.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.100.87.253']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85d-04bc-4025-9ec2-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:45.000Z",
"modified": "2015-09-29T18:28:45.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.102.242.27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85d-5268-43ed-8fdd-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:45.000Z",
"modified": "2015-09-29T18:28:45.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.236.224.74']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85d-02ac-451d-866c-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:45.000Z",
"modified": "2015-09-29T18:28:45.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '38.103.14.132']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85e-058c-4da6-aee0-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:46.000Z",
"modified": "2015-09-29T18:28:46.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.204.214.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85e-d974-43c5-bb6f-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:46.000Z",
"modified": "2015-09-29T18:28:46.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.102.137.143']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad85e-a724-47bd-9bca-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:28:46.000Z",
"modified": "2015-09-29T18:28:46.000Z",
"description": "njRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.102.103.254']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:28:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad873-a020-4c02-bf4f-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:07.000Z",
"modified": "2015-09-29T18:29:07.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.201.211.213']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad873-6744-4d50-9636-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:07.000Z",
"modified": "2015-09-29T18:29:07.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.13.164.52']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad873-5f08-49e0-a9ab-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:07.000Z",
"modified": "2015-09-29T18:29:07.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.165.11.140']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad874-5e30-435e-8997-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:08.000Z",
"modified": "2015-09-29T18:29:08.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.8.116.226']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad874-aa4c-4cb3-b191-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:08.000Z",
"modified": "2015-09-29T18:29:08.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.77.2.231']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad874-9ba4-4601-899c-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:08.000Z",
"modified": "2015-09-29T18:29:08.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '54.173.101.99']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad875-0d24-4afe-b0f8-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:09.000Z",
"modified": "2015-09-29T18:29:09.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '196.202.102.27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad875-0988-468d-b624-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:09.000Z",
"modified": "2015-09-29T18:29:09.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.6.59.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad876-cbec-4196-b61b-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:10.000Z",
"modified": "2015-09-29T18:29:10.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.50.245.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad876-6f08-4bd0-97d6-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:10.000Z",
"modified": "2015-09-29T18:29:10.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.167.98.209']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad876-8d8c-4256-8a49-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:10.000Z",
"modified": "2015-09-29T18:29:10.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.12.175.181']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad877-1e68-442d-bed5-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:11.000Z",
"modified": "2015-09-29T18:29:11.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.44.210.108']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad888-fbc0-4d75-8f05-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:28.000Z",
"modified": "2015-09-29T18:29:28.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.20.206.41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad888-66ac-4b87-a98a-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:28.000Z",
"modified": "2015-09-29T18:29:28.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.170.116.15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad889-e2d8-41a2-bc33-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:29.000Z",
"modified": "2015-09-29T18:29:29.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.54.23.128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad889-f0b0-4cee-91dd-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:29.000Z",
"modified": "2015-09-29T18:29:29.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.48.61.230']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad889-e9b4-471f-a33d-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:29.000Z",
"modified": "2015-09-29T18:29:29.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.135.198.4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88a-d8bc-431e-8687-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:30.000Z",
"modified": "2015-09-29T18:29:30.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.35.81.154']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88a-d79c-4995-aff4-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:30.000Z",
"modified": "2015-09-29T18:29:30.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.222.105.28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88a-2dbc-4ac6-a6ca-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:30.000Z",
"modified": "2015-09-29T18:29:30.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.125.139.73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88b-c394-480e-8473-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:31.000Z",
"modified": "2015-09-29T18:29:31.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.0.70.228']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88b-00c0-4224-ad51-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:31.000Z",
"modified": "2015-09-29T18:29:31.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.99.152.112']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88b-7de0-4877-bf27-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:31.000Z",
"modified": "2015-09-29T18:29:31.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.48.183.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88c-3630-4721-b7c2-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:32.000Z",
"modified": "2015-09-29T18:29:32.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '210.213.199.9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88c-05b8-4b81-a10b-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:32.000Z",
"modified": "2015-09-29T18:29:32.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.161.1.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88d-4088-44c9-a131-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:33.000Z",
"modified": "2015-09-29T18:29:33.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.98.147.115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88d-db54-4849-953d-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:33.000Z",
"modified": "2015-09-29T18:29:33.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.30.237.11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88d-6f00-4400-b573-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:33.000Z",
"modified": "2015-09-29T18:29:33.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.108.51.79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88e-6a20-4e8b-9826-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:34.000Z",
"modified": "2015-09-29T18:29:34.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.179.12.45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88e-a9bc-44eb-b35f-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:34.000Z",
"modified": "2015-09-29T18:29:34.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.166.161.71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88e-d190-456e-95c1-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:34.000Z",
"modified": "2015-09-29T18:29:34.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.196.21.115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88f-a460-495e-908e-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:35.000Z",
"modified": "2015-09-29T18:29:35.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.204.1.19']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad88f-e308-47df-aaa5-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:35.000Z",
"modified": "2015-09-29T18:29:35.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.240.69.48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad890-8bc0-4a5b-9da3-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:36.000Z",
"modified": "2015-09-29T18:29:36.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.235.22.47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad890-cf7c-46e8-ac3c-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:36.000Z",
"modified": "2015-09-29T18:29:36.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.1.66.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad890-14f0-4ff7-920e-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:36.000Z",
"modified": "2015-09-29T18:29:36.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.108.155.28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad891-7a44-43f7-b2f4-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:37.000Z",
"modified": "2015-09-29T18:29:37.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.24.6.159']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad891-f72c-479a-a97f-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:37.000Z",
"modified": "2015-09-29T18:29:37.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.59.136.95']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad891-3220-43cd-8ef9-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:37.000Z",
"modified": "2015-09-29T18:29:37.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.158.177.101']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad892-4a68-4603-8c16-9b03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:29:38.000Z",
"modified": "2015-09-29T18:29:38.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150818.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '201.222.141.206']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:29:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad8fd-3d04-4546-8243-cf65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:31:25.000Z",
"modified": "2015-09-29T18:31:25.000Z",
"description": "BlackShades trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.236.116.144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:31:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad927-9cc4-42cf-8862-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:07.000Z",
"modified": "2015-09-29T18:32:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.12.85.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad928-2518-44ca-a96d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:08.000Z",
"modified": "2015-09-29T18:32:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '138.75.207.188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad928-0ed8-4af2-aa6f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:08.000Z",
"modified": "2015-09-29T18:32:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.240.78.181']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad929-3640-4081-8f68-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:09.000Z",
"modified": "2015-09-29T18:32:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.44.107.15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad929-98d8-44dc-b518-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:09.000Z",
"modified": "2015-09-29T18:32:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '87.104.144.118']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad929-08d0-42f0-82ae-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:09.000Z",
"modified": "2015-09-29T18:32:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.36.38.62']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92a-19e4-4cb7-b8c7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:10.000Z",
"modified": "2015-09-29T18:32:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.214.24.12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92a-72d0-494d-8150-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:10.000Z",
"modified": "2015-09-29T18:32:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.49.178.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92a-7510-4ce3-b268-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:10.000Z",
"modified": "2015-09-29T18:32:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '24.156.113.231']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92b-a798-4f34-8b87-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:11.000Z",
"modified": "2015-09-29T18:32:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.180.96.155']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92b-2564-4a53-9bbb-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:11.000Z",
"modified": "2015-09-29T18:32:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.237.164.252']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92c-a5c8-4d66-9bc5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:12.000Z",
"modified": "2015-09-29T18:32:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.11.94.119']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92c-d3f8-4af8-b6cd-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:12.000Z",
"modified": "2015-09-29T18:32:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '182.64.163.230']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92c-b4f0-4c2b-a40d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:12.000Z",
"modified": "2015-09-29T18:32:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.242.36.72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92d-255c-4752-b37c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:13.000Z",
"modified": "2015-09-29T18:32:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.62.153.139']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92d-8e40-4475-9631-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:13.000Z",
"modified": "2015-09-29T18:32:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.65.62.17']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92d-faf4-4b84-92f7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:13.000Z",
"modified": "2015-09-29T18:32:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.81.158.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92e-bc40-415b-a4d8-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:14.000Z",
"modified": "2015-09-29T18:32:14.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '49.205.167.167']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92e-9c88-49ee-89b1-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:14.000Z",
"modified": "2015-09-29T18:32:14.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.49.157.216']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92f-1348-49cb-8064-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:15.000Z",
"modified": "2015-09-29T18:32:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.199.161.21']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92f-0fe4-4f33-a7a9-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:15.000Z",
"modified": "2015-09-29T18:32:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.254.88.0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad92f-7210-4a49-be68-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:15.000Z",
"modified": "2015-09-29T18:32:15.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.190.223.92']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad930-00b8-4de9-b2c8-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:16.000Z",
"modified": "2015-09-29T18:32:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.236.130.78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad930-501c-4f74-93e7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:16.000Z",
"modified": "2015-09-29T18:32:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.34.152.60']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad930-0f0c-492c-a7ee-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:16.000Z",
"modified": "2015-09-29T18:32:16.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.53.82.151']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad931-2fe4-4f20-8d60-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:17.000Z",
"modified": "2015-09-29T18:32:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.203.114.173']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad931-1648-4ddf-9701-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:17.000Z",
"modified": "2015-09-29T18:32:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.242.38.227']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad931-5a9c-4f42-970f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:17.000Z",
"modified": "2015-09-29T18:32:17.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.232.37.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad932-8e88-4aa4-af4f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:18.000Z",
"modified": "2015-09-29T18:32:18.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.233.196.241']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad932-0540-44d8-946d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:18.000Z",
"modified": "2015-09-29T18:32:18.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.204.187.149']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad933-2120-495d-91ba-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:19.000Z",
"modified": "2015-09-29T18:32:19.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.183.24.132']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad933-a4fc-42f4-b75d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:19.000Z",
"modified": "2015-09-29T18:32:19.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.103.114.161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad934-7424-420f-8393-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:20.000Z",
"modified": "2015-09-29T18:32:20.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.198.180.77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad934-e34c-40c3-8a92-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:20.000Z",
"modified": "2015-09-29T18:32:20.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.225.48.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad935-6d48-4c1f-a147-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:21.000Z",
"modified": "2015-09-29T18:32:21.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '128.69.129.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad935-16dc-47a6-a4e6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:21.000Z",
"modified": "2015-09-29T18:32:21.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.65.139.223']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad935-c194-49d3-a412-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:21.000Z",
"modified": "2015-09-29T18:32:21.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.190.225.164']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad936-70fc-43cb-98cc-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:22.000Z",
"modified": "2015-09-29T18:32:22.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.110.203.148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad936-567c-49fd-896a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:22.000Z",
"modified": "2015-09-29T18:32:22.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.177.143.175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad936-2010-453f-9db1-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:22.000Z",
"modified": "2015-09-29T18:32:22.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.76.247.159']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad937-09dc-4001-83c8-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:23.000Z",
"modified": "2015-09-29T18:32:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.237.245.227']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad937-98ac-4085-8155-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:23.000Z",
"modified": "2015-09-29T18:32:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.53.9.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad937-b1c0-4662-b151-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:23.000Z",
"modified": "2015-09-29T18:32:23.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '70.53.205.74']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad938-c758-4e2e-b9c6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:24.000Z",
"modified": "2015-09-29T18:32:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.236.116.134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad938-439c-418d-862a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:24.000Z",
"modified": "2015-09-29T18:32:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.123.45.50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad938-53d0-4098-b73e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:24.000Z",
"modified": "2015-09-29T18:32:24.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '59.101.142.52']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad939-9c54-4f90-965b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:25.000Z",
"modified": "2015-09-29T18:32:25.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.43.196.11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad939-3838-4c8d-9de8-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:25.000Z",
"modified": "2015-09-29T18:32:25.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.96.26.142']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93a-c610-428c-9e47-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:26.000Z",
"modified": "2015-09-29T18:32:26.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '122.37.144.96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93a-0478-472d-a88b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:26.000Z",
"modified": "2015-09-29T18:32:26.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '27.6.32.115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93a-4884-4119-820d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:26.000Z",
"modified": "2015-09-29T18:32:26.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.238.226.87']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93b-3cbc-4bce-be2e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:27.000Z",
"modified": "2015-09-29T18:32:27.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.184.221.240']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93b-9f34-46ff-9c10-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:27.000Z",
"modified": "2015-09-29T18:32:27.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '98.245.171.87']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93b-65dc-4e88-85a9-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:27.000Z",
"modified": "2015-09-29T18:32:27.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.196.209.121']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93c-39a0-4055-9767-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:28.000Z",
"modified": "2015-09-29T18:32:28.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.152.162.134']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93c-a9f0-4b73-89a0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:28.000Z",
"modified": "2015-09-29T18:32:28.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.240.131.155']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93c-9268-459e-b228-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:28.000Z",
"modified": "2015-09-29T18:32:28.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.204.223.13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93d-ff60-46ef-a312-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:29.000Z",
"modified": "2015-09-29T18:32:29.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.172.221.31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93d-dd78-4e7e-8a28-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:29.000Z",
"modified": "2015-09-29T18:32:29.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.56.80.169']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93e-3838-4daa-9c9f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:30.000Z",
"modified": "2015-09-29T18:32:30.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '121.97.204.225']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93e-4c68-4c76-952d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:30.000Z",
"modified": "2015-09-29T18:32:30.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.56.80.184']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93e-fa10-46c1-83b7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:30.000Z",
"modified": "2015-09-29T18:32:30.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.152.162.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93f-69ec-48f5-b74a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:31.000Z",
"modified": "2015-09-29T18:32:31.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '174.135.22.224']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad93f-8e2c-43ce-aa26-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:31.000Z",
"modified": "2015-09-29T18:32:31.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.193.241.79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad940-c8f0-4998-8ba7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:32.000Z",
"modified": "2015-09-29T18:32:32.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.183.28.117']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad940-0ebc-480d-9957-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:32.000Z",
"modified": "2015-09-29T18:32:32.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.162.215.77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad940-9e28-4dd3-8b2f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:32.000Z",
"modified": "2015-09-29T18:32:32.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.167.73.1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad941-94c0-4453-afca-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:33.000Z",
"modified": "2015-09-29T18:32:33.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.200.183.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad941-23b4-40a1-934e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:33.000Z",
"modified": "2015-09-29T18:32:33.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.231.158.143']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad942-0060-4e7f-a098-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:34.000Z",
"modified": "2015-09-29T18:32:34.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.60.31.48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad942-5818-4e08-9ae5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:34.000Z",
"modified": "2015-09-29T18:32:34.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '218.111.66.11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad942-c7bc-4624-899a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:34.000Z",
"modified": "2015-09-29T18:32:34.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.11.181.211']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad943-44ec-437e-a355-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:35.000Z",
"modified": "2015-09-29T18:32:35.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.54.15.99']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad943-cef0-4d8c-b0b4-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:35.000Z",
"modified": "2015-09-29T18:32:35.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.206.76.121']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad943-433c-4555-8b9c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:35.000Z",
"modified": "2015-09-29T18:32:35.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.42.31.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad944-a48c-49a3-8327-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:36.000Z",
"modified": "2015-09-29T18:32:36.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.187.220.99']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad944-6da8-4b75-94c1-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:36.000Z",
"modified": "2015-09-29T18:32:36.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.2.87.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad944-fc50-42d7-bc47-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:36.000Z",
"modified": "2015-09-29T18:32:36.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.143.198.48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad945-3d98-40fa-8a4f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:37.000Z",
"modified": "2015-09-29T18:32:37.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.3.87.237']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad945-5050-473e-ba85-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:37.000Z",
"modified": "2015-09-29T18:32:37.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.64.170.212']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad945-3cc4-4b7d-9349-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:37.000Z",
"modified": "2015-09-29T18:32:37.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '47.18.6.88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad946-def4-41fb-bb1e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:38.000Z",
"modified": "2015-09-29T18:32:38.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.226.11.127']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad946-9f3c-43f7-b027-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:38.000Z",
"modified": "2015-09-29T18:32:38.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.14.173.23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad946-9af8-45be-b01c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:38.000Z",
"modified": "2015-09-29T18:32:38.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '77.106.106.170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad947-23d4-4104-a9b4-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:39.000Z",
"modified": "2015-09-29T18:32:39.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.157.79.0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad947-cc7c-4950-9004-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:39.000Z",
"modified": "2015-09-29T18:32:39.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '122.62.233.222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad947-5c14-451d-b68f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:39.000Z",
"modified": "2015-09-29T18:32:39.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '90.148.87.148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad948-d1bc-4302-a975-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:40.000Z",
"modified": "2015-09-29T18:32:40.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.208.129.241']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad948-141c-4862-b51c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:40.000Z",
"modified": "2015-09-29T18:32:40.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '149.210.241.254']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad948-78b4-4c68-bb14-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:40.000Z",
"modified": "2015-09-29T18:32:40.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '159.224.30.193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad949-2ecc-4aca-8c2b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:41.000Z",
"modified": "2015-09-29T18:32:41.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '27.6.38.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad949-8374-46c7-98eb-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:41.000Z",
"modified": "2015-09-29T18:32:41.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.145.204.45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94a-99d8-4e18-b20f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:42.000Z",
"modified": "2015-09-29T18:32:42.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '180.22.21.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94a-5cf4-4596-b685-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:42.000Z",
"modified": "2015-09-29T18:32:42.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.168.235.254']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94b-6290-4a5b-a20d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:43.000Z",
"modified": "2015-09-29T18:32:43.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.118.152.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94b-3930-4719-8888-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:43.000Z",
"modified": "2015-09-29T18:32:43.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.24.28.81']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94b-e728-4ddf-9e41-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:43.000Z",
"modified": "2015-09-29T18:32:43.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.81.103.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94c-df98-4321-aa22-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:44.000Z",
"modified": "2015-09-29T18:32:44.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '196.47.146.92']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94d-06c8-461b-a42a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:45.000Z",
"modified": "2015-09-29T18:32:45.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.200.144.97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94d-f0dc-4562-a8b5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:45.000Z",
"modified": "2015-09-29T18:32:45.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.153.94.121']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94d-b530-4635-8fe1-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:45.000Z",
"modified": "2015-09-29T18:32:45.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.24.179.229']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94e-ed08-4e8d-96cf-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:46.000Z",
"modified": "2015-09-29T18:32:46.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.84.197.207']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94e-cb20-45fa-846a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:46.000Z",
"modified": "2015-09-29T18:32:46.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.103.238.44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94e-8ff8-469b-9c56-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:46.000Z",
"modified": "2015-09-29T18:32:46.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.26.205.161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94f-a4b8-4dde-a545-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:47.000Z",
"modified": "2015-09-29T18:32:47.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '87.113.161.219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad94f-116c-406f-85ba-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:47.000Z",
"modified": "2015-09-29T18:32:47.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.245.40.139']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad950-97a0-426d-bf28-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:48.000Z",
"modified": "2015-09-29T18:32:48.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.108.96.17']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad950-a348-4951-a51e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:48.000Z",
"modified": "2015-09-29T18:32:48.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.109.113.78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad950-73e0-425d-91b8-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:48.000Z",
"modified": "2015-09-29T18:32:48.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.135.38.164']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad951-1080-4bef-a678-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:49.000Z",
"modified": "2015-09-29T18:32:49.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.183.233.88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad951-0da0-4dfb-9221-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:49.000Z",
"modified": "2015-09-29T18:32:49.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.174.171.122']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad952-67e4-4f00-bad5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:50.000Z",
"modified": "2015-09-29T18:32:50.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.74.226.96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad952-3c04-4f92-8d9a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:50.000Z",
"modified": "2015-09-29T18:32:50.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.148.154.201']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad952-3cb8-4a63-ae9e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:50.000Z",
"modified": "2015-09-29T18:32:50.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.66.42.63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad953-4f9c-4009-9886-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:51.000Z",
"modified": "2015-09-29T18:32:51.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.228.155.151']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad953-1f60-49d8-b1c2-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:51.000Z",
"modified": "2015-09-29T18:32:51.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '88.227.237.240']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad953-fef8-437b-93d0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:51.000Z",
"modified": "2015-09-29T18:32:51.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.232.192.177']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad954-209c-400b-81c7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:52.000Z",
"modified": "2015-09-29T18:32:52.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.46.37.92']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad954-94f4-41b4-b740-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:52.000Z",
"modified": "2015-09-29T18:32:52.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.49.75.72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad955-4dc0-4014-bfca-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:53.000Z",
"modified": "2015-09-29T18:32:53.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.19.4.206']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad955-12f4-4c47-898e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:53.000Z",
"modified": "2015-09-29T18:32:53.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.240.254.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad955-3a54-4a8b-8ee3-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:53.000Z",
"modified": "2015-09-29T18:32:53.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '98.225.41.50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad956-8164-4914-9d72-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:54.000Z",
"modified": "2015-09-29T18:32:54.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.92.151.175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad956-ec38-4d59-b129-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:54.000Z",
"modified": "2015-09-29T18:32:54.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.165.169.229']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad956-df74-4ceb-b639-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:54.000Z",
"modified": "2015-09-29T18:32:54.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '108.7.22.130']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad957-3574-4f42-99ac-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:55.000Z",
"modified": "2015-09-29T18:32:55.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.33.174.21']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad957-5850-4940-88fd-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:55.000Z",
"modified": "2015-09-29T18:32:55.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.206.79.82']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad957-9c08-44a5-913d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:55.000Z",
"modified": "2015-09-29T18:32:55.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.99.241.29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad958-0680-4f7f-b189-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:56.000Z",
"modified": "2015-09-29T18:32:56.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.204.243.245']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad958-d274-4acd-b075-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:56.000Z",
"modified": "2015-09-29T18:32:56.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.1.49.128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad959-72b8-411b-a764-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:57.000Z",
"modified": "2015-09-29T18:32:57.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.66.30.187']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad959-69bc-489b-8f46-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:57.000Z",
"modified": "2015-09-29T18:32:57.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.62.154.78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95a-bce4-468d-9149-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:58.000Z",
"modified": "2015-09-29T18:32:58.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '191.54.141.59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95a-5134-4eaa-afd2-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:58.000Z",
"modified": "2015-09-29T18:32:58.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '143.177.104.99']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95a-1e58-45ed-bba4-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:58.000Z",
"modified": "2015-09-29T18:32:58.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.24.208.192']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95b-f868-4ace-92ab-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:59.000Z",
"modified": "2015-09-29T18:32:59.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.8.162.148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95b-345c-480b-93d6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:32:59.000Z",
"modified": "2015-09-29T18:32:59.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '189.235.208.83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:32:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95c-1c90-4c45-8977-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:00.000Z",
"modified": "2015-09-29T18:33:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.102.164.212']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95c-cfb0-47a8-b73d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:00.000Z",
"modified": "2015-09-29T18:33:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.232.237.94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95c-96d8-4428-bca6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:00.000Z",
"modified": "2015-09-29T18:33:00.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.156.224.88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95d-d4d0-4ff0-8269-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:01.000Z",
"modified": "2015-09-29T18:33:01.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.232.249.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95d-9fdc-436c-b88e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:01.000Z",
"modified": "2015-09-29T18:33:01.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.169.229.165']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95e-f7cc-4454-805b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:02.000Z",
"modified": "2015-09-29T18:33:02.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.231.220.43']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95e-1534-49db-97a3-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:02.000Z",
"modified": "2015-09-29T18:33:02.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.232.32.17']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95f-9348-41b2-9c42-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:03.000Z",
"modified": "2015-09-29T18:33:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.124.64.115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95f-c8f8-4ff2-aa93-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:03.000Z",
"modified": "2015-09-29T18:33:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.41.154.28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad95f-2f38-4bd5-9686-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:03.000Z",
"modified": "2015-09-29T18:33:03.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '24.158.253.153']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad960-115c-4083-9661-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:04.000Z",
"modified": "2015-09-29T18:33:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.120.169.176']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad960-c01c-4d4d-be8b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:04.000Z",
"modified": "2015-09-29T18:33:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.71.18.146']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad960-f7fc-4d76-9b30-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:04.000Z",
"modified": "2015-09-29T18:33:04.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '128.90.15.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad961-1f80-4433-bf7d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:05.000Z",
"modified": "2015-09-29T18:33:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.148.109.190']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad961-4fcc-4777-9273-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:05.000Z",
"modified": "2015-09-29T18:33:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.190.230.179']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad961-a464-4cf6-b5a0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:05.000Z",
"modified": "2015-09-29T18:33:05.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.0.118.76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad962-5c70-48b1-b1ee-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:06.000Z",
"modified": "2015-09-29T18:33:06.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.135.232.212']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad962-0350-4605-bfcf-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:06.000Z",
"modified": "2015-09-29T18:33:06.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '201.25.171.222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad962-4f1c-4ea6-a29b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:06.000Z",
"modified": "2015-09-29T18:33:06.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '118.71.225.135']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad963-b198-4959-8870-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:07.000Z",
"modified": "2015-09-29T18:33:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '183.89.115.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad963-6ecc-4c5f-ba79-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:07.000Z",
"modified": "2015-09-29T18:33:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.58.146.159']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad963-6af0-4823-93cd-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:07.000Z",
"modified": "2015-09-29T18:33:07.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.11.2.69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad964-ad3c-401c-982e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:08.000Z",
"modified": "2015-09-29T18:33:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.189.132.101']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad964-b1b8-458e-b4bb-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:08.000Z",
"modified": "2015-09-29T18:33:08.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.206.78.239']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad965-2e74-4dc3-b66f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:09.000Z",
"modified": "2015-09-29T18:33:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.175.39.88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad965-e5b4-42a2-b0fe-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:09.000Z",
"modified": "2015-09-29T18:33:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.174.21.154']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad965-22ec-40b0-a74c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:09.000Z",
"modified": "2015-09-29T18:33:09.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.55.224.152']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad966-2854-4122-b2af-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:10.000Z",
"modified": "2015-09-29T18:33:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.17.159.31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad966-21d8-40ba-8789-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:10.000Z",
"modified": "2015-09-29T18:33:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.235.242.26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad966-6598-4f00-9b4f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:10.000Z",
"modified": "2015-09-29T18:33:10.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.132.237.75']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad967-b3c0-4f07-b991-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:11.000Z",
"modified": "2015-09-29T18:33:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.100.84.6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad967-47a4-4d7c-8dd6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:11.000Z",
"modified": "2015-09-29T18:33:11.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.239.12.167']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad968-ae8c-450a-aaad-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:12.000Z",
"modified": "2015-09-29T18:33:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.66.92.86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad968-e268-4810-b265-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:12.000Z",
"modified": "2015-09-29T18:33:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.15.8.144']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad968-acd4-4e93-aae2-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:12.000Z",
"modified": "2015-09-29T18:33:12.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.9.37.168']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad969-49a8-47f0-995d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:13.000Z",
"modified": "2015-09-29T18:33:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.182.206.25']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad969-0a78-4abd-91aa-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:13.000Z",
"modified": "2015-09-29T18:33:13.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '184.75.209.164']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad96a-9318-41a2-a16b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:33:14.000Z",
"modified": "2015-09-29T18:33:14.000Z",
"description": "DarkComet trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.181.217.168']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:33:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9ac-afb8-4f50-b5f7-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:20.000Z",
"modified": "2015-09-29T18:34:20.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '116.123.108.67']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9ad-3fe8-43aa-9ff4-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:21.000Z",
"modified": "2015-09-29T18:34:21.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.178.23.8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9ae-6004-4054-ae0d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:22.000Z",
"modified": "2015-09-29T18:34:22.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.226.99.73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9ae-5ba4-48ef-9c18-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:22.000Z",
"modified": "2015-09-29T18:34:22.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.32.0.5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9af-dea8-4f47-b640-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:23.000Z",
"modified": "2015-09-29T18:34:23.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.226.103.96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9af-4208-4a54-ab3d-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:23.000Z",
"modified": "2015-09-29T18:34:23.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.169.38.114']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9af-2b5c-4b3a-805a-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:23.000Z",
"modified": "2015-09-29T18:34:23.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '62.32.0.15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9b0-e3ac-4816-9eb6-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:24.000Z",
"modified": "2015-09-29T18:34:24.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.226.216.130']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9b0-5258-4ddf-99e0-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:24.000Z",
"modified": "2015-09-29T18:34:24.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.122.235.54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9b1-92fc-42fa-87ad-b3da950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:25.000Z",
"modified": "2015-09-29T18:34:25.000Z",
"description": "NetBus trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.139.220.43']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9c9-ddc0-4755-bb72-494d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:49.000Z",
"modified": "2015-09-29T18:34:49.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.156.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9c9-11a4-44a9-8c30-4889950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:49.000Z",
"modified": "2015-09-29T18:34:49.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '38.99.252.40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9ca-4b3c-47dc-8a26-4c08950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:50.000Z",
"modified": "2015-09-29T18:34:50.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.230.247.6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9ca-7418-4e3f-8e21-46e3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:50.000Z",
"modified": "2015-09-29T18:34:50.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.44.62.240']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cb-ec84-4865-94c4-48b5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:51.000Z",
"modified": "2015-09-29T18:34:51.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.166.160.158']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cb-0e50-4c85-aa61-48a8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:51.000Z",
"modified": "2015-09-29T18:34:51.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.158.117']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cb-91cc-457b-86c8-4a65950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:51.000Z",
"modified": "2015-09-29T18:34:51.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.52.192.40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cc-d208-4e23-9c3b-4d16950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:52.000Z",
"modified": "2015-09-29T18:34:52.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.42.254.106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cc-6d90-4bf5-a73a-4594950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:52.000Z",
"modified": "2015-09-29T18:34:52.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.248.88.241']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cc-3b34-43af-99f1-413d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:52.000Z",
"modified": "2015-09-29T18:34:52.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.205.14.233']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cd-29c4-4529-bc88-49fa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:53.000Z",
"modified": "2015-09-29T18:34:53.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.98.41.12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cd-eea4-4a39-8b22-44ae950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:53.000Z",
"modified": "2015-09-29T18:34:53.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.75.210.80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cd-cf14-4ebd-9046-4f19950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:53.000Z",
"modified": "2015-09-29T18:34:53.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.17.53.21']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9ce-85a0-4ab2-861b-4b73950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:54.000Z",
"modified": "2015-09-29T18:34:54.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.105.155.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9ce-48a0-4157-9930-45d8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:54.000Z",
"modified": "2015-09-29T18:34:54.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.11.46.40']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cf-27b4-4e55-9d18-4bf7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:55.000Z",
"modified": "2015-09-29T18:34:55.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.226.40.28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cf-aab0-4761-ac2d-48e3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:55.000Z",
"modified": "2015-09-29T18:34:55.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.252.37.131']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9cf-da0c-471b-bd3f-4a48950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:55.000Z",
"modified": "2015-09-29T18:34:55.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.5.191.73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d0-cee0-4cbd-8803-4f40950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:56.000Z",
"modified": "2015-09-29T18:34:56.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.150.149']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d0-3b64-4ea1-943c-47d6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:56.000Z",
"modified": "2015-09-29T18:34:56.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.155.147.41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d0-1960-49e5-9c98-44d0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:56.000Z",
"modified": "2015-09-29T18:34:56.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.161.211.246']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d1-7eb4-49c6-8921-4f3c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:57.000Z",
"modified": "2015-09-29T18:34:57.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.82.20.168']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d1-4330-46c4-bf40-4601950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:57.000Z",
"modified": "2015-09-29T18:34:57.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.199.255.151']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d2-c0dc-46f1-b023-4a6e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:58.000Z",
"modified": "2015-09-29T18:34:58.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.141.114.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d2-0590-4ed4-b30e-4b15950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:58.000Z",
"modified": "2015-09-29T18:34:58.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '171.101.83.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d2-9968-4682-97c3-4407950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:58.000Z",
"modified": "2015-09-29T18:34:58.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.102.203.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d3-d01c-489c-967f-4ca0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:59.000Z",
"modified": "2015-09-29T18:34:59.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.246.80.11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d3-dec8-4d8a-b32b-491a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:59.000Z",
"modified": "2015-09-29T18:34:59.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '201.143.10.77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d3-953c-4f03-8a70-4d0d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:34:59.000Z",
"modified": "2015-09-29T18:34:59.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.117.106.68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:34:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d4-e958-479a-a6af-461a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:00.000Z",
"modified": "2015-09-29T18:35:00.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.156.70.243']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d4-278c-4e5c-99b6-4e0d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:00.000Z",
"modified": "2015-09-29T18:35:00.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '82.102.218.90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d4-4b58-442c-8ebd-4525950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:00.000Z",
"modified": "2015-09-29T18:35:00.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.203.134.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d5-be10-4ee5-9ca4-4bdf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:01.000Z",
"modified": "2015-09-29T18:35:01.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.45.79.139']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d5-1b4c-4302-9da9-4ba1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:01.000Z",
"modified": "2015-09-29T18:35:01.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.121.124.177']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d5-1a40-4f4e-930e-4026950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:01.000Z",
"modified": "2015-09-29T18:35:01.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.22.181.199']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d6-3de8-49cb-a81d-4bf3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:02.000Z",
"modified": "2015-09-29T18:35:02.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.137.66.146']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d6-e6a4-479a-8e30-4d2a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:02.000Z",
"modified": "2015-09-29T18:35:02.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.33.96.6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d6-0388-4ba9-99fd-4141950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:02.000Z",
"modified": "2015-09-29T18:35:02.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.151.139']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d7-f078-40f5-bf99-46c6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:03.000Z",
"modified": "2015-09-29T18:35:03.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.254.223.83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d7-8428-4256-aea1-4c33950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:03.000Z",
"modified": "2015-09-29T18:35:03.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.148.252']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d8-1c94-41c0-9413-4eb0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:04.000Z",
"modified": "2015-09-29T18:35:04.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.140.143.83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d8-9c94-4f34-99d0-436e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:04.000Z",
"modified": "2015-09-29T18:35:04.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.237.161.121']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d8-1bcc-4ee3-b616-43e8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:04.000Z",
"modified": "2015-09-29T18:35:04.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.249.154.188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d9-278c-4f7d-a089-41a0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:05.000Z",
"modified": "2015-09-29T18:35:05.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.159.188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d9-77f0-4f1c-aeed-411f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:05.000Z",
"modified": "2015-09-29T18:35:05.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.52.20.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9d9-8878-4152-a178-4587950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:05.000Z",
"modified": "2015-09-29T18:35:05.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.106.30.223']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9da-d560-42ef-8cc7-499f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:06.000Z",
"modified": "2015-09-29T18:35:06.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.225.122.116']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9da-882c-4589-a597-441f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:06.000Z",
"modified": "2015-09-29T18:35:06.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.41.245.5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9da-d380-4e0b-9770-4d84950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:06.000Z",
"modified": "2015-09-29T18:35:06.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.144.198']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9db-2140-493e-b5d2-4989950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:07.000Z",
"modified": "2015-09-29T18:35:07.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '141.255.153.104']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9db-d60c-4c5f-bfb6-489a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:07.000Z",
"modified": "2015-09-29T18:35:07.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.96.83.230']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9db-8cc8-4ba9-b63d-4184950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:07.000Z",
"modified": "2015-09-29T18:35:07.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '201.29.108.107']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9dc-59d4-412a-9d1a-4033950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:08.000Z",
"modified": "2015-09-29T18:35:08.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.0.125.223']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9dc-e7fc-4457-84b4-4826950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:08.000Z",
"modified": "2015-09-29T18:35:08.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.140.236.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9dd-4654-4faf-a913-4554950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:09.000Z",
"modified": "2015-09-29T18:35:09.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.109.116.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9dd-2d20-4efb-9522-4f70950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:09.000Z",
"modified": "2015-09-29T18:35:09.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.118.160.94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560ad9dd-9f04-4246-acde-4906950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:35:09.000Z",
"modified": "2015-09-29T18:35:09.000Z",
"description": "njRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.80.85.170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:35:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adaa7-2558-4b3e-a47d-4dab950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:31.000Z",
"modified": "2015-09-29T18:38:31.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '71.87.33.119']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adaa8-fa48-407e-bdb6-45cd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:32.000Z",
"modified": "2015-09-29T18:38:32.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.165.10.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adaa8-4298-4471-94d0-4a39950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:32.000Z",
"modified": "2015-09-29T18:38:32.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '84.220.68.8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adaa8-d768-4f88-b006-4df0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:32.000Z",
"modified": "2015-09-29T18:38:32.000Z",
"description": "Poison Ivy trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.236.116.106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adabe-015c-43f4-89d8-4272950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:54.000Z",
"modified": "2015-09-29T18:38:54.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.72.132.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adabe-dac8-43fd-8db5-4bda950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:54.000Z",
"modified": "2015-09-29T18:38:54.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '200.186.99.246']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adabf-6a94-42a4-8a34-45fc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:55.000Z",
"modified": "2015-09-29T18:38:55.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.241.65.203']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adabf-8d18-41b3-af7f-429f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:55.000Z",
"modified": "2015-09-29T18:38:55.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.106.34.126']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac0-fad4-45fd-99bd-4992950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:56.000Z",
"modified": "2015-09-29T18:38:56.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '177.183.160.18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac0-ad00-41f2-b55c-4f58950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:56.000Z",
"modified": "2015-09-29T18:38:56.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.90.179.102']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac0-3b18-4d87-b5bf-4d0c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:56.000Z",
"modified": "2015-09-29T18:38:56.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.126.116.61']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac1-4990-4723-9ae3-4536950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:57.000Z",
"modified": "2015-09-29T18:38:57.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.35.148.24']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac1-be30-4200-b14f-4db1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:57.000Z",
"modified": "2015-09-29T18:38:57.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '121.245.78.106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac1-7cd0-4706-8fec-4779950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:57.000Z",
"modified": "2015-09-29T18:38:57.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.244.51.195']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac2-1650-48a7-abc1-4737950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:58.000Z",
"modified": "2015-09-29T18:38:58.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.236.23.28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac2-99b0-491a-b460-43e1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:58.000Z",
"modified": "2015-09-29T18:38:58.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.104.20.93']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac2-1fd0-43c2-9c19-4658950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:58.000Z",
"modified": "2015-09-29T18:38:58.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.77.143.131']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac3-ae38-46f7-a971-4d71950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:59.000Z",
"modified": "2015-09-29T18:38:59.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.2.87.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac3-35dc-4afd-826b-4d89950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:38:59.000Z",
"modified": "2015-09-29T18:38:59.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.202.212.33']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:38:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac4-9e20-417d-a638-4069950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:00.000Z",
"modified": "2015-09-29T18:39:00.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.102.176.102']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac4-66d8-43b7-93cb-4c5b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:00.000Z",
"modified": "2015-09-29T18:39:00.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.125.169.51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac4-5830-46b0-aa15-46a1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:00.000Z",
"modified": "2015-09-29T18:39:00.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.105.117.37']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac5-0ee8-4b84-b125-4315950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:01.000Z",
"modified": "2015-09-29T18:39:01.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '152.250.119.201']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac5-89d8-4b47-ac72-43a1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:01.000Z",
"modified": "2015-09-29T18:39:01.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.108.226.200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac5-a300-4efc-86a8-4763950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:01.000Z",
"modified": "2015-09-29T18:39:01.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.68.30.49']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac6-d360-4384-8233-4828950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:02.000Z",
"modified": "2015-09-29T18:39:02.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.108.212.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac6-1220-4c4a-a938-44f8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:02.000Z",
"modified": "2015-09-29T18:39:02.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '179.35.86.43']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac6-b880-403f-bc0d-413c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:02.000Z",
"modified": "2015-09-29T18:39:02.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.211.239.227']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac7-fbc0-425c-b96f-4224950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:03.000Z",
"modified": "2015-09-29T18:39:03.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '187.79.104.34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac7-a278-47ff-b5c3-481b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:03.000Z",
"modified": "2015-09-29T18:39:03.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '197.6.160.126']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac7-b140-4f00-9c50-421f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:03.000Z",
"modified": "2015-09-29T18:39:03.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.95.255.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adac8-4bd4-45b0-90f0-42c1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:04.000Z",
"modified": "2015-09-29T18:39:04.000Z",
"description": "XtremeRAT trojan - RAT-Controllers-20150918.csv",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.226.218.181']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adaf9-a060-4c2f-bbe7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:53.000Z",
"modified": "2015-09-29T18:39:53.000Z",
"pattern": "[file:hashes.SHA256 = '27989136ce5c5a543a85115f8c360bf12c467ca9f5d24db1b84e7bc22fab1b8c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafa-37b4-4d32-a3f0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:54.000Z",
"modified": "2015-09-29T18:39:54.000Z",
"pattern": "[file:hashes.SHA256 = 'f478e50328f905318e7e2f95d9cfc5773de074c371d1403d5c95a4d53637b994']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafa-1604-4c9a-a280-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:54.000Z",
"modified": "2015-09-29T18:39:54.000Z",
"pattern": "[file:hashes.SHA256 = '5805998f30d7a5a5ef61140d0b61e86fe2fedf195e75124beefb3c831447d8ed']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafa-c29c-443c-9f1a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:54.000Z",
"modified": "2015-09-29T18:39:54.000Z",
"pattern": "[file:hashes.SHA256 = 'd90a53693c2efc4a8442f0bb9aa33a094ce4aac9f536b4b6e247d2f0f7f8943e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafb-1564-451f-9298-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:55.000Z",
"modified": "2015-09-29T18:39:55.000Z",
"pattern": "[file:hashes.SHA256 = '1fd4bc2c7a94c377fabf1b915057e911a4f0e1292ec47aaefc0d196adf582111']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafb-7e6c-4786-a6af-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:55.000Z",
"modified": "2015-09-29T18:39:55.000Z",
"pattern": "[file:hashes.SHA256 = 'e12b45322be430a1355dc4e4f5567cc50b4dbbc48ad2253a9f22c5dc013eaebd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafb-a184-475b-9edd-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:55.000Z",
"modified": "2015-09-29T18:39:55.000Z",
"pattern": "[file:hashes.SHA256 = 'd3818609fdf32437e1c6ff7f28ab1e579df7459209cdc07c43221130a5087e6a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafc-3618-45a9-982b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:56.000Z",
"modified": "2015-09-29T18:39:56.000Z",
"pattern": "[file:hashes.SHA256 = '2ec3a4843a4143dcbc8ab51b9f5d08b9dbb32d1aed09be265d71d443d2039262']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafc-cf2c-4f71-8d12-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:56.000Z",
"modified": "2015-09-29T18:39:56.000Z",
"pattern": "[file:hashes.SHA256 = 'e77e78a514459c50891334b8cb8199ff04cfb151ffa29260516098d12f1267e1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafc-920c-4c17-a34d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:56.000Z",
"modified": "2015-09-29T18:39:56.000Z",
"pattern": "[file:hashes.SHA256 = '9d41cf0ebcca829453644dd63417442640992586234ea3c1b5e212dfa322df58']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafd-9618-4f88-a4a7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:57.000Z",
"modified": "2015-09-29T18:39:57.000Z",
"pattern": "[file:hashes.SHA256 = '5d54ecab41e5fc7a1e3cc22772d3ee7f9f0831238de72b45cca9b4d45f79a952']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafd-bfec-4703-bb9a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:57.000Z",
"modified": "2015-09-29T18:39:57.000Z",
"pattern": "[file:hashes.SHA256 = 'f88711a5dfca2b69cf49a167e5e95de731477e127d3248493b2c218979c64f10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafd-eac0-46b9-9029-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:57.000Z",
"modified": "2015-09-29T18:39:57.000Z",
"pattern": "[file:hashes.SHA256 = '2a10aa2626f4afdade579376ff9dbd0c3d59faf3ad049ae2b512e521ecaa4588']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafe-2898-4264-8810-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:58.000Z",
"modified": "2015-09-29T18:39:58.000Z",
"pattern": "[file:hashes.SHA256 = '8c2eae88d831541e6bafef1c4557694b1611ce4c4fcf82cd565ff5e8eb60f7ba']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafe-ee98-4498-ab75-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:58.000Z",
"modified": "2015-09-29T18:39:58.000Z",
"pattern": "[file:hashes.SHA256 = '96f89ae023dccbebf8bfd49962befb97360c5d0ab60ffcc550a312cb6a1d8205']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adafe-9880-44ad-b54c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:58.000Z",
"modified": "2015-09-29T18:39:58.000Z",
"pattern": "[file:hashes.SHA256 = '6484651244da52bb8825d38d7f21aac2a71bb20ccee1c9e93ec5d24ab590fa11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adaff-9a48-463a-9cf0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:59.000Z",
"modified": "2015-09-29T18:39:59.000Z",
"pattern": "[file:hashes.SHA256 = '9d6cc6254427c9032fa0aef4f42959c8ed8ea746f236c09ab00b0afa21f11e18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adaff-cdf8-4cac-9cef-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:59.000Z",
"modified": "2015-09-29T18:39:59.000Z",
"pattern": "[file:hashes.SHA256 = '5a1605492e82a5fa325fe97f4e859591dc2cbd9c18bec3ad26c1c2ef09e358b5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adaff-c5fc-45ee-ba3a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:39:59.000Z",
"modified": "2015-09-29T18:39:59.000Z",
"pattern": "[file:hashes.SHA256 = '4b3a46074d7d985ba0809039dfcf91031114aef5e3cf28b6dcea00d131eabbf3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:39:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb00-ec54-4643-8ed5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:00.000Z",
"modified": "2015-09-29T18:40:00.000Z",
"pattern": "[file:hashes.SHA256 = 'e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb00-b304-4982-952f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:00.000Z",
"modified": "2015-09-29T18:40:00.000Z",
"pattern": "[file:hashes.SHA256 = 'f351206366b9f263add16413bbdfd035a181d3141ca1e58d2aa5128a594b94c4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb01-0080-4438-8eac-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:00.000Z",
"modified": "2015-09-29T18:40:00.000Z",
"pattern": "[file:hashes.SHA256 = '0b02b38446b4fc57afd1ab12404c371fac5c573be2b2e621b5d932747ee900cc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb01-9840-4561-8467-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:01.000Z",
"modified": "2015-09-29T18:40:01.000Z",
"pattern": "[file:hashes.SHA256 = '8e0e0a6fc42bae18cd59a5ab8f7e8444e5cea45fc8032cb3e45a208668f4e397']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb01-0360-4b54-bcbd-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:01.000Z",
"modified": "2015-09-29T18:40:01.000Z",
"pattern": "[file:hashes.SHA256 = '0fc7034d2974777fa87ad733eb5c2e2f9dae45bb19110be10033a7bc24f47dc3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb02-d4fc-4220-91c5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:02.000Z",
"modified": "2015-09-29T18:40:02.000Z",
"pattern": "[file:hashes.SHA256 = 'b2efb0253290b46c481c3faa86408aea7e0dd0b4e02bde3a7b8c0a2c24838ad8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb02-4560-408f-afd3-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:02.000Z",
"modified": "2015-09-29T18:40:02.000Z",
"pattern": "[file:hashes.SHA256 = 'b5943196abbf03e61427a439fcf85b5ae0c12b8144c5a4c07c9f6a20444c9c78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb02-155c-446c-bff7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:02.000Z",
"modified": "2015-09-29T18:40:02.000Z",
"pattern": "[file:hashes.SHA256 = 'c86d599340ae313766e9f90dd2bcbeade0ec5b455625cb4646036a262d94cf00']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb03-7870-4981-84c4-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:03.000Z",
"modified": "2015-09-29T18:40:03.000Z",
"pattern": "[file:hashes.SHA256 = '7b657480bd8566125cbf65835cccc7f50e111b0dd69c7989db55144447cf27a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb03-6390-42be-a0a8-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:03.000Z",
"modified": "2015-09-29T18:40:03.000Z",
"pattern": "[file:hashes.SHA256 = '0a409e6564ecbec9021d8efa46f09430949f1dfe6d2cda9d8d3f69d75b56debc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb03-3638-49d4-afa1-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:03.000Z",
"modified": "2015-09-29T18:40:03.000Z",
"pattern": "[file:hashes.SHA256 = 'f38d79ac3e02753b532a1c9ab25c9fcd943707b33a8535c455b8bf69a83531be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb04-89d4-472b-a4e6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:04.000Z",
"modified": "2015-09-29T18:40:04.000Z",
"pattern": "[file:hashes.SHA256 = 'eaa0b7b635c53c6411017f6a7a6b6134b6748c816648a66cb345c0ad07cc7a5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb04-9bc4-4d65-80f6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:04.000Z",
"modified": "2015-09-29T18:40:04.000Z",
"pattern": "[file:hashes.SHA256 = 'e4006855ec7c5385712d59a24a2a436249969b46664b0ed2696eb93a4301b40e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb04-8eb4-4a22-87d4-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:04.000Z",
"modified": "2015-09-29T18:40:04.000Z",
"pattern": "[file:hashes.SHA256 = '7b256a4feb703ddb71c4e1954b7bdfcf55d5ea98b463a231700585ae9f3ab9fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb05-cad4-41e6-8348-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:05.000Z",
"modified": "2015-09-29T18:40:05.000Z",
"pattern": "[file:hashes.SHA256 = '04e80d92935a62ea50fddc812af67d653f26b1297ff5aae9e00f0d5989221f16']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb05-b120-4dee-80c6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:05.000Z",
"modified": "2015-09-29T18:40:05.000Z",
"pattern": "[file:hashes.SHA256 = '529b84de281aad5c51425fb765cb3ebfa4fcc8668c5b8d2bfa34df54e3311bea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb05-b934-4699-bf1a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:05.000Z",
"modified": "2015-09-29T18:40:05.000Z",
"pattern": "[file:hashes.SHA256 = '256d1b1e294d90464a5d9bdbffed7633eac78177ed1fbbf04de0ec1645de8d80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb06-8f78-4576-b4ce-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:06.000Z",
"modified": "2015-09-29T18:40:06.000Z",
"pattern": "[file:hashes.SHA256 = '5954cad1f14520f766d2afaa5b4f117213ea6557c9bbf8bc240d0abe48a21dd3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb06-d81c-4317-b391-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:06.000Z",
"modified": "2015-09-29T18:40:06.000Z",
"pattern": "[file:hashes.SHA256 = '1dffb5af3c6718f3435ed6ba62e559b905c130c49ba2d2b54e27e1fd8c4730f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb06-1984-46b1-a25c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:06.000Z",
"modified": "2015-09-29T18:40:06.000Z",
"pattern": "[file:hashes.SHA256 = 'f0bd6a4a3728c955bfb74b1e534d298b3faef9e00b688d96022b063d544499e8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb07-ae90-4d8c-93c1-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:07.000Z",
"modified": "2015-09-29T18:40:07.000Z",
"pattern": "[file:hashes.SHA256 = 'ffb024edcda51e83bad0579fb069ff39deb9f780a910295a8e84aed12c9a273a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb07-46fc-4007-acae-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:07.000Z",
"modified": "2015-09-29T18:40:07.000Z",
"pattern": "[file:hashes.SHA256 = 'e705642623688a534fa6cf4d63edad3f81886cdc1a3eed0f62fa35a25708b532']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb07-09d8-411a-a6d5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:07.000Z",
"modified": "2015-09-29T18:40:07.000Z",
"pattern": "[file:hashes.SHA256 = '4efbd4bbb28759d9b01d86a85d7d5db40091aa867a242d9598158ef101261062']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb08-d280-4802-9ea0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:08.000Z",
"modified": "2015-09-29T18:40:08.000Z",
"pattern": "[file:hashes.SHA256 = '53d210e4071f82b4b738bc7b2b1aae5831a37ae4372dfca3f09336838f50fb94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb08-b740-4d19-adda-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:08.000Z",
"modified": "2015-09-29T18:40:08.000Z",
"pattern": "[file:hashes.SHA256 = '814e455f4bee7cbf103c29a3b6f1a06f7dc3bbe2185f1bf13d29c6e08e33af5c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb08-dcdc-4483-abd0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:08.000Z",
"modified": "2015-09-29T18:40:08.000Z",
"pattern": "[file:hashes.SHA256 = 'e98567419d27849e8e7e7a74f64b8cf981e82b2205bbee20f4b9b63f3d83c6bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb09-980c-4605-8223-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:09.000Z",
"modified": "2015-09-29T18:40:09.000Z",
"pattern": "[file:hashes.SHA256 = '5648b43285cfa6557a7e4b70b31dbd15e7bc6b3643eec9537bea82a0367776b4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb09-86d4-432b-a350-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:09.000Z",
"modified": "2015-09-29T18:40:09.000Z",
"pattern": "[file:hashes.SHA256 = '6d7c3528bf4a6979427476fa069cc4847eba6a634237c11d36143374e3c0d87f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb09-9f5c-4279-a5de-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:09.000Z",
"modified": "2015-09-29T18:40:09.000Z",
"pattern": "[file:hashes.SHA256 = '2b5a5d0754267b92b8b554ebfdd9f4664567fce2843ee253a95f283732e66185']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0a-4db8-4e9b-b369-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:10.000Z",
"modified": "2015-09-29T18:40:10.000Z",
"pattern": "[file:hashes.SHA256 = 'd533467474b94674c8ff4ff0c2cd19cd55152d29f1ecf58ec028e23f46cf779d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0a-6af0-4815-9222-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:10.000Z",
"modified": "2015-09-29T18:40:10.000Z",
"pattern": "[file:hashes.SHA256 = 'c8066ab6a2fcbf4ac541b36921d29e8b4dcbd04df5ac62c6f2a44da8db322317']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0a-f448-40a8-87a4-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:10.000Z",
"modified": "2015-09-29T18:40:10.000Z",
"pattern": "[file:hashes.SHA256 = '848b2c91d158110df33ecb25832825de0bc1e99c945fc74d2a236f6171afda08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0b-becc-4e62-981c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:11.000Z",
"modified": "2015-09-29T18:40:11.000Z",
"pattern": "[file:hashes.SHA256 = 'd79031c1dc82ba24863da8aecf6d452c066875f52e5bf71e912c8e5f3824eff9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0b-6294-48df-b7ce-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:11.000Z",
"modified": "2015-09-29T18:40:11.000Z",
"pattern": "[file:hashes.SHA256 = '67b160dabfeb6537413325f9d8f7284251431fa8066a408955cb574c30e1b762']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0c-0684-4bad-99ae-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:12.000Z",
"modified": "2015-09-29T18:40:12.000Z",
"pattern": "[file:hashes.SHA256 = '32dfff3c64e62fd182c1e22944ba8a92508b987083960be42d27742344e4e843']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0c-7578-47e3-8552-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:12.000Z",
"modified": "2015-09-29T18:40:12.000Z",
"pattern": "[file:hashes.SHA256 = '7181204ad17576bdaf92e198710083d6b80ab4f8962785f89254e0da384c4f9d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0c-0bc8-4aa7-9393-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:12.000Z",
"modified": "2015-09-29T18:40:12.000Z",
"pattern": "[file:hashes.SHA256 = '49614e87a0b76a4a563f25bfda0c2573ee38b4b4c8ca3b2e526746484391489b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0d-9278-4d91-8492-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:13.000Z",
"modified": "2015-09-29T18:40:13.000Z",
"pattern": "[file:hashes.SHA256 = '60396eed12aec83242a5bfc22a6931e53c63c3b98c017b7a39017b1e9631a438']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0d-6a30-4a3b-8707-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:13.000Z",
"modified": "2015-09-29T18:40:13.000Z",
"pattern": "[file:hashes.SHA256 = 'c3993df28edad5933a59f5a1792b2a7359988cbe8043ff5bcfb92d82d5c91d94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0d-11b4-42fb-ad73-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:13.000Z",
"modified": "2015-09-29T18:40:13.000Z",
"pattern": "[file:hashes.SHA256 = 'fc8220350791c1574f0fc5ccef0aac15f5cac5924586760765611dfe879bca4a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0e-5a20-4fe6-91d7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:14.000Z",
"modified": "2015-09-29T18:40:14.000Z",
"pattern": "[file:hashes.SHA256 = '1adc4f09c95abfa7287bfc393550fc7ff1068c2efd331945f7f848bdccf4cb08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0e-d400-44d3-aab7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:14.000Z",
"modified": "2015-09-29T18:40:14.000Z",
"pattern": "[file:hashes.SHA256 = 'b91b48c65d165bfc3013c728a6d2dcc71665c35f407dedc44d56b8354f61d7a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0e-1190-4d07-baa6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:14.000Z",
"modified": "2015-09-29T18:40:14.000Z",
"pattern": "[file:hashes.SHA256 = 'f81d30e97d4073540ec3724f0872759a67b84ec0f5e2f6a4ab2893361d79459e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0f-1770-4c2e-9703-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:15.000Z",
"modified": "2015-09-29T18:40:15.000Z",
"pattern": "[file:hashes.SHA256 = 'ba9e79c84932a56bd5be581d412ad7983f7099213367703e29bea9ee1deb0d69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0f-9188-4e86-9d86-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:15.000Z",
"modified": "2015-09-29T18:40:15.000Z",
"pattern": "[file:hashes.SHA256 = '853074fdb60a0650dbb8fbc9653bedfb3c1bfa45d4420c7b49f283e1588a2ded']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb0f-58e4-44ea-921e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:15.000Z",
"modified": "2015-09-29T18:40:15.000Z",
"pattern": "[file:hashes.SHA256 = '842688e8890b1a95d3a7920e1b3007ea75609372b37d84345211fb8412d1b80e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb10-468c-49d4-a35b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:16.000Z",
"modified": "2015-09-29T18:40:16.000Z",
"pattern": "[file:hashes.SHA256 = '85520da67298838c434440e2f20c63474f5e80f09f5695a93e0f7533547c9f4f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb10-9418-43dd-8c1b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:16.000Z",
"modified": "2015-09-29T18:40:16.000Z",
"pattern": "[file:hashes.SHA256 = '3162ca675eca28160a4431c43afa26efc5d4bd2d05220c7145016bc9f444b1bc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb10-c6d4-4e85-881f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:16.000Z",
"modified": "2015-09-29T18:40:16.000Z",
"pattern": "[file:hashes.SHA256 = 'cc511fd5fb450965ea680d90fc2a56282c52f8ca672fb8584195b4cfc614c223']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb11-82c8-4838-8867-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:17.000Z",
"modified": "2015-09-29T18:40:17.000Z",
"pattern": "[file:hashes.SHA256 = '725933eb961e119e1a2d9ba8da928be65d7e4553d037f745465eaaead54977d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb11-8528-4662-9e8b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:17.000Z",
"modified": "2015-09-29T18:40:17.000Z",
"pattern": "[file:hashes.SHA256 = 'b6d5eb42776bf12e593d31091ad2b69761d3c8594fb7eee787d71410de0a1426']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb11-4f9c-4502-83d9-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:17.000Z",
"modified": "2015-09-29T18:40:17.000Z",
"pattern": "[file:hashes.SHA256 = 'd29e6de5308d741df1ef25933afdca1f07fc8e14f01ad08abaf0ec335526c15b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb12-b430-43af-b3fc-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:18.000Z",
"modified": "2015-09-29T18:40:18.000Z",
"pattern": "[file:hashes.SHA256 = '00a5acef64e2dceb12cf5590f84a493fd12645703a798ecc52ba5a121ff409d1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb12-e440-459c-aa03-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:18.000Z",
"modified": "2015-09-29T18:40:18.000Z",
"pattern": "[file:hashes.SHA256 = '66fcf7b770ca9f62f18c4c30e3d4597b9ba86091d737abb4f83acfd31ed81f4f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb12-5f48-4531-862a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:18.000Z",
"modified": "2015-09-29T18:40:18.000Z",
"pattern": "[file:hashes.SHA256 = '57cbec5317cb03e69bb5c9ffc01852c4bd65e7905ce75b42086715cd72c057fd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb13-1278-4fdc-b603-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:19.000Z",
"modified": "2015-09-29T18:40:19.000Z",
"pattern": "[file:hashes.SHA256 = '23b0edd21973850cdedfad0ad4945165ced7219baed704383146a97370be010e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb13-e988-4be9-b76b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:19.000Z",
"modified": "2015-09-29T18:40:19.000Z",
"pattern": "[file:hashes.SHA256 = 'c55f7e4fe38c3dff91bd235025403e1b57bace8b0f8be024e39fb144c4c2b18b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb13-20d0-43d2-b57c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:19.000Z",
"modified": "2015-09-29T18:40:19.000Z",
"pattern": "[file:hashes.SHA256 = '1060c81ff8769ec6b0e0b69797cfa33a9de71b1a9b77ff7b0e817ed6f3419c4c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb14-c45c-4ed4-b86f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:20.000Z",
"modified": "2015-09-29T18:40:20.000Z",
"pattern": "[file:hashes.SHA256 = '2eca841c80cdbfea098a7b00ce67b3a075050bc704f9f6e73fc15b3e7538c51b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb14-d7ec-44a2-af70-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:20.000Z",
"modified": "2015-09-29T18:40:20.000Z",
"pattern": "[file:hashes.SHA256 = '082b759112d4b1ff8744ae0a57378503790139e80391d552bf13f6d5a1f25ba1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb14-054c-408f-972d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:20.000Z",
"modified": "2015-09-29T18:40:20.000Z",
"pattern": "[file:hashes.SHA256 = '81e93901c6251794a035c30a80bc05b5546ba44c0878d2e9062b0aaedf93eb7c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb15-86b0-430e-802d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:21.000Z",
"modified": "2015-09-29T18:40:21.000Z",
"pattern": "[file:hashes.SHA256 = 'aed8b0be53abc3873bd787751831cc1c3494968496d4c5218193a1001389cacd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb15-fbb8-41e9-9c7a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:21.000Z",
"modified": "2015-09-29T18:40:21.000Z",
"pattern": "[file:hashes.SHA256 = '36637f950c4e8594a61af23117db588baf84fc4d66cd8e76456f6794498074d4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb15-a0e4-4ae8-aefc-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:21.000Z",
"modified": "2015-09-29T18:40:21.000Z",
"pattern": "[file:hashes.SHA256 = '6d8c79824a86f622b5b8557c75a7f6a49688704db365dc33ec24191d60229965']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb16-90d8-4961-8178-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:22.000Z",
"modified": "2015-09-29T18:40:22.000Z",
"pattern": "[file:hashes.SHA256 = 'fff42f45f813aeee6c78b91cd4fad8eda9b5ac1daaba532057caa2f12cf62b21']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb16-dad4-40ed-8a95-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:22.000Z",
"modified": "2015-09-29T18:40:22.000Z",
"pattern": "[file:hashes.SHA256 = '5e3fcc323042fc47d2888d0e9d567bf81a3be72d8b327ad6ced721a269d50156']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb16-5ce8-4a2a-a084-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:22.000Z",
"modified": "2015-09-29T18:40:22.000Z",
"pattern": "[file:hashes.SHA256 = '01c64c90b3d18c0d24e56cf7794e60957b6231eaf05707118a9d033bee08926b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb17-c65c-451b-bcd5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:23.000Z",
"modified": "2015-09-29T18:40:23.000Z",
"pattern": "[file:hashes.SHA256 = 'b02f82d3148ddf6feb293dfbb7b287bcae793ee648b8cd700319521d9e108f2f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb17-2010-4d55-ba88-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:23.000Z",
"modified": "2015-09-29T18:40:23.000Z",
"pattern": "[file:hashes.SHA256 = '64021a7845db7da82a4f181443f7de25a03fad24bd5f5547bab17bfd4a041191']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb18-3cc0-46c1-9205-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:24.000Z",
"modified": "2015-09-29T18:40:24.000Z",
"pattern": "[file:hashes.SHA256 = 'f996b5c6e3272d955965b4763df63a46eb2fd4cea2255844c929a099c6ac6dec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb18-3208-4b7c-ac27-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:24.000Z",
"modified": "2015-09-29T18:40:24.000Z",
"pattern": "[file:hashes.SHA256 = 'ce8159b6dec980e1971b25bc04918e00c8a31675b3f0bb557f80db22ce616944']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb18-45c8-44f6-8d0f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:24.000Z",
"modified": "2015-09-29T18:40:24.000Z",
"pattern": "[file:hashes.SHA256 = 'ee5e08eb83d126701948916b4de29c468541438bad48d0871c29e9b9dac83268']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb19-e130-4d91-82aa-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:25.000Z",
"modified": "2015-09-29T18:40:25.000Z",
"pattern": "[file:hashes.SHA256 = 'f30d236706be7b369aab6f88b4c3965ec995736de972f5d23b74942dc206d9f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb19-39f0-49b7-80ac-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:25.000Z",
"modified": "2015-09-29T18:40:25.000Z",
"pattern": "[file:hashes.SHA256 = 'df07d6065b2f890107704f9944d4b51be895d27da5a85e4691cab076cb7d3e30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb19-17ec-44de-a269-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:25.000Z",
"modified": "2015-09-29T18:40:25.000Z",
"pattern": "[file:hashes.SHA256 = '2f7679a09b70275bc8b73271206179fee0f7d78ebb4a0ba22caffc52aeac7a3f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1a-29f0-4645-885e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:26.000Z",
"modified": "2015-09-29T18:40:26.000Z",
"pattern": "[file:hashes.SHA256 = 'cb457186690b39f2474f786c0ddf6ae64c39668a81c953a2c639d074e48aef63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1a-fd70-4043-a217-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:26.000Z",
"modified": "2015-09-29T18:40:26.000Z",
"pattern": "[file:hashes.SHA256 = '27fb1bb918db5ba845166a118aece1b11ff4d609cbeb5706cd754155a284484d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1a-2948-46bf-ac0b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:26.000Z",
"modified": "2015-09-29T18:40:26.000Z",
"pattern": "[file:hashes.SHA256 = '0b3acfcc16ddb5134031f929db7cf11974b716cc85832e196abc61cb2054e4c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1b-4e50-460a-8b0b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:27.000Z",
"modified": "2015-09-29T18:40:27.000Z",
"pattern": "[file:hashes.SHA256 = 'efaf184a3050507c814304b4a5b2dbe69843c2ca3921d126c89f7a1b2e75d44f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1b-de1c-444f-a4ac-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:27.000Z",
"modified": "2015-09-29T18:40:27.000Z",
"pattern": "[file:hashes.SHA256 = '961c82c349f8f8c3a5c52e2f9ed9f19644cc6a8ce2a316f077c1bc0ea069aa41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1b-6cd0-4270-b8fe-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:27.000Z",
"modified": "2015-09-29T18:40:27.000Z",
"pattern": "[file:hashes.SHA256 = '15e3c8b2cfb1fae0a187233dedbc4c2ae516b5263c8f1e46ff0cff4c4d1e5f75']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1c-d1b8-47be-a896-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:28.000Z",
"modified": "2015-09-29T18:40:28.000Z",
"pattern": "[file:hashes.SHA256 = 'ce5865f9bc79b838a64b72e5a01613f666242ecb6bad743d9f1507e3be448e12']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1c-d8a4-4bb7-b4a0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:28.000Z",
"modified": "2015-09-29T18:40:28.000Z",
"pattern": "[file:hashes.SHA256 = 'dc6ae027272ef367dc71e7cbf7457f345a811f52b04e9557cf8dbb2bbd60c7dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1c-92e8-400a-8a3a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:28.000Z",
"modified": "2015-09-29T18:40:28.000Z",
"pattern": "[file:hashes.SHA256 = '41a53b884711b38b5fa0b1324be720b9bcebe48c63c68ab307a699d1b4ed4062']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1d-2494-423d-a993-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:29.000Z",
"modified": "2015-09-29T18:40:29.000Z",
"pattern": "[file:hashes.SHA256 = 'f8e8574ed192ac8529f3cd1e62ca56d3e236d86726af2c71c0ff448d179c5b64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1d-f944-44b4-9da3-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:29.000Z",
"modified": "2015-09-29T18:40:29.000Z",
"pattern": "[file:hashes.SHA256 = '3aa12e41014f608f6c49310ccff5cca8199939872fbdcef66e6b6c48109e6a7f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1d-471c-4688-83fa-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:29.000Z",
"modified": "2015-09-29T18:40:29.000Z",
"pattern": "[file:hashes.SHA256 = '75c7daa9a54ad96d01ab5a4ee44823c5dabe2087a4021171cf0990b66d56440b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1e-1104-4729-8ade-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:30.000Z",
"modified": "2015-09-29T18:40:30.000Z",
"pattern": "[file:hashes.SHA256 = 'd40216847c36f26644e68ec637321b9ec272c442717562414dd34c2ff087cd23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1e-6634-4cbf-8ff0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:30.000Z",
"modified": "2015-09-29T18:40:30.000Z",
"pattern": "[file:hashes.SHA256 = '56ca9845318be57a293fb7bf3b8b0fbfab51f3e3748bf2ddf2f2316d2cf0538d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1e-d354-42a3-aad0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:30.000Z",
"modified": "2015-09-29T18:40:30.000Z",
"pattern": "[file:hashes.SHA256 = '26ea3f4271edf083ed7a03bd40b79e8811faf0b175285fa6bbf5d02211c86e63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1f-5b08-4518-884d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:31.000Z",
"modified": "2015-09-29T18:40:31.000Z",
"pattern": "[file:hashes.SHA256 = '09bd3010831fb3e8cc18460fb353548a92153cc9109cbd9f88b540494a2262ee']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1f-e0a8-423e-a18e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:31.000Z",
"modified": "2015-09-29T18:40:31.000Z",
"pattern": "[file:hashes.SHA256 = '84529a1f6f8eb850ecd505d833592d5e7a2a17d797f1dbb02360283459409d75']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb1f-1250-4671-9377-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:31.000Z",
"modified": "2015-09-29T18:40:31.000Z",
"pattern": "[file:hashes.SHA256 = 'd64370fca18a2b0b4ac518d135b61ae59d2477429314f5bd4fc313074dada6f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb20-89f0-40ca-bdc7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:32.000Z",
"modified": "2015-09-29T18:40:32.000Z",
"pattern": "[file:hashes.SHA256 = 'aa13838efc510ab8890bd89c5f4b1600190bb4aeb26af7b1fe8cf7f5620b4909']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb20-2d28-4716-bb58-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:32.000Z",
"modified": "2015-09-29T18:40:32.000Z",
"pattern": "[file:hashes.SHA256 = '31ed6db9c6e2d95cdbf96171c38b2b27dae5e4acc2b1b95aad250d3de6337b69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb20-08b8-4628-afd9-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:32.000Z",
"modified": "2015-09-29T18:40:32.000Z",
"pattern": "[file:hashes.SHA256 = 'b19937e02b7d24c6c842f975dc155dc39ac28719c6e5531764f72dcee764b4bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb21-3f9c-4a04-9c07-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:33.000Z",
"modified": "2015-09-29T18:40:33.000Z",
"pattern": "[file:hashes.SHA256 = '58ae22c13ef6d9addfd8e38d96bf72d9ad17be2dc036063031e327cd014e2351']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb21-6980-4e3a-804c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:33.000Z",
"modified": "2015-09-29T18:40:33.000Z",
"pattern": "[file:hashes.SHA256 = '9c7126f1e2a013e0ade23059261b493bafe9b2e7f40e4a38e65aa6cd818b569e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb21-33bc-4400-b73b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:33.000Z",
"modified": "2015-09-29T18:40:33.000Z",
"pattern": "[file:hashes.SHA256 = '571f3a5ef318aaeae60030a6d3d075843e9c00a6588cdc96122ef9be6aecbbe3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb22-7064-42f2-a819-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:34.000Z",
"modified": "2015-09-29T18:40:34.000Z",
"pattern": "[file:hashes.SHA256 = 'b7e6a98f0e2ef80003c42c5ecd2574526f82a56fb3e9c2f6c4bd6b3d6e965126']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb22-4b6c-4958-90fa-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:34.000Z",
"modified": "2015-09-29T18:40:34.000Z",
"pattern": "[file:hashes.SHA256 = 'd8abed3f23bcb188dd0e06178497e893615d4fdd4f2ec94bdbaa1d9659a3b5a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb23-b35c-423e-aa9a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:35.000Z",
"modified": "2015-09-29T18:40:35.000Z",
"pattern": "[file:hashes.SHA256 = 'e16b54b0e20b5fa20f57623f6ae72f0afd9f7d1857e880db71e2a4c468f519d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb23-76f0-4b43-a118-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:35.000Z",
"modified": "2015-09-29T18:40:35.000Z",
"pattern": "[file:hashes.SHA256 = '93755e5ce7cc50509e5a03fff5f6cdbb71020951da8548310c4fe68c1fa56661']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb23-6c10-4fb1-b44a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:35.000Z",
"modified": "2015-09-29T18:40:35.000Z",
"pattern": "[file:hashes.SHA256 = 'cfd41685b2595d037d557375db6a7598e85c9bd767a03f8fb45b10732c171e27']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb24-11d0-42da-8227-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:36.000Z",
"modified": "2015-09-29T18:40:36.000Z",
"pattern": "[file:hashes.SHA256 = '09e40934fe3d7d508552a589df38b9f33c70bccef2624d5f8fb7d720256399b8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb24-388c-47ac-a758-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:36.000Z",
"modified": "2015-09-29T18:40:36.000Z",
"pattern": "[file:hashes.SHA256 = '6f9159627eae1325b6d03804536ae72fa6544587747aa597122414c43fef32d1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb24-990c-4c66-98a2-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:36.000Z",
"modified": "2015-09-29T18:40:36.000Z",
"pattern": "[file:hashes.SHA256 = '90c8402672ab3ec8503902b6e73295c746549c7afefff01f47d5369b2787865f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb25-0ea0-49f2-a9f2-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:37.000Z",
"modified": "2015-09-29T18:40:37.000Z",
"pattern": "[file:hashes.SHA256 = '8403c3de9ea43d5f7d06e3fd952f51a384604a1d7eec000ed3ef0f0822e27fe5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb25-aa1c-465f-bf22-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:37.000Z",
"modified": "2015-09-29T18:40:37.000Z",
"pattern": "[file:hashes.SHA256 = 'e7bfc14d9136106022b9c4da608c400d6a0b59e019b135b538934b5b170ace28']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb25-3e84-496e-a44f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:37.000Z",
"modified": "2015-09-29T18:40:37.000Z",
"pattern": "[file:hashes.SHA256 = 'e3b20d45b15400bc98ea7899ea1438a3746c10efae3cae323943709cfbb66e4d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb26-ce48-4a75-900b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:38.000Z",
"modified": "2015-09-29T18:40:38.000Z",
"pattern": "[file:hashes.SHA256 = 'b7bbbab46b6d130478c750463dd8882a3e94699c758d6d0964adfaa24fa7735d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb26-fa70-477b-ab44-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:38.000Z",
"modified": "2015-09-29T18:40:38.000Z",
"pattern": "[file:hashes.SHA256 = '104da591e6b93df35a4917ff34ddc18e6ffe83b226640999680261e84c7d03bf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb26-4970-459f-b244-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:38.000Z",
"modified": "2015-09-29T18:40:38.000Z",
"pattern": "[file:hashes.SHA256 = '407d2244de3786249aa489af77169e07268287b1707aaddba1954af6b2d35bdc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb27-738c-488a-b93b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:39.000Z",
"modified": "2015-09-29T18:40:39.000Z",
"pattern": "[file:hashes.SHA256 = '7eced250d7fc59a595a83521c0fbb2a258da01f9c77c1f410d40920ae8ae59a7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb27-ccbc-473d-bdee-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:39.000Z",
"modified": "2015-09-29T18:40:39.000Z",
"pattern": "[file:hashes.SHA256 = '078ee975c0ad0045c0efffe7ac76a7ffdf0536853795dcf45c4a7721ce59cc9c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb27-20d8-43a5-9125-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:39.000Z",
"modified": "2015-09-29T18:40:39.000Z",
"pattern": "[file:hashes.SHA256 = '01d576acd2edcc338aab17c57e72604bf5762ce4e425500ca0467b984ec6622d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb28-9f04-4bfd-97d6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:40.000Z",
"modified": "2015-09-29T18:40:40.000Z",
"pattern": "[file:hashes.SHA256 = '44dab01089416b88ce26092a9ab6d0f93c49ff8637298fa3b786f7ce0b68867b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb28-89d4-478c-8aba-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:40.000Z",
"modified": "2015-09-29T18:40:40.000Z",
"pattern": "[file:hashes.SHA256 = '3608243af2cf1b6f710a2c8f06a128524de40535ee0b64cb8562c5739b23c36e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb28-4ff4-4297-ad3c-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:40.000Z",
"modified": "2015-09-29T18:40:40.000Z",
"pattern": "[file:hashes.SHA256 = 'be17828afe89e886160f77e6ea31a10fb9374cde37ec46a4283029ee8425ca04']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb29-8448-4a09-b672-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:41.000Z",
"modified": "2015-09-29T18:40:41.000Z",
"pattern": "[file:hashes.SHA256 = 'e02883913febe7ba3bfbd953ace93619b45e1d31e0bc20dc1a9b532a522ebbca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb29-5680-4c27-9b74-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:41.000Z",
"modified": "2015-09-29T18:40:41.000Z",
"pattern": "[file:hashes.SHA256 = '42afc71477ec83749d7223789edac4526ae7fd7db3756206bc422aa5e175578b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb29-c660-4c1f-abe6-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:41.000Z",
"modified": "2015-09-29T18:40:41.000Z",
"pattern": "[file:hashes.SHA256 = '006422c75adf9238cc8e769ab9d13a23e97fc3593e31c63bbd844c8d620bcb74']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2a-2d88-41b1-8063-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:42.000Z",
"modified": "2015-09-29T18:40:42.000Z",
"pattern": "[file:hashes.SHA256 = '2c36f2165d01255fd760d30ec25418436fe1692e99d4ae201967aaf33b9c22b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2a-76f4-4f48-987f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:42.000Z",
"modified": "2015-09-29T18:40:42.000Z",
"pattern": "[file:hashes.SHA256 = 'e062dcd33661249a983e172188450aa6489cc0a14dc80c5d8cefb039297d1b7f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2a-a678-482f-84f1-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:42.000Z",
"modified": "2015-09-29T18:40:42.000Z",
"pattern": "[file:hashes.SHA256 = '6c47258b58937c4f8f6a55e2fe1a34cb097c628f0aafe25fd944bfeddc2294ad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2b-14b8-4fcd-9163-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:43.000Z",
"modified": "2015-09-29T18:40:43.000Z",
"pattern": "[file:hashes.SHA256 = 'b26cfa79e2868046c1205acc015ca928ae0a95620b1a6da5a1d3a4e78eed699d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2b-b2dc-4920-94d4-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:43.000Z",
"modified": "2015-09-29T18:40:43.000Z",
"pattern": "[file:hashes.SHA256 = 'f19fbb1f236fb4e9a4fe9c373da7d4827130e3e76af784f2e8f9567aa4383f88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2c-f4ac-4cd7-bbe2-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:44.000Z",
"modified": "2015-09-29T18:40:44.000Z",
"pattern": "[file:hashes.SHA256 = '6eeb8a48898ace58017f08c50fd9c7df425e367626a7ac8994e9095a868b2dd6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2c-b2c0-41c2-a8b2-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:44.000Z",
"modified": "2015-09-29T18:40:44.000Z",
"pattern": "[file:hashes.SHA256 = 'fc85836d8e0035f4ae2a90ac03515ce61dad80450303686e9074db5ad830f2e5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2c-20dc-410f-b3d7-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:44.000Z",
"modified": "2015-09-29T18:40:44.000Z",
"pattern": "[file:hashes.SHA256 = 'c4ca0757ba736fc83919bcd7cdb0ac67f4e945832c6e0e8b42034408bfec40da']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2d-89cc-47a3-afc1-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:45.000Z",
"modified": "2015-09-29T18:40:45.000Z",
"pattern": "[file:hashes.SHA256 = '2e6ce282dd63a1f63768ac682056964c038ac15d0e7a2ca65392462e4b8c9a73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2d-1f54-48cd-a3ff-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:45.000Z",
"modified": "2015-09-29T18:40:45.000Z",
"pattern": "[file:hashes.SHA256 = 'ba3a8d359c6f15ff8b92355275db677aac28ae8050ba1a10f71c3a9aa68b9251']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2d-b9bc-4cfe-92e2-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:45.000Z",
"modified": "2015-09-29T18:40:45.000Z",
"pattern": "[file:hashes.SHA256 = '7fcf7a52758604d23095f604f2de2005f50c7cb938a500ca77d4c85bf5c2a482']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2e-2f74-4d9f-aa9f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:46.000Z",
"modified": "2015-09-29T18:40:46.000Z",
"pattern": "[file:hashes.SHA256 = '5569335e58ea89e1f1ee5764056357ddbfddaf3322bb103dac5924d8453291e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2e-0a6c-4ec1-a15e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:46.000Z",
"modified": "2015-09-29T18:40:46.000Z",
"pattern": "[file:hashes.SHA256 = '6a6a8f3aa4b358b657072e7050e0e0090512403f95d7b70f6f3fff4224aa7067']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2e-0464-4af3-b1ea-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:46.000Z",
"modified": "2015-09-29T18:40:46.000Z",
"pattern": "[file:hashes.SHA256 = '78094e48ed929f6e8701573e9e764660ecff63a84dda8d9dd065d26c4af28357']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2f-9a18-47da-b402-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:47.000Z",
"modified": "2015-09-29T18:40:47.000Z",
"pattern": "[file:hashes.SHA256 = '38e659ab0a9ab0e2ca57362bf7b7da9f62b8e924bd1edcd9e96b923d646a96cb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2f-40b4-46d8-9372-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:47.000Z",
"modified": "2015-09-29T18:40:47.000Z",
"pattern": "[file:hashes.SHA256 = '2e259c50a7b371fa160216107a75b5e957d92a47ee0ad24716bc3b7fc7c8c518']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb2f-1aac-4c7a-8e7d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:47.000Z",
"modified": "2015-09-29T18:40:47.000Z",
"pattern": "[file:hashes.SHA256 = '39d39ef4b7d779a7ff8390c9b619ef1f87222c230f57e513f662faef4cb68c4d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb30-a790-414f-8478-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:48.000Z",
"modified": "2015-09-29T18:40:48.000Z",
"pattern": "[file:hashes.SHA256 = '82898f80bd19951f049f654ae46b92dfc106d501cbc4ff42a5aeffb4d7d0fef0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb30-5c5c-46b5-a78e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:48.000Z",
"modified": "2015-09-29T18:40:48.000Z",
"pattern": "[file:hashes.SHA256 = 'e4b9c7e1b45c807943129fc338a0ea84694fe2419b4978dc627d20428d4659a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb30-f220-43d7-bb2e-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:48.000Z",
"modified": "2015-09-29T18:40:48.000Z",
"pattern": "[file:hashes.SHA256 = 'e25c3d0e053dd84e9357ab914b2e1299a2227269b1e42b695defe00dc17353ea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb31-6278-44ff-883b-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:49.000Z",
"modified": "2015-09-29T18:40:49.000Z",
"pattern": "[file:hashes.SHA256 = 'b698726d2eab1f8976adb59523fcc9494756e828ee20437f7b7b3d6de2fcf79e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb31-cb34-4b00-98e8-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:49.000Z",
"modified": "2015-09-29T18:40:49.000Z",
"pattern": "[file:hashes.SHA256 = 'd48246216927a7c7b3f9e5525ba132c73828c2d0e5254b148be192d76f5a2315']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb31-4980-4ec0-88f0-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:49.000Z",
"modified": "2015-09-29T18:40:49.000Z",
"pattern": "[file:hashes.SHA256 = '603e5ef8b01ea49318242858e5b9db4155c86549e30a908e905e809b898594b0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb32-f148-4784-86bf-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:50.000Z",
"modified": "2015-09-29T18:40:50.000Z",
"pattern": "[file:hashes.SHA256 = 'e7c7dad8246f32cf03401e3c152f68257edf4f499f2ec836ff77c9864f201691']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb32-a7d4-4cbf-99af-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:50.000Z",
"modified": "2015-09-29T18:40:50.000Z",
"pattern": "[file:hashes.SHA256 = 'efb6c15680f0e0c72f18b1e337a684e7ee17d84f8fbd026f7febce21eb0d6300']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb32-c70c-4965-afb5-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:50.000Z",
"modified": "2015-09-29T18:40:50.000Z",
"pattern": "[file:hashes.SHA256 = '04264fea37bf8ddf889491e8cf29464d5f8951532d331008d16cfd44737b9d4f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb33-5000-4da4-b02a-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:51.000Z",
"modified": "2015-09-29T18:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '0141a9632f8a9d0034c5d81d60b821fca1cde00b0fd06d204dece77b1776ae3f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb33-7a0c-4639-bf3d-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:51.000Z",
"modified": "2015-09-29T18:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '143525a106ee9f4d2a68563d740a5e496fbad7d732c4220fdb8ca453e72dd687']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb33-f2ec-4a88-991f-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:51.000Z",
"modified": "2015-09-29T18:40:51.000Z",
"pattern": "[file:hashes.SHA256 = '75d183043193ea58bca00c8233156bc7bd0ce9759a6863b3d91e4b1f62f46c42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb34-929c-4714-bf26-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:52.000Z",
"modified": "2015-09-29T18:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '69b3398d82975680c2cfc2c0f57d3796e9e08298ea6c6cbe51e1e0964e959624']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb34-fe64-47f3-8b41-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:52.000Z",
"modified": "2015-09-29T18:40:52.000Z",
"pattern": "[file:hashes.SHA256 = '219954100f5eb5d6d6e1b4f740c63c1a752be30e6af2a4bd1b406422cd1bbfab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb35-5df4-4edf-8b03-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:53.000Z",
"modified": "2015-09-29T18:40:53.000Z",
"pattern": "[file:hashes.SHA256 = 'c6075cdf0c835b3bb3e363894b3812b70b48516f5c0b083554827f04cc6cc9b8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb35-3b38-4963-8936-985b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:40:53.000Z",
"modified": "2015-09-29T18:40:53.000Z",
"pattern": "[file:hashes.SHA256 = 'b9fe8aa57a696c017889344d24fb813ab6d85b30592e1438c2ae7d9220ebf47a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:40:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5b-2bb8-4b3d-a33c-42ec950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:31.000Z",
"modified": "2015-09-29T18:41:31.000Z",
"pattern": "[domain-name:value = 'paddlesoft.zapto.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5c-0c40-4c85-a59d-49a9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:32.000Z",
"modified": "2015-09-29T18:41:32.000Z",
"pattern": "[domain-name:value = 'chavbomb.no-ip.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5c-1828-452f-88ad-4a87950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:32.000Z",
"modified": "2015-09-29T18:41:32.000Z",
"pattern": "[domain-name:value = 'databased.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5d-b6a4-4be0-95f2-4926950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:33.000Z",
"modified": "2015-09-29T18:41:33.000Z",
"pattern": "[domain-name:value = 'mohammedaltememi97.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5d-32d4-454b-9891-484f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:33.000Z",
"modified": "2015-09-29T18:41:33.000Z",
"pattern": "[domain-name:value = 'test777test.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5d-1cd8-4172-95a4-427a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:33.000Z",
"modified": "2015-09-29T18:41:33.000Z",
"pattern": "[domain-name:value = 'jebozovan.no-ip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5e-1c18-4033-bf79-4ba4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:34.000Z",
"modified": "2015-09-29T18:41:34.000Z",
"pattern": "[domain-name:value = 'systemoff.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5e-2cf0-4625-98df-44c0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:34.000Z",
"modified": "2015-09-29T18:41:34.000Z",
"pattern": "[domain-name:value = 'onyedi123.no-ip.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5e-d36c-4eb8-b3f5-45a5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:34.000Z",
"modified": "2015-09-29T18:41:34.000Z",
"pattern": "[domain-name:value = 'shankiki.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5f-cc20-451e-9e72-4204950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:35.000Z",
"modified": "2015-09-29T18:41:35.000Z",
"pattern": "[domain-name:value = 'black4.blogdns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5f-04d0-45c0-8bf1-4091950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:35.000Z",
"modified": "2015-09-29T18:41:35.000Z",
"pattern": "[domain-name:value = 'csgo1.mooo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb5f-69ec-4e51-9a23-4b15950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:35.000Z",
"modified": "2015-09-29T18:41:35.000Z",
"pattern": "[domain-name:value = 'filecrew.strangled.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb60-be68-4073-b6d7-4723950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:36.000Z",
"modified": "2015-09-29T18:41:36.000Z",
"pattern": "[domain-name:value = 'sanandre.crabdance.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb60-1a64-4d14-b320-47b3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:36.000Z",
"modified": "2015-09-29T18:41:36.000Z",
"pattern": "[domain-name:value = 'sanandreas.mooo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb60-c078-4f5a-8b93-4df3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:36.000Z",
"modified": "2015-09-29T18:41:36.000Z",
"pattern": "[domain-name:value = 'gdrgs.no-ip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb61-a7c4-4797-8274-4f9d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:37.000Z",
"modified": "2015-09-29T18:41:37.000Z",
"pattern": "[domain-name:value = 'real.jumpingcrab.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb61-6544-4d38-a61e-4528950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:37.000Z",
"modified": "2015-09-29T18:41:37.000Z",
"pattern": "[domain-name:value = 'carlosjohn301.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb61-f7e0-42da-a137-418a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:37.000Z",
"modified": "2015-09-29T18:41:37.000Z",
"pattern": "[domain-name:value = 'fransismoore387.chickenkiller.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb62-9ea0-4a68-913f-4074950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:38.000Z",
"modified": "2015-09-29T18:41:38.000Z",
"pattern": "[domain-name:value = 'fransismoore387.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb62-8240-4533-a0f0-4ece950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:38.000Z",
"modified": "2015-09-29T18:41:38.000Z",
"pattern": "[domain-name:value = 'gbfucker.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb63-4134-4ced-9f94-4be4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:38.000Z",
"modified": "2015-09-29T18:41:38.000Z",
"pattern": "[domain-name:value = 'hostv5.ddns.me']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb63-1600-47d1-bd01-4046950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:39.000Z",
"modified": "2015-09-29T18:41:39.000Z",
"pattern": "[domain-name:value = 'balgar.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb63-4afc-47d0-b0ee-4b6b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:39.000Z",
"modified": "2015-09-29T18:41:39.000Z",
"pattern": "[domain-name:value = 'lolo12.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb64-78d4-40fa-946f-49c6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:40.000Z",
"modified": "2015-09-29T18:41:40.000Z",
"pattern": "[domain-name:value = 'inceilknur96.duckdns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb64-a7f8-49b1-9bb9-4c6c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:40.000Z",
"modified": "2015-09-29T18:41:40.000Z",
"pattern": "[domain-name:value = 'galaxia.dataway.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb64-02e0-4988-b217-449a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:40.000Z",
"modified": "2015-09-29T18:41:40.000Z",
"pattern": "[domain-name:value = 'kws.kulturbuero.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb65-87ec-4c51-a61f-4bd8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:41.000Z",
"modified": "2015-09-29T18:41:41.000Z",
"pattern": "[domain-name:value = 'hosboos.no-ip.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb65-65f8-4456-92ba-467c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:41.000Z",
"modified": "2015-09-29T18:41:41.000Z",
"pattern": "[domain-name:value = 'mymyno.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb65-1738-41ea-b72f-4cdf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:41.000Z",
"modified": "2015-09-29T18:41:41.000Z",
"pattern": "[domain-name:value = 'zezo1000.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb66-6914-438c-959f-4d78950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:42.000Z",
"modified": "2015-09-29T18:41:42.000Z",
"pattern": "[domain-name:value = 'hacker2015.no-ip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb66-135c-4cda-8c8a-4e55950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:42.000Z",
"modified": "2015-09-29T18:41:42.000Z",
"pattern": "[domain-name:value = 'remote.solutionlabs.mooo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb66-bd70-484d-9ff5-4063950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:42.000Z",
"modified": "2015-09-29T18:41:42.000Z",
"pattern": "[domain-name:value = 'kage.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb67-4a34-4ab6-8aac-4fa0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:43.000Z",
"modified": "2015-09-29T18:41:43.000Z",
"pattern": "[domain-name:value = 'busonolsun.duckdns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb67-8f24-4279-86f6-462b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:43.000Z",
"modified": "2015-09-29T18:41:43.000Z",
"pattern": "[domain-name:value = 'newbs.dyn.geekromeo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb67-082c-4212-bf0f-410f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:43.000Z",
"modified": "2015-09-29T18:41:43.000Z",
"pattern": "[domain-name:value = 'dhugfvstdda.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb68-0eac-45f8-817b-485d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:44.000Z",
"modified": "2015-09-29T18:41:44.000Z",
"pattern": "[domain-name:value = 'socol.ddns.is74.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb68-9754-46cc-a239-4528950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:44.000Z",
"modified": "2015-09-29T18:41:44.000Z",
"pattern": "[domain-name:value = 'connectorsesuser.myftp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb68-d9e8-43d3-ba7c-48c5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:44.000Z",
"modified": "2015-09-29T18:41:44.000Z",
"pattern": "[domain-name:value = 'm9waddz.no-ip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb69-2284-4ee3-bed1-4ecd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:45.000Z",
"modified": "2015-09-29T18:41:45.000Z",
"pattern": "[domain-name:value = 'dvd.selfip.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb69-d298-4c6f-a834-4668950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:45.000Z",
"modified": "2015-09-29T18:41:45.000Z",
"pattern": "[domain-name:value = 'blutech.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb69-1248-49a2-bcff-44c8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:45.000Z",
"modified": "2015-09-29T18:41:45.000Z",
"pattern": "[domain-name:value = 'serversqlbackups.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6a-1418-4efa-8226-4406950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:46.000Z",
"modified": "2015-09-29T18:41:46.000Z",
"pattern": "[domain-name:value = 'voip.ddns.me']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6a-a10c-49ac-b7f6-4a0f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:46.000Z",
"modified": "2015-09-29T18:41:46.000Z",
"pattern": "[domain-name:value = 'voip.dynns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6a-4760-48f4-8dd1-46e4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:46.000Z",
"modified": "2015-09-29T18:41:46.000Z",
"pattern": "[domain-name:value = 'part.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6b-c578-4b20-9d8a-43f1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:47.000Z",
"modified": "2015-09-29T18:41:47.000Z",
"pattern": "[domain-name:value = 'vanotidaun.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6b-aaf8-4428-aa1a-45bc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:47.000Z",
"modified": "2015-09-29T18:41:47.000Z",
"pattern": "[domain-name:value = 'aromate101.dynu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6c-e7dc-4502-9f5a-40c3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:48.000Z",
"modified": "2015-09-29T18:41:48.000Z",
"pattern": "[domain-name:value = 'dragia.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6c-5660-4048-a8ee-46cd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:48.000Z",
"modified": "2015-09-29T18:41:48.000Z",
"pattern": "[domain-name:value = 'milove.duckdns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6c-b8a4-475f-9be9-4ad6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:48.000Z",
"modified": "2015-09-29T18:41:48.000Z",
"pattern": "[domain-name:value = 'paulx.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6d-c138-497f-a7ed-4830950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:49.000Z",
"modified": "2015-09-29T18:41:49.000Z",
"pattern": "[domain-name:value = 'anonymous2325.no-ip.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6d-e7ec-4afe-a970-4554950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:49.000Z",
"modified": "2015-09-29T18:41:49.000Z",
"pattern": "[url:value = 'nico640.science']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6d-0234-4075-95b5-406b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:49.000Z",
"modified": "2015-09-29T18:41:49.000Z",
"pattern": "[domain-name:value = 'ridyourself.jumpingcrab.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6e-3e60-4a39-af54-4d03950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:50.000Z",
"modified": "2015-09-29T18:41:50.000Z",
"pattern": "[domain-name:value = 'server23.redirectme.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6e-2d80-4d5f-b04a-4800950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:50.000Z",
"modified": "2015-09-29T18:41:50.000Z",
"pattern": "[domain-name:value = '163pics.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6e-a1f8-475a-abc9-427e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:50.000Z",
"modified": "2015-09-29T18:41:50.000Z",
"pattern": "[domain-name:value = 'cisco-users.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6f-b260-4f33-a841-42f8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:51.000Z",
"modified": "2015-09-29T18:41:51.000Z",
"pattern": "[domain-name:value = 'connecttome1.sytes.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6f-3e48-45a7-a197-46a5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:51.000Z",
"modified": "2015-09-29T18:41:51.000Z",
"pattern": "[domain-name:value = 'secure.dataway.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb6f-a6d8-4774-bcb0-491b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:51.000Z",
"modified": "2015-09-29T18:41:51.000Z",
"pattern": "[domain-name:value = 'can2-pool-1194.nvpn.so']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb70-5e70-4482-8332-4cdf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:52.000Z",
"modified": "2015-09-29T18:41:52.000Z",
"pattern": "[domain-name:value = 'deltoncowstalls.no-ip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb70-985c-418c-bc0e-44dd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:52.000Z",
"modified": "2015-09-29T18:41:52.000Z",
"pattern": "[domain-name:value = 'deltonfarmhouse.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb70-e5c4-4be8-9148-4e32950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:52.000Z",
"modified": "2015-09-29T18:41:52.000Z",
"pattern": "[domain-name:value = 'gbuzue.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb71-c254-4c0a-b64c-41c3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:53.000Z",
"modified": "2015-09-29T18:41:53.000Z",
"pattern": "[domain-name:value = 'rayphilips90.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb71-a3a4-44af-8286-448d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:53.000Z",
"modified": "2015-09-29T18:41:53.000Z",
"pattern": "[domain-name:value = 'secon1.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb71-cc78-4ac2-8b9c-4f4c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:53.000Z",
"modified": "2015-09-29T18:41:53.000Z",
"pattern": "[domain-name:value = 'sedon1.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb72-abd0-48d0-9173-4370950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:54.000Z",
"modified": "2015-09-29T18:41:54.000Z",
"pattern": "[domain-name:value = 'toyless.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb72-b4e4-401d-9f03-46a2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:54.000Z",
"modified": "2015-09-29T18:41:54.000Z",
"pattern": "[domain-name:value = 'b566.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb73-a490-4d62-b49e-42ec950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:54.000Z",
"modified": "2015-09-29T18:41:54.000Z",
"pattern": "[domain-name:value = 'unufri.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb73-16cc-44db-99e2-42f3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:55.000Z",
"modified": "2015-09-29T18:41:55.000Z",
"pattern": "[domain-name:value = 'zaptoorgan.zapto.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb73-7a84-4fd6-a3b3-403a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:55.000Z",
"modified": "2015-09-29T18:41:55.000Z",
"pattern": "[domain-name:value = 'dingodu93.no-ip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb74-2640-4b6b-bee9-4aee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:56.000Z",
"modified": "2015-09-29T18:41:56.000Z",
"pattern": "[domain-name:value = 'randomshiet.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb74-f320-4a9d-b298-496c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:56.000Z",
"modified": "2015-09-29T18:41:56.000Z",
"pattern": "[domain-name:value = 'kfirg1.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb74-86c4-4696-8084-4798950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:56.000Z",
"modified": "2015-09-29T18:41:56.000Z",
"pattern": "[domain-name:value = 'easyinternet.no-ip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb75-7bd0-45f3-9a45-45ac950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:57.000Z",
"modified": "2015-09-29T18:41:57.000Z",
"pattern": "[domain-name:value = 'leagueofbot.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb75-5a04-476b-a59d-4c5e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:57.000Z",
"modified": "2015-09-29T18:41:57.000Z",
"pattern": "[domain-name:value = 'atanas23.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb75-3fc0-4dbf-bf08-45ca950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:57.000Z",
"modified": "2015-09-29T18:41:57.000Z",
"pattern": "[domain-name:value = 'atanasim1600.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb76-e68c-4ccc-8c69-4f5d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:58.000Z",
"modified": "2015-09-29T18:41:58.000Z",
"pattern": "[domain-name:value = 'darkdaniblack.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb76-f980-4533-83cf-45cf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:58.000Z",
"modified": "2015-09-29T18:41:58.000Z",
"pattern": "[domain-name:value = 'ma5ter81.hopto.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb76-20c4-4286-9402-4bf8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:58.000Z",
"modified": "2015-09-29T18:41:58.000Z",
"pattern": "[domain-name:value = '5453.no-ip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb77-e84c-4ba2-905c-456b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:59.000Z",
"modified": "2015-09-29T18:41:59.000Z",
"pattern": "[domain-name:value = 'arixn.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb77-b57c-403a-b381-4bfc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:59.000Z",
"modified": "2015-09-29T18:41:59.000Z",
"pattern": "[domain-name:value = 'vedio.worse-than.tv']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb77-69d0-4417-a8e4-4d8b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:41:59.000Z",
"modified": "2015-09-29T18:41:59.000Z",
"pattern": "[domain-name:value = 'darkamady.zapto.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:41:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb78-a564-43c4-95c0-4416950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:00.000Z",
"modified": "2015-09-29T18:42:00.000Z",
"pattern": "[domain-name:value = 'kingshakes.linkpc.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb78-6af8-4ae5-b7fb-444d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:00.000Z",
"modified": "2015-09-29T18:42:00.000Z",
"pattern": "[domain-name:value = 'oakt.chickenkiller.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb78-36c4-4df6-b205-4e54950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:00.000Z",
"modified": "2015-09-29T18:42:00.000Z",
"pattern": "[domain-name:value = 'cppthebest.no-ip.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb79-607c-463d-885f-40ae950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:01.000Z",
"modified": "2015-09-29T18:42:01.000Z",
"pattern": "[domain-name:value = 'rally-rails.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adb79-6e54-49e8-b25c-4288950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:01.000Z",
"modified": "2015-09-29T18:42:01.000Z",
"pattern": "[domain-name:value = 'login-servers.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba0-70b8-41dc-8dbb-4d3b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:40.000Z",
"modified": "2015-09-29T18:42:40.000Z",
"pattern": "[url:value = 'http://paddlesoft.zapto.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba1-4308-48b7-9a59-4e8b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:41.000Z",
"modified": "2015-09-29T18:42:41.000Z",
"pattern": "[url:value = 'http://chavbomb.no-ip.info/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba1-5e68-4ea9-aed4-449c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:41.000Z",
"modified": "2015-09-29T18:42:41.000Z",
"pattern": "[url:value = 'http://109.251.112.39/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba2-40c4-48f2-80ae-48e5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:42.000Z",
"modified": "2015-09-29T18:42:42.000Z",
"pattern": "[url:value = 'http://databased.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba2-36a0-4e68-87a9-45f4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:42.000Z",
"modified": "2015-09-29T18:42:42.000Z",
"pattern": "[url:value = 'http://134.249.157.192/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba2-e15c-454c-b1cc-4482950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:42.000Z",
"modified": "2015-09-29T18:42:42.000Z",
"pattern": "[url:value = 'http://mohammedaltememi97.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba3-6a10-4478-94e3-4600950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:43.000Z",
"modified": "2015-09-29T18:42:43.000Z",
"pattern": "[url:value = 'http://test777test.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba3-9fa4-4bbc-a6cf-49c7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:43.000Z",
"modified": "2015-09-29T18:42:43.000Z",
"pattern": "[url:value = 'http://systemoff.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba3-027c-4b2e-8151-428c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:43.000Z",
"modified": "2015-09-29T18:42:43.000Z",
"pattern": "[url:value = 'http://jebozovan.no-ip.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba4-a9e8-4bef-9041-4ef6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:44.000Z",
"modified": "2015-09-29T18:42:44.000Z",
"pattern": "[url:value = 'http://shankiki.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba4-fbc8-4484-ae00-4066950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:44.000Z",
"modified": "2015-09-29T18:42:44.000Z",
"pattern": "[url:value = 'http://csgo1.mooo.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba4-ed14-46a6-9a44-4301950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:44.000Z",
"modified": "2015-09-29T18:42:44.000Z",
"pattern": "[url:value = 'http://sanandre.crabdance.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba5-5418-4b7b-815c-4987950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:45.000Z",
"modified": "2015-09-29T18:42:45.000Z",
"pattern": "[url:value = 'http://filecrew.strangled.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba5-d600-42f6-b62e-46e4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:45.000Z",
"modified": "2015-09-29T18:42:45.000Z",
"pattern": "[url:value = 'http://black4.blogdns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba5-f0f4-4f0d-87d5-43bf950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:45.000Z",
"modified": "2015-09-29T18:42:45.000Z",
"pattern": "[url:value = 'http://gdrgs.no-ip.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba6-8b84-426e-b532-4920950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:46.000Z",
"modified": "2015-09-29T18:42:46.000Z",
"pattern": "[url:value = 'http://gdrgs.no-ip.org/123.functions']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba6-6df0-4165-b53a-4538950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:46.000Z",
"modified": "2015-09-29T18:42:46.000Z",
"pattern": "[url:value = 'http://188.187.1.85/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba6-6f70-4a1c-9ab1-4710950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:46.000Z",
"modified": "2015-09-29T18:42:46.000Z",
"pattern": "[url:value = 'http://real.jumpingcrab.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba7-70c8-45c2-a695-4280950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:47.000Z",
"modified": "2015-09-29T18:42:47.000Z",
"pattern": "[url:value = 'http://192.95.42.120/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba7-0c94-46e2-8c05-48f7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:47.000Z",
"modified": "2015-09-29T18:42:47.000Z",
"pattern": "[url:value = 'http://carlosjohn301.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba8-82b0-4100-a545-4ee5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:48.000Z",
"modified": "2015-09-29T18:42:48.000Z",
"pattern": "[url:value = 'http://fransismoore387.chickenkiller.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba8-7fc8-4683-8527-4f68950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:48.000Z",
"modified": "2015-09-29T18:42:48.000Z",
"pattern": "[url:value = 'http://gbfucker.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba8-3cfc-487c-94b0-40ff950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:48.000Z",
"modified": "2015-09-29T18:42:48.000Z",
"pattern": "[url:value = 'http://fransismoore387.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba9-3a98-44bb-8ec9-44af950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:49.000Z",
"modified": "2015-09-29T18:42:49.000Z",
"pattern": "[url:value = 'http://balgar.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba9-9c64-42db-b0cf-4c4c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:49.000Z",
"modified": "2015-09-29T18:42:49.000Z",
"pattern": "[url:value = 'http://lolo12.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adba9-d7dc-4e47-a228-4043950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:49.000Z",
"modified": "2015-09-29T18:42:49.000Z",
"pattern": "[url:value = 'http://inceilknur96.duckdns.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbaa-cf44-4f5c-8aae-40a4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:50.000Z",
"modified": "2015-09-29T18:42:50.000Z",
"pattern": "[url:value = 'http://kws.kulturbuero.ch/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbaa-7598-4494-93da-4649950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:50.000Z",
"modified": "2015-09-29T18:42:50.000Z",
"pattern": "[url:value = 'http://zezo1000.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbaa-a570-4d64-beea-4e78950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:50.000Z",
"modified": "2015-09-29T18:42:50.000Z",
"pattern": "[url:value = 'http://hacker2015.no-ip.org:1010/is-ready']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbab-89f4-4703-9761-406c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:51.000Z",
"modified": "2015-09-29T18:42:51.000Z",
"pattern": "[url:value = 'http://kage.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbab-2f50-4af1-8d78-4c3b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:51.000Z",
"modified": "2015-09-29T18:42:51.000Z",
"pattern": "[url:value = 'http://busonolsun.duckdns.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbab-367c-4767-aa58-43f6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:51.000Z",
"modified": "2015-09-29T18:42:51.000Z",
"pattern": "[url:value = 'http://216.170.116.15/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbac-ed78-4b15-a0a8-4e9e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:52.000Z",
"modified": "2015-09-29T18:42:52.000Z",
"pattern": "[url:value = 'http://dhugfvstdda.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbac-c2e8-4347-9072-4440950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:52.000Z",
"modified": "2015-09-29T18:42:52.000Z",
"pattern": "[url:value = 'http://socol.ddns.is74.ru/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbac-4db0-4ca1-aaf1-44fe950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:52.000Z",
"modified": "2015-09-29T18:42:52.000Z",
"pattern": "[url:value = 'http://connectorsesuser.myftp.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbad-62ec-40e7-bc18-497c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:53.000Z",
"modified": "2015-09-29T18:42:53.000Z",
"pattern": "[url:value = 'http://m9waddz.no-ip.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbad-8a10-4afb-89cd-4ac5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:53.000Z",
"modified": "2015-09-29T18:42:53.000Z",
"pattern": "[url:value = 'http://dvd.selfip.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbad-979c-4a4a-a77d-479b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:53.000Z",
"modified": "2015-09-29T18:42:53.000Z",
"pattern": "[url:value = 'http://blutech.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbae-da84-4dec-8490-45c0950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:54.000Z",
"modified": "2015-09-29T18:42:54.000Z",
"pattern": "[url:value = 'http://voip.dynns.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbae-b510-474e-9899-41a4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:54.000Z",
"modified": "2015-09-29T18:42:54.000Z",
"pattern": "[url:value = 'http://voip.ddns.me/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbaf-40dc-4f9c-807b-4e74950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:55.000Z",
"modified": "2015-09-29T18:42:55.000Z",
"pattern": "[url:value = 'http://46.20.33.108/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbaf-ae04-4c46-af45-4596950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:55.000Z",
"modified": "2015-09-29T18:42:55.000Z",
"pattern": "[url:value = 'http://part.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbaf-09e4-4725-a4f8-4b56950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:55.000Z",
"modified": "2015-09-29T18:42:55.000Z",
"pattern": "[url:value = 'http://vanotidaun.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb0-3534-4c85-8c64-47d8950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:56.000Z",
"modified": "2015-09-29T18:42:56.000Z",
"pattern": "[url:value = 'http://dragia.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb0-e8f0-4bdc-ada4-4c5a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:56.000Z",
"modified": "2015-09-29T18:42:56.000Z",
"pattern": "[url:value = 'http://milove.duckdns.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb0-baa4-40b3-8274-404f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:56.000Z",
"modified": "2015-09-29T18:42:56.000Z",
"pattern": "[url:value = 'http://paulx.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb1-6150-4848-bae9-42e4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:57.000Z",
"modified": "2015-09-29T18:42:57.000Z",
"pattern": "[url:value = 'http://anonymous2325.no-ip.info/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb1-29bc-4247-af02-4f9f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:57.000Z",
"modified": "2015-09-29T18:42:57.000Z",
"pattern": "[url:value = 'http://ridyourself.jumpingcrab.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb1-4664-47bf-bebe-4287950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:57.000Z",
"modified": "2015-09-29T18:42:57.000Z",
"pattern": "[url:value = 'http://server23.redirectme.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb2-1fd8-44ae-b381-4e69950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:58.000Z",
"modified": "2015-09-29T18:42:58.000Z",
"pattern": "[url:value = 'http://connecttome1.sytes.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb2-1df0-45b0-84e5-4092950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:58.000Z",
"modified": "2015-09-29T18:42:58.000Z",
"pattern": "[url:value = 'http://163pics.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb2-9828-4609-b1b8-4ca4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:58.000Z",
"modified": "2015-09-29T18:42:58.000Z",
"pattern": "[url:value = 'http://gbuzue.ddns.net:288/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb3-1248-4ccc-aaaf-46a5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:59.000Z",
"modified": "2015-09-29T18:42:59.000Z",
"pattern": "[url:value = 'http://sedon1.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb3-5c24-4de1-937c-466b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:59.000Z",
"modified": "2015-09-29T18:42:59.000Z",
"pattern": "[url:value = 'http://secon1.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb3-89ac-469d-b1b8-4d91950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:42:59.000Z",
"modified": "2015-09-29T18:42:59.000Z",
"pattern": "[url:value = 'http://deltoncowstalls.no-ip.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:42:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb4-3c28-486d-ba2c-4751950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:00.000Z",
"modified": "2015-09-29T18:43:00.000Z",
"pattern": "[url:value = 'http://deltonfarmhouse.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb4-a770-49c0-ab85-45b1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:00.000Z",
"modified": "2015-09-29T18:43:00.000Z",
"pattern": "[url:value = 'http://b566.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb4-2070-4303-ada0-4cb9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:00.000Z",
"modified": "2015-09-29T18:43:00.000Z",
"pattern": "[url:value = 'http://77.232.153.185/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb5-5bb0-43ec-8279-47c1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:01.000Z",
"modified": "2015-09-29T18:43:01.000Z",
"pattern": "[url:value = 'http://unufri.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb5-f8cc-4f77-9fb8-4699950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:01.000Z",
"modified": "2015-09-29T18:43:01.000Z",
"pattern": "[url:value = 'http://81.181.155.116/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb6-7a24-4190-ac67-4959950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:02.000Z",
"modified": "2015-09-29T18:43:02.000Z",
"pattern": "[url:value = 'http://zaptoorgan.zapto.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb6-a7a8-4d3c-87ef-4d73950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:02.000Z",
"modified": "2015-09-29T18:43:02.000Z",
"pattern": "[url:value = 'http://dingodu93.no-ip.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb6-74e4-4189-8787-4774950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:02.000Z",
"modified": "2015-09-29T18:43:02.000Z",
"pattern": "[url:value = 'http://randomshiet.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb7-89b8-4f42-9686-49fe950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:03.000Z",
"modified": "2015-09-29T18:43:03.000Z",
"pattern": "[url:value = 'http://kfirg1.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb7-31f8-4ad5-95a0-4bed950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:03.000Z",
"modified": "2015-09-29T18:43:03.000Z",
"pattern": "[url:value = 'http://84.234.59.253/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb7-3598-40a5-9748-4d8b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:03.000Z",
"modified": "2015-09-29T18:43:03.000Z",
"pattern": "[url:value = 'http://easyinternet.no-ip.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb8-2ff0-4641-b57e-445a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:04.000Z",
"modified": "2015-09-29T18:43:04.000Z",
"pattern": "[url:value = 'http://leagueofbot.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb8-19f8-422f-a73f-46e6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:04.000Z",
"modified": "2015-09-29T18:43:04.000Z",
"pattern": "[url:value = 'http://atanas23.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb8-be68-4c53-9a8d-4c82950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:04.000Z",
"modified": "2015-09-29T18:43:04.000Z",
"pattern": "[url:value = 'http://ma5ter81.hopto.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb9-a250-45d6-93f7-4ffc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:05.000Z",
"modified": "2015-09-29T18:43:05.000Z",
"pattern": "[url:value = 'http://86.57.170.92/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb9-d5e4-49e2-b9fe-48ad950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:05.000Z",
"modified": "2015-09-29T18:43:05.000Z",
"pattern": "[url:value = 'http://5453.no-ip.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbb9-5fac-4a2a-967f-4ca7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:05.000Z",
"modified": "2015-09-29T18:43:05.000Z",
"pattern": "[url:value = 'http://arixn.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbba-278c-40ff-ba50-415e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:06.000Z",
"modified": "2015-09-29T18:43:06.000Z",
"pattern": "[url:value = 'http://kingshakes.linkpc.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbba-f0fc-4941-be41-486b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:06.000Z",
"modified": "2015-09-29T18:43:06.000Z",
"pattern": "[url:value = 'http://oakt.chickenkiller.com/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbba-5a1c-4502-a78e-4813950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:06.000Z",
"modified": "2015-09-29T18:43:06.000Z",
"pattern": "[url:value = 'http://cppthebest.no-ip.biz/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbbb-67f4-4a38-a729-42fc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:43:07.000Z",
"modified": "2015-09-29T18:43:07.000Z",
"pattern": "[url:value = 'http://login-servers.ddns.net/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:43:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbfc-9dac-4729-865e-43fa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:44:12.000Z",
"modified": "2015-09-29T18:44:12.000Z",
"pattern": "[domain-name:value = 'serversqlbackups.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:44:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbfe-38dc-40a0-8a93-491b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:44:14.000Z",
"modified": "2015-09-29T18:44:14.000Z",
"pattern": "[domain-name:value = 'nico640.science']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:44:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbff-4014-4cfc-8c91-489b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:44:15.000Z",
"modified": "2015-09-29T18:44:15.000Z",
"pattern": "[domain-name:value = '163pics.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:44:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adbff-2df8-4e82-a653-46aa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:44:15.000Z",
"modified": "2015-09-29T18:44:15.000Z",
"pattern": "[domain-name:value = 'cisco-users.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:44:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560adc07-67c8-4f57-9470-42af950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-29T18:44:23.000Z",
"modified": "2015-09-29T18:44:23.000Z",
"pattern": "[domain-name:value = 'rally-rails.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-29T18:44:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f04-09b4-405d-9335-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:48.000Z",
"modified": "2015-09-30T06:19:48.000Z",
"description": "- Xchecked via VT: b9fe8aa57a696c017889344d24fb813ab6d85b30592e1438c2ae7d9220ebf47a",
"pattern": "[file:hashes.SHA1 = 'ad5a86afe7673754746b5f1a39b5da103d2e6639']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f04-89fc-4cc7-bcd4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:48.000Z",
"modified": "2015-09-30T06:19:48.000Z",
"description": "- Xchecked via VT: b9fe8aa57a696c017889344d24fb813ab6d85b30592e1438c2ae7d9220ebf47a",
"pattern": "[file:hashes.MD5 = '2b9514f500f64d25e978bbf47d6ebb41']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f04-b2f0-40b2-88d1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:48.000Z",
"modified": "2015-09-30T06:19:48.000Z",
"first_observed": "2015-09-30T06:19:48Z",
"last_observed": "2015-09-30T06:19:48Z",
"number_observed": 1,
"object_refs": [
"url--560b7f04-b2f0-40b2-88d1-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f04-b2f0-40b2-88d1-ecee950d210b",
"value": "https://www.virustotal.com/file/b9fe8aa57a696c017889344d24fb813ab6d85b30592e1438c2ae7d9220ebf47a/analysis/1439624477/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f05-e170-43bf-9b6b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:49.000Z",
"modified": "2015-09-30T06:19:49.000Z",
"description": "- Xchecked via VT: c6075cdf0c835b3bb3e363894b3812b70b48516f5c0b083554827f04cc6cc9b8",
"pattern": "[file:hashes.SHA1 = '8450c81a17f02d49f97640b0d1f16cdbbeb500fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f05-2f50-492a-9367-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:49.000Z",
"modified": "2015-09-30T06:19:49.000Z",
"description": "- Xchecked via VT: c6075cdf0c835b3bb3e363894b3812b70b48516f5c0b083554827f04cc6cc9b8",
"pattern": "[file:hashes.MD5 = '9532c32a821c2f55e5fbe86e08deeb9b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f05-3c48-4464-a4fa-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:49.000Z",
"modified": "2015-09-30T06:19:49.000Z",
"first_observed": "2015-09-30T06:19:49Z",
"last_observed": "2015-09-30T06:19:49Z",
"number_observed": 1,
"object_refs": [
"url--560b7f05-3c48-4464-a4fa-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f05-3c48-4464-a4fa-ecee950d210b",
"value": "https://www.virustotal.com/file/c6075cdf0c835b3bb3e363894b3812b70b48516f5c0b083554827f04cc6cc9b8/analysis/1442407880/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f06-b90c-4a74-a7a4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:50.000Z",
"modified": "2015-09-30T06:19:50.000Z",
"description": "- Xchecked via VT: 219954100f5eb5d6d6e1b4f740c63c1a752be30e6af2a4bd1b406422cd1bbfab",
"pattern": "[file:hashes.SHA1 = '2ec5180213040e6591ffd6c26d21e8ed8006e1a3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f06-6aa4-42f2-b267-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:50.000Z",
"modified": "2015-09-30T06:19:50.000Z",
"description": "- Xchecked via VT: 219954100f5eb5d6d6e1b4f740c63c1a752be30e6af2a4bd1b406422cd1bbfab",
"pattern": "[file:hashes.MD5 = 'f181091d9a7bdaf21b4a30a5a1925fae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f06-c9a4-4d10-a819-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:50.000Z",
"modified": "2015-09-30T06:19:50.000Z",
"first_observed": "2015-09-30T06:19:50Z",
"last_observed": "2015-09-30T06:19:50Z",
"number_observed": 1,
"object_refs": [
"url--560b7f06-c9a4-4d10-a819-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f06-c9a4-4d10-a819-ecee950d210b",
"value": "https://www.virustotal.com/file/219954100f5eb5d6d6e1b4f740c63c1a752be30e6af2a4bd1b406422cd1bbfab/analysis/1440770571/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f07-a600-46af-83bf-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:51.000Z",
"modified": "2015-09-30T06:19:51.000Z",
"description": "- Xchecked via VT: 69b3398d82975680c2cfc2c0f57d3796e9e08298ea6c6cbe51e1e0964e959624",
"pattern": "[file:hashes.SHA1 = '6855a714e1d4a780ac26b151e56a314cc82546ff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f07-92dc-4d4f-a8e3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:51.000Z",
"modified": "2015-09-30T06:19:51.000Z",
"description": "- Xchecked via VT: 69b3398d82975680c2cfc2c0f57d3796e9e08298ea6c6cbe51e1e0964e959624",
"pattern": "[file:hashes.MD5 = 'f22070a2c63da47a3c6075b23d02aba3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f08-b4b0-45c8-9d1a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:51.000Z",
"modified": "2015-09-30T06:19:51.000Z",
"first_observed": "2015-09-30T06:19:51Z",
"last_observed": "2015-09-30T06:19:51Z",
"number_observed": 1,
"object_refs": [
"url--560b7f08-b4b0-45c8-9d1a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f08-b4b0-45c8-9d1a-ecee950d210b",
"value": "https://www.virustotal.com/file/69b3398d82975680c2cfc2c0f57d3796e9e08298ea6c6cbe51e1e0964e959624/analysis/1411346964/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f08-679c-4e12-b6b3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:52.000Z",
"modified": "2015-09-30T06:19:52.000Z",
"description": "- Xchecked via VT: 75d183043193ea58bca00c8233156bc7bd0ce9759a6863b3d91e4b1f62f46c42",
"pattern": "[file:hashes.SHA1 = '7821dc153e8b13bcf96f4010ae1fe902c93bf6da']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f08-dafc-47ea-9605-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:52.000Z",
"modified": "2015-09-30T06:19:52.000Z",
"description": "- Xchecked via VT: 75d183043193ea58bca00c8233156bc7bd0ce9759a6863b3d91e4b1f62f46c42",
"pattern": "[file:hashes.MD5 = '0dafac5b1378757c31da62f3ca58780f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f09-d194-4761-bd05-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:53.000Z",
"modified": "2015-09-30T06:19:53.000Z",
"first_observed": "2015-09-30T06:19:53Z",
"last_observed": "2015-09-30T06:19:53Z",
"number_observed": 1,
"object_refs": [
"url--560b7f09-d194-4761-bd05-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f09-d194-4761-bd05-ecee950d210b",
"value": "https://www.virustotal.com/file/75d183043193ea58bca00c8233156bc7bd0ce9759a6863b3d91e4b1f62f46c42/analysis/1420105204/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f09-e558-4d2d-a97f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:53.000Z",
"modified": "2015-09-30T06:19:53.000Z",
"description": "- Xchecked via VT: 143525a106ee9f4d2a68563d740a5e496fbad7d732c4220fdb8ca453e72dd687",
"pattern": "[file:hashes.SHA1 = 'ecd15f27825757861d3f70f829b9770275dcb1a8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f09-d1a0-4bf0-b404-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:53.000Z",
"modified": "2015-09-30T06:19:53.000Z",
"description": "- Xchecked via VT: 143525a106ee9f4d2a68563d740a5e496fbad7d732c4220fdb8ca453e72dd687",
"pattern": "[file:hashes.MD5 = '9315ef5b64cfb046db9fffa3eab15ab3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f0a-684c-43cd-95b3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:54.000Z",
"modified": "2015-09-30T06:19:54.000Z",
"first_observed": "2015-09-30T06:19:54Z",
"last_observed": "2015-09-30T06:19:54Z",
"number_observed": 1,
"object_refs": [
"url--560b7f0a-684c-43cd-95b3-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f0a-684c-43cd-95b3-ecee950d210b",
"value": "https://www.virustotal.com/file/143525a106ee9f4d2a68563d740a5e496fbad7d732c4220fdb8ca453e72dd687/analysis/1439631944/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0a-ce98-48f8-b35f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:54.000Z",
"modified": "2015-09-30T06:19:54.000Z",
"description": "- Xchecked via VT: 0141a9632f8a9d0034c5d81d60b821fca1cde00b0fd06d204dece77b1776ae3f",
"pattern": "[file:hashes.SHA1 = '112af4002dc3f10a13260920dc794d402c77ad1f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0a-96c0-461a-abfc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:54.000Z",
"modified": "2015-09-30T06:19:54.000Z",
"description": "- Xchecked via VT: 0141a9632f8a9d0034c5d81d60b821fca1cde00b0fd06d204dece77b1776ae3f",
"pattern": "[file:hashes.MD5 = '42b2348bd647ac281d04f27f1de8a1d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f0b-caa8-40dc-be28-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:55.000Z",
"modified": "2015-09-30T06:19:55.000Z",
"first_observed": "2015-09-30T06:19:55Z",
"last_observed": "2015-09-30T06:19:55Z",
"number_observed": 1,
"object_refs": [
"url--560b7f0b-caa8-40dc-be28-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f0b-caa8-40dc-be28-ecee950d210b",
"value": "https://www.virustotal.com/file/0141a9632f8a9d0034c5d81d60b821fca1cde00b0fd06d204dece77b1776ae3f/analysis/1438777066/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0b-ee64-46d9-a877-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:55.000Z",
"modified": "2015-09-30T06:19:55.000Z",
"description": "- Xchecked via VT: 04264fea37bf8ddf889491e8cf29464d5f8951532d331008d16cfd44737b9d4f",
"pattern": "[file:hashes.SHA1 = 'b736df6ff98776962e387ed8c6b649005f06b69f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0b-4234-4031-b970-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:55.000Z",
"modified": "2015-09-30T06:19:55.000Z",
"description": "- Xchecked via VT: 04264fea37bf8ddf889491e8cf29464d5f8951532d331008d16cfd44737b9d4f",
"pattern": "[file:hashes.MD5 = '85ee2cb38c037d6beb729cb39925c11a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f0c-d048-44c9-a65a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:56.000Z",
"modified": "2015-09-30T06:19:56.000Z",
"first_observed": "2015-09-30T06:19:56Z",
"last_observed": "2015-09-30T06:19:56Z",
"number_observed": 1,
"object_refs": [
"url--560b7f0c-d048-44c9-a65a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f0c-d048-44c9-a65a-ecee950d210b",
"value": "https://www.virustotal.com/file/04264fea37bf8ddf889491e8cf29464d5f8951532d331008d16cfd44737b9d4f/analysis/1438784378/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0c-1b08-47ce-b39d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:56.000Z",
"modified": "2015-09-30T06:19:56.000Z",
"description": "- Xchecked via VT: efb6c15680f0e0c72f18b1e337a684e7ee17d84f8fbd026f7febce21eb0d6300",
"pattern": "[file:hashes.SHA1 = 'd0246be42bbf205f26d30a23c5ad01cf996b51f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0c-39a4-4c86-bb3b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:56.000Z",
"modified": "2015-09-30T06:19:56.000Z",
"description": "- Xchecked via VT: efb6c15680f0e0c72f18b1e337a684e7ee17d84f8fbd026f7febce21eb0d6300",
"pattern": "[file:hashes.MD5 = 'ab6439d987d05fbce6520de0930f398d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f0d-bfd8-4eac-a848-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:57.000Z",
"modified": "2015-09-30T06:19:57.000Z",
"first_observed": "2015-09-30T06:19:57Z",
"last_observed": "2015-09-30T06:19:57Z",
"number_observed": 1,
"object_refs": [
"url--560b7f0d-bfd8-4eac-a848-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f0d-bfd8-4eac-a848-ecee950d210b",
"value": "https://www.virustotal.com/file/efb6c15680f0e0c72f18b1e337a684e7ee17d84f8fbd026f7febce21eb0d6300/analysis/1438789741/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0d-e704-4535-8a81-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:57.000Z",
"modified": "2015-09-30T06:19:57.000Z",
"description": "- Xchecked via VT: e7c7dad8246f32cf03401e3c152f68257edf4f499f2ec836ff77c9864f201691",
"pattern": "[file:hashes.SHA1 = '9bd28e83113c148ebb8d544eecf525e8d35c36ad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0d-66d0-4918-96a7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:57.000Z",
"modified": "2015-09-30T06:19:57.000Z",
"description": "- Xchecked via VT: e7c7dad8246f32cf03401e3c152f68257edf4f499f2ec836ff77c9864f201691",
"pattern": "[file:hashes.MD5 = '0fe92097d86febe952bfdd68bf275556']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f0e-07e4-4f85-8d52-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:58.000Z",
"modified": "2015-09-30T06:19:58.000Z",
"first_observed": "2015-09-30T06:19:58Z",
"last_observed": "2015-09-30T06:19:58Z",
"number_observed": 1,
"object_refs": [
"url--560b7f0e-07e4-4f85-8d52-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f0e-07e4-4f85-8d52-ecee950d210b",
"value": "https://www.virustotal.com/file/e7c7dad8246f32cf03401e3c152f68257edf4f499f2ec836ff77c9864f201691/analysis/1425663718/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0e-f154-4574-b882-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:58.000Z",
"modified": "2015-09-30T06:19:58.000Z",
"description": "- Xchecked via VT: 603e5ef8b01ea49318242858e5b9db4155c86549e30a908e905e809b898594b0",
"pattern": "[file:hashes.SHA1 = 'eefb5ccbba55eff62a2127f9b53a82e9c1e8f17f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0e-d5f8-48cd-9bbf-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:58.000Z",
"modified": "2015-09-30T06:19:58.000Z",
"description": "- Xchecked via VT: 603e5ef8b01ea49318242858e5b9db4155c86549e30a908e905e809b898594b0",
"pattern": "[file:hashes.MD5 = '4fa318071db08906fe187059400ec029']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f0f-0730-49b4-8088-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:59.000Z",
"modified": "2015-09-30T06:19:59.000Z",
"first_observed": "2015-09-30T06:19:59Z",
"last_observed": "2015-09-30T06:19:59Z",
"number_observed": 1,
"object_refs": [
"url--560b7f0f-0730-49b4-8088-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f0f-0730-49b4-8088-ecee950d210b",
"value": "https://www.virustotal.com/file/603e5ef8b01ea49318242858e5b9db4155c86549e30a908e905e809b898594b0/analysis/1439827281/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0f-970c-4be3-b4ae-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:59.000Z",
"modified": "2015-09-30T06:19:59.000Z",
"description": "- Xchecked via VT: d48246216927a7c7b3f9e5525ba132c73828c2d0e5254b148be192d76f5a2315",
"pattern": "[file:hashes.SHA1 = 'de687efbc37933e85e368766b2224f7a0d52f696']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f0f-cd54-4336-b1eb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:19:59.000Z",
"modified": "2015-09-30T06:19:59.000Z",
"description": "- Xchecked via VT: d48246216927a7c7b3f9e5525ba132c73828c2d0e5254b148be192d76f5a2315",
"pattern": "[file:hashes.MD5 = '2f9bc73ff3dfff9d4c4d11ad829562c0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:19:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f10-8d3c-4136-ae74-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:00.000Z",
"modified": "2015-09-30T06:20:00.000Z",
"first_observed": "2015-09-30T06:20:00Z",
"last_observed": "2015-09-30T06:20:00Z",
"number_observed": 1,
"object_refs": [
"url--560b7f10-8d3c-4136-ae74-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f10-8d3c-4136-ae74-ecee950d210b",
"value": "https://www.virustotal.com/file/d48246216927a7c7b3f9e5525ba132c73828c2d0e5254b148be192d76f5a2315/analysis/1400124767/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f10-58a0-48dc-ba72-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:00.000Z",
"modified": "2015-09-30T06:20:00.000Z",
"description": "- Xchecked via VT: b698726d2eab1f8976adb59523fcc9494756e828ee20437f7b7b3d6de2fcf79e",
"pattern": "[file:hashes.SHA1 = '5110fdbc9ee559321db2d9a8ec5e2841a3939442']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f11-5368-43d5-af0d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:01.000Z",
"modified": "2015-09-30T06:20:01.000Z",
"description": "- Xchecked via VT: b698726d2eab1f8976adb59523fcc9494756e828ee20437f7b7b3d6de2fcf79e",
"pattern": "[file:hashes.MD5 = 'c84db4a079311d6815b219517201b8f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f11-7d6c-4d6e-be9e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:01.000Z",
"modified": "2015-09-30T06:20:01.000Z",
"first_observed": "2015-09-30T06:20:01Z",
"last_observed": "2015-09-30T06:20:01Z",
"number_observed": 1,
"object_refs": [
"url--560b7f11-7d6c-4d6e-be9e-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f11-7d6c-4d6e-be9e-ecee950d210b",
"value": "https://www.virustotal.com/file/b698726d2eab1f8976adb59523fcc9494756e828ee20437f7b7b3d6de2fcf79e/analysis/1431739647/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f11-da70-4693-ada4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:01.000Z",
"modified": "2015-09-30T06:20:01.000Z",
"description": "- Xchecked via VT: e25c3d0e053dd84e9357ab914b2e1299a2227269b1e42b695defe00dc17353ea",
"pattern": "[file:hashes.SHA1 = '70699eafec5ca4c2c1b699feb8098066692085a4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f12-a20c-4338-8cdb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:02.000Z",
"modified": "2015-09-30T06:20:02.000Z",
"description": "- Xchecked via VT: e25c3d0e053dd84e9357ab914b2e1299a2227269b1e42b695defe00dc17353ea",
"pattern": "[file:hashes.MD5 = 'c2f0d2a100d68c3c9940507ba7c4fffc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f12-a4fc-4ed8-9f40-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:02.000Z",
"modified": "2015-09-30T06:20:02.000Z",
"first_observed": "2015-09-30T06:20:02Z",
"last_observed": "2015-09-30T06:20:02Z",
"number_observed": 1,
"object_refs": [
"url--560b7f12-a4fc-4ed8-9f40-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f12-a4fc-4ed8-9f40-ecee950d210b",
"value": "https://www.virustotal.com/file/e25c3d0e053dd84e9357ab914b2e1299a2227269b1e42b695defe00dc17353ea/analysis/1435353578/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f12-f66c-4107-8dd5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:02.000Z",
"modified": "2015-09-30T06:20:02.000Z",
"description": "- Xchecked via VT: e4b9c7e1b45c807943129fc338a0ea84694fe2419b4978dc627d20428d4659a0",
"pattern": "[file:hashes.SHA1 = '72594999627347ddf312b482f199450fdc675f5a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f13-0770-42ba-9a80-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:03.000Z",
"modified": "2015-09-30T06:20:03.000Z",
"description": "- Xchecked via VT: e4b9c7e1b45c807943129fc338a0ea84694fe2419b4978dc627d20428d4659a0",
"pattern": "[file:hashes.MD5 = '4a2174c1c8e7efdf267db12adb13f0cc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f13-b4d0-4561-ac9d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:03.000Z",
"modified": "2015-09-30T06:20:03.000Z",
"first_observed": "2015-09-30T06:20:03Z",
"last_observed": "2015-09-30T06:20:03Z",
"number_observed": 1,
"object_refs": [
"url--560b7f13-b4d0-4561-ac9d-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f13-b4d0-4561-ac9d-ecee950d210b",
"value": "https://www.virustotal.com/file/e4b9c7e1b45c807943129fc338a0ea84694fe2419b4978dc627d20428d4659a0/analysis/1435214617/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f13-90ec-4f2b-8344-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:03.000Z",
"modified": "2015-09-30T06:20:03.000Z",
"description": "- Xchecked via VT: 82898f80bd19951f049f654ae46b92dfc106d501cbc4ff42a5aeffb4d7d0fef0",
"pattern": "[file:hashes.SHA1 = '5f4c5e611c3cbf88c7f0bb4a03c0ee2701e1ba06']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f14-84d0-4c6e-83bd-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:04.000Z",
"modified": "2015-09-30T06:20:04.000Z",
"description": "- Xchecked via VT: 82898f80bd19951f049f654ae46b92dfc106d501cbc4ff42a5aeffb4d7d0fef0",
"pattern": "[file:hashes.MD5 = 'be7b68f0346560bd4c1320006d8b9e4a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f14-0de4-478e-afb8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:04.000Z",
"modified": "2015-09-30T06:20:04.000Z",
"first_observed": "2015-09-30T06:20:04Z",
"last_observed": "2015-09-30T06:20:04Z",
"number_observed": 1,
"object_refs": [
"url--560b7f14-0de4-478e-afb8-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f14-0de4-478e-afb8-ecee950d210b",
"value": "https://www.virustotal.com/file/82898f80bd19951f049f654ae46b92dfc106d501cbc4ff42a5aeffb4d7d0fef0/analysis/1435218622/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f14-3aac-4f5e-b9b8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:04.000Z",
"modified": "2015-09-30T06:20:04.000Z",
"description": "- Xchecked via VT: 39d39ef4b7d779a7ff8390c9b619ef1f87222c230f57e513f662faef4cb68c4d",
"pattern": "[file:hashes.SHA1 = '592c5e9f9684c7e7028c8b610459e22ad844da80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f15-5e88-4754-a4d3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:05.000Z",
"modified": "2015-09-30T06:20:05.000Z",
"description": "- Xchecked via VT: 39d39ef4b7d779a7ff8390c9b619ef1f87222c230f57e513f662faef4cb68c4d",
"pattern": "[file:hashes.MD5 = 'e22584790d750a156ed0a2d7ec7fb2bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f15-8ba4-495d-9a89-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:05.000Z",
"modified": "2015-09-30T06:20:05.000Z",
"first_observed": "2015-09-30T06:20:05Z",
"last_observed": "2015-09-30T06:20:05Z",
"number_observed": 1,
"object_refs": [
"url--560b7f15-8ba4-495d-9a89-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f15-8ba4-495d-9a89-ecee950d210b",
"value": "https://www.virustotal.com/file/39d39ef4b7d779a7ff8390c9b619ef1f87222c230f57e513f662faef4cb68c4d/analysis/1419053110/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f15-5984-400b-a4fd-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:05.000Z",
"modified": "2015-09-30T06:20:05.000Z",
"description": "- Xchecked via VT: 2e259c50a7b371fa160216107a75b5e957d92a47ee0ad24716bc3b7fc7c8c518",
"pattern": "[file:hashes.SHA1 = '4c2c6bad7041ec9b3b071a5a57e6ce42339bac11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f16-5500-456d-a558-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:06.000Z",
"modified": "2015-09-30T06:20:06.000Z",
"description": "- Xchecked via VT: 2e259c50a7b371fa160216107a75b5e957d92a47ee0ad24716bc3b7fc7c8c518",
"pattern": "[file:hashes.MD5 = 'f1e6aa7e2ee8dd9558b379339b72e4e7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f16-8990-4f67-9bfb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:06.000Z",
"modified": "2015-09-30T06:20:06.000Z",
"first_observed": "2015-09-30T06:20:06Z",
"last_observed": "2015-09-30T06:20:06Z",
"number_observed": 1,
"object_refs": [
"url--560b7f16-8990-4f67-9bfb-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f16-8990-4f67-9bfb-ecee950d210b",
"value": "https://www.virustotal.com/file/2e259c50a7b371fa160216107a75b5e957d92a47ee0ad24716bc3b7fc7c8c518/analysis/1419335270/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f16-5b98-49ea-97ca-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:06.000Z",
"modified": "2015-09-30T06:20:06.000Z",
"description": "- Xchecked via VT: 38e659ab0a9ab0e2ca57362bf7b7da9f62b8e924bd1edcd9e96b923d646a96cb",
"pattern": "[file:hashes.SHA1 = '35e790c7dc457b370bbe2f67adf8813114822c16']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f17-b4c4-446f-ade4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:07.000Z",
"modified": "2015-09-30T06:20:07.000Z",
"description": "- Xchecked via VT: 38e659ab0a9ab0e2ca57362bf7b7da9f62b8e924bd1edcd9e96b923d646a96cb",
"pattern": "[file:hashes.MD5 = 'dbb22b4062b2a4ebd0284f296b8f880e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f17-dba8-4f0a-9851-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:07.000Z",
"modified": "2015-09-30T06:20:07.000Z",
"first_observed": "2015-09-30T06:20:07Z",
"last_observed": "2015-09-30T06:20:07Z",
"number_observed": 1,
"object_refs": [
"url--560b7f17-dba8-4f0a-9851-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f17-dba8-4f0a-9851-ecee950d210b",
"value": "https://www.virustotal.com/file/38e659ab0a9ab0e2ca57362bf7b7da9f62b8e924bd1edcd9e96b923d646a96cb/analysis/1419941975/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f17-42b0-4442-861a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:07.000Z",
"modified": "2015-09-30T06:20:07.000Z",
"description": "- Xchecked via VT: 78094e48ed929f6e8701573e9e764660ecff63a84dda8d9dd065d26c4af28357",
"pattern": "[file:hashes.SHA1 = 'a654077746779428df7d4141d3516d0712e59236']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f18-332c-4e04-bcf5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:08.000Z",
"modified": "2015-09-30T06:20:08.000Z",
"description": "- Xchecked via VT: 78094e48ed929f6e8701573e9e764660ecff63a84dda8d9dd065d26c4af28357",
"pattern": "[file:hashes.MD5 = '90801a0d541046a838bf3bc710f1a425']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f18-bf7c-4e45-9a03-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:08.000Z",
"modified": "2015-09-30T06:20:08.000Z",
"first_observed": "2015-09-30T06:20:08Z",
"last_observed": "2015-09-30T06:20:08Z",
"number_observed": 1,
"object_refs": [
"url--560b7f18-bf7c-4e45-9a03-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f18-bf7c-4e45-9a03-ecee950d210b",
"value": "https://www.virustotal.com/file/78094e48ed929f6e8701573e9e764660ecff63a84dda8d9dd065d26c4af28357/analysis/1419942562/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f19-c1d8-47ae-8816-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:09.000Z",
"modified": "2015-09-30T06:20:09.000Z",
"description": "- Xchecked via VT: 6a6a8f3aa4b358b657072e7050e0e0090512403f95d7b70f6f3fff4224aa7067",
"pattern": "[file:hashes.SHA1 = 'fc3e75d9a37c452052af89719a1c536c9e901934']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f19-cefc-4bb1-b26c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:09.000Z",
"modified": "2015-09-30T06:20:09.000Z",
"description": "- Xchecked via VT: 6a6a8f3aa4b358b657072e7050e0e0090512403f95d7b70f6f3fff4224aa7067",
"pattern": "[file:hashes.MD5 = '76a39ed6ec2b4fc617792699ace39eda']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f19-ef6c-4069-a9e2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:09.000Z",
"modified": "2015-09-30T06:20:09.000Z",
"first_observed": "2015-09-30T06:20:09Z",
"last_observed": "2015-09-30T06:20:09Z",
"number_observed": 1,
"object_refs": [
"url--560b7f19-ef6c-4069-a9e2-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f19-ef6c-4069-a9e2-ecee950d210b",
"value": "https://www.virustotal.com/file/6a6a8f3aa4b358b657072e7050e0e0090512403f95d7b70f6f3fff4224aa7067/analysis/1419944827/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1a-346c-4f37-87d6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:10.000Z",
"modified": "2015-09-30T06:20:10.000Z",
"description": "- Xchecked via VT: 5569335e58ea89e1f1ee5764056357ddbfddaf3322bb103dac5924d8453291e4",
"pattern": "[file:hashes.SHA1 = '62463c15ebaeadcf54599a6a5478c15e21d24d10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1a-3044-4df8-b823-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:10.000Z",
"modified": "2015-09-30T06:20:10.000Z",
"description": "- Xchecked via VT: 5569335e58ea89e1f1ee5764056357ddbfddaf3322bb103dac5924d8453291e4",
"pattern": "[file:hashes.MD5 = '406239ac7903023206c1657005da6736']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f1a-4470-4251-859b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:10.000Z",
"modified": "2015-09-30T06:20:10.000Z",
"first_observed": "2015-09-30T06:20:10Z",
"last_observed": "2015-09-30T06:20:10Z",
"number_observed": 1,
"object_refs": [
"url--560b7f1a-4470-4251-859b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f1a-4470-4251-859b-ecee950d210b",
"value": "https://www.virustotal.com/file/5569335e58ea89e1f1ee5764056357ddbfddaf3322bb103dac5924d8453291e4/analysis/1419851803/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1b-b520-44ce-87d6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:11.000Z",
"modified": "2015-09-30T06:20:11.000Z",
"description": "- Xchecked via VT: 7fcf7a52758604d23095f604f2de2005f50c7cb938a500ca77d4c85bf5c2a482",
"pattern": "[file:hashes.SHA1 = '894171efeb4d1fbeff962b8297a48c2e56e2e75d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1b-eea8-486b-bb96-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:11.000Z",
"modified": "2015-09-30T06:20:11.000Z",
"description": "- Xchecked via VT: 7fcf7a52758604d23095f604f2de2005f50c7cb938a500ca77d4c85bf5c2a482",
"pattern": "[file:hashes.MD5 = '38ea5c513fbda12a3725346aebed63f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f1b-bf5c-4b88-a02a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:11.000Z",
"modified": "2015-09-30T06:20:11.000Z",
"first_observed": "2015-09-30T06:20:11Z",
"last_observed": "2015-09-30T06:20:11Z",
"number_observed": 1,
"object_refs": [
"url--560b7f1b-bf5c-4b88-a02a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f1b-bf5c-4b88-a02a-ecee950d210b",
"value": "https://www.virustotal.com/file/7fcf7a52758604d23095f604f2de2005f50c7cb938a500ca77d4c85bf5c2a482/analysis/1420356640/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1c-5798-4209-9aab-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:12.000Z",
"modified": "2015-09-30T06:20:12.000Z",
"description": "- Xchecked via VT: ba3a8d359c6f15ff8b92355275db677aac28ae8050ba1a10f71c3a9aa68b9251",
"pattern": "[file:hashes.SHA1 = 'a639a0be23207f8c9dfcc714ea1592bae67e47f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1c-8564-47b9-b417-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:12.000Z",
"modified": "2015-09-30T06:20:12.000Z",
"description": "- Xchecked via VT: ba3a8d359c6f15ff8b92355275db677aac28ae8050ba1a10f71c3a9aa68b9251",
"pattern": "[file:hashes.MD5 = 'f3b4017006776b8abb125309155582f9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f1c-d48c-476a-a48e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:12.000Z",
"modified": "2015-09-30T06:20:12.000Z",
"first_observed": "2015-09-30T06:20:12Z",
"last_observed": "2015-09-30T06:20:12Z",
"number_observed": 1,
"object_refs": [
"url--560b7f1c-d48c-476a-a48e-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f1c-d48c-476a-a48e-ecee950d210b",
"value": "https://www.virustotal.com/file/ba3a8d359c6f15ff8b92355275db677aac28ae8050ba1a10f71c3a9aa68b9251/analysis/1421119460/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1d-ba60-4861-8f3b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:13.000Z",
"modified": "2015-09-30T06:20:13.000Z",
"description": "- Xchecked via VT: 2e6ce282dd63a1f63768ac682056964c038ac15d0e7a2ca65392462e4b8c9a73",
"pattern": "[file:hashes.SHA1 = 'c13c8dc8a4c2f91d702892a1146ddc6081b55818']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1d-7714-4708-9e7d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:13.000Z",
"modified": "2015-09-30T06:20:13.000Z",
"description": "- Xchecked via VT: 2e6ce282dd63a1f63768ac682056964c038ac15d0e7a2ca65392462e4b8c9a73",
"pattern": "[file:hashes.MD5 = 'f60dbb16cb2e2268f20dd166da90bdbc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f1d-7aac-4386-b3ce-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:13.000Z",
"modified": "2015-09-30T06:20:13.000Z",
"first_observed": "2015-09-30T06:20:13Z",
"last_observed": "2015-09-30T06:20:13Z",
"number_observed": 1,
"object_refs": [
"url--560b7f1d-7aac-4386-b3ce-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f1d-7aac-4386-b3ce-ecee950d210b",
"value": "https://www.virustotal.com/file/2e6ce282dd63a1f63768ac682056964c038ac15d0e7a2ca65392462e4b8c9a73/analysis/1424182818/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1e-c1b0-406d-8a06-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:14.000Z",
"modified": "2015-09-30T06:20:14.000Z",
"description": "- Xchecked via VT: c4ca0757ba736fc83919bcd7cdb0ac67f4e945832c6e0e8b42034408bfec40da",
"pattern": "[file:hashes.SHA1 = 'cdff7240e84852429097ddba54db7c29f3934a69']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1e-c92c-46d0-8075-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:14.000Z",
"modified": "2015-09-30T06:20:14.000Z",
"description": "- Xchecked via VT: c4ca0757ba736fc83919bcd7cdb0ac67f4e945832c6e0e8b42034408bfec40da",
"pattern": "[file:hashes.MD5 = '1ed3560fe7cd343674d86f057578fc73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f1e-be04-4d0d-863f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:14.000Z",
"modified": "2015-09-30T06:20:14.000Z",
"first_observed": "2015-09-30T06:20:14Z",
"last_observed": "2015-09-30T06:20:14Z",
"number_observed": 1,
"object_refs": [
"url--560b7f1e-be04-4d0d-863f-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f1e-be04-4d0d-863f-ecee950d210b",
"value": "https://www.virustotal.com/file/c4ca0757ba736fc83919bcd7cdb0ac67f4e945832c6e0e8b42034408bfec40da/analysis/1424321931/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1f-963c-46d6-8e2c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:15.000Z",
"modified": "2015-09-30T06:20:15.000Z",
"description": "- Xchecked via VT: fc85836d8e0035f4ae2a90ac03515ce61dad80450303686e9074db5ad830f2e5",
"pattern": "[file:hashes.SHA1 = '4740449cf662be86f9b748ec48f35019afc32560']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f1f-6754-44d9-b616-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:15.000Z",
"modified": "2015-09-30T06:20:15.000Z",
"description": "- Xchecked via VT: fc85836d8e0035f4ae2a90ac03515ce61dad80450303686e9074db5ad830f2e5",
"pattern": "[file:hashes.MD5 = 'f86f4ef641f19f937cd7e6cd4046a1f2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f1f-6230-435a-a4a1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:15.000Z",
"modified": "2015-09-30T06:20:15.000Z",
"first_observed": "2015-09-30T06:20:15Z",
"last_observed": "2015-09-30T06:20:15Z",
"number_observed": 1,
"object_refs": [
"url--560b7f1f-6230-435a-a4a1-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f1f-6230-435a-a4a1-ecee950d210b",
"value": "https://www.virustotal.com/file/fc85836d8e0035f4ae2a90ac03515ce61dad80450303686e9074db5ad830f2e5/analysis/1424324708/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f20-27a4-490c-9e3d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:16.000Z",
"modified": "2015-09-30T06:20:16.000Z",
"description": "- Xchecked via VT: 6eeb8a48898ace58017f08c50fd9c7df425e367626a7ac8994e9095a868b2dd6",
"pattern": "[file:hashes.SHA1 = '8d49f19264d1e83145caa660f1d4a2cc1feaca00']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f20-cf30-4acc-9a42-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:16.000Z",
"modified": "2015-09-30T06:20:16.000Z",
"description": "- Xchecked via VT: 6eeb8a48898ace58017f08c50fd9c7df425e367626a7ac8994e9095a868b2dd6",
"pattern": "[file:hashes.MD5 = '4a93bca43e61751b779a2dd4c198296d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f20-5590-4b11-99d0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:16.000Z",
"modified": "2015-09-30T06:20:16.000Z",
"first_observed": "2015-09-30T06:20:16Z",
"last_observed": "2015-09-30T06:20:16Z",
"number_observed": 1,
"object_refs": [
"url--560b7f20-5590-4b11-99d0-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f20-5590-4b11-99d0-ecee950d210b",
"value": "https://www.virustotal.com/file/6eeb8a48898ace58017f08c50fd9c7df425e367626a7ac8994e9095a868b2dd6/analysis/1424325058/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f21-e88c-491f-8627-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:17.000Z",
"modified": "2015-09-30T06:20:17.000Z",
"description": "- Xchecked via VT: f19fbb1f236fb4e9a4fe9c373da7d4827130e3e76af784f2e8f9567aa4383f88",
"pattern": "[file:hashes.SHA1 = 'f829eb66ea3f7e8576585345c4e2a4886885601a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f21-a374-4286-a274-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:17.000Z",
"modified": "2015-09-30T06:20:17.000Z",
"description": "- Xchecked via VT: f19fbb1f236fb4e9a4fe9c373da7d4827130e3e76af784f2e8f9567aa4383f88",
"pattern": "[file:hashes.MD5 = '0b772f0e5f29ae7d63184fc3b526637a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f21-8140-4bec-add0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:17.000Z",
"modified": "2015-09-30T06:20:17.000Z",
"first_observed": "2015-09-30T06:20:17Z",
"last_observed": "2015-09-30T06:20:17Z",
"number_observed": 1,
"object_refs": [
"url--560b7f21-8140-4bec-add0-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f21-8140-4bec-add0-ecee950d210b",
"value": "https://www.virustotal.com/file/f19fbb1f236fb4e9a4fe9c373da7d4827130e3e76af784f2e8f9567aa4383f88/analysis/1424334558/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f22-b66c-4d12-bcd8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:18.000Z",
"modified": "2015-09-30T06:20:18.000Z",
"description": "- Xchecked via VT: b26cfa79e2868046c1205acc015ca928ae0a95620b1a6da5a1d3a4e78eed699d",
"pattern": "[file:hashes.SHA1 = '84effe27404d160357984f175ebbdeae24bccb33']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f22-3628-474d-9923-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:18.000Z",
"modified": "2015-09-30T06:20:18.000Z",
"description": "- Xchecked via VT: b26cfa79e2868046c1205acc015ca928ae0a95620b1a6da5a1d3a4e78eed699d",
"pattern": "[file:hashes.MD5 = 'fa69115e11d906305a800f67cdd4f296']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f23-7ab8-48ee-855f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:19.000Z",
"modified": "2015-09-30T06:20:19.000Z",
"first_observed": "2015-09-30T06:20:19Z",
"last_observed": "2015-09-30T06:20:19Z",
"number_observed": 1,
"object_refs": [
"url--560b7f23-7ab8-48ee-855f-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f23-7ab8-48ee-855f-ecee950d210b",
"value": "https://www.virustotal.com/file/b26cfa79e2868046c1205acc015ca928ae0a95620b1a6da5a1d3a4e78eed699d/analysis/1424630300/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f23-2bd4-4de7-9622-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:19.000Z",
"modified": "2015-09-30T06:20:19.000Z",
"description": "- Xchecked via VT: 6c47258b58937c4f8f6a55e2fe1a34cb097c628f0aafe25fd944bfeddc2294ad",
"pattern": "[file:hashes.SHA1 = '3a2128f8d6157d884b46a136a9ff6aa31e3492b4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f23-5e24-4e01-833f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:19.000Z",
"modified": "2015-09-30T06:20:19.000Z",
"description": "- Xchecked via VT: 6c47258b58937c4f8f6a55e2fe1a34cb097c628f0aafe25fd944bfeddc2294ad",
"pattern": "[file:hashes.MD5 = 'd4551651e74f5adb4db5098833d47df6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f24-11f8-48b9-a21d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:20.000Z",
"modified": "2015-09-30T06:20:20.000Z",
"first_observed": "2015-09-30T06:20:20Z",
"last_observed": "2015-09-30T06:20:20Z",
"number_observed": 1,
"object_refs": [
"url--560b7f24-11f8-48b9-a21d-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f24-11f8-48b9-a21d-ecee950d210b",
"value": "https://www.virustotal.com/file/6c47258b58937c4f8f6a55e2fe1a34cb097c628f0aafe25fd944bfeddc2294ad/analysis/1426287630/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f24-c7d0-4bfb-8057-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:20.000Z",
"modified": "2015-09-30T06:20:20.000Z",
"description": "- Xchecked via VT: e062dcd33661249a983e172188450aa6489cc0a14dc80c5d8cefb039297d1b7f",
"pattern": "[file:hashes.SHA1 = '633824c8852c18e050bcd156bb95cdf81579b057']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f24-f904-4dbb-b064-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:20.000Z",
"modified": "2015-09-30T06:20:20.000Z",
"description": "- Xchecked via VT: e062dcd33661249a983e172188450aa6489cc0a14dc80c5d8cefb039297d1b7f",
"pattern": "[file:hashes.MD5 = '3165d62c53244867cd0414dbe21e8608']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f25-1658-4f44-ad99-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:21.000Z",
"modified": "2015-09-30T06:20:21.000Z",
"first_observed": "2015-09-30T06:20:21Z",
"last_observed": "2015-09-30T06:20:21Z",
"number_observed": 1,
"object_refs": [
"url--560b7f25-1658-4f44-ad99-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f25-1658-4f44-ad99-ecee950d210b",
"value": "https://www.virustotal.com/file/e062dcd33661249a983e172188450aa6489cc0a14dc80c5d8cefb039297d1b7f/analysis/1426287663/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f25-77d4-4e6e-b6c7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:21.000Z",
"modified": "2015-09-30T06:20:21.000Z",
"description": "- Xchecked via VT: 2c36f2165d01255fd760d30ec25418436fe1692e99d4ae201967aaf33b9c22b1",
"pattern": "[file:hashes.SHA1 = '1c93f4d995da0869a628bf2f28b9c019120d0f2c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f25-75f8-4cfa-a303-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:21.000Z",
"modified": "2015-09-30T06:20:21.000Z",
"description": "- Xchecked via VT: 2c36f2165d01255fd760d30ec25418436fe1692e99d4ae201967aaf33b9c22b1",
"pattern": "[file:hashes.MD5 = '0090ced3da279c50723285e2f5857233']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f26-7498-4e44-b1f0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:22.000Z",
"modified": "2015-09-30T06:20:22.000Z",
"first_observed": "2015-09-30T06:20:22Z",
"last_observed": "2015-09-30T06:20:22Z",
"number_observed": 1,
"object_refs": [
"url--560b7f26-7498-4e44-b1f0-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f26-7498-4e44-b1f0-ecee950d210b",
"value": "https://www.virustotal.com/file/2c36f2165d01255fd760d30ec25418436fe1692e99d4ae201967aaf33b9c22b1/analysis/1426288207/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f26-10a0-41c7-8aa6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:22.000Z",
"modified": "2015-09-30T06:20:22.000Z",
"description": "- Xchecked via VT: 006422c75adf9238cc8e769ab9d13a23e97fc3593e31c63bbd844c8d620bcb74",
"pattern": "[file:hashes.SHA1 = '2e11ea495dd80e41426d3c97f35d58a463e9da0e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f26-0b30-4507-afb8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:22.000Z",
"modified": "2015-09-30T06:20:22.000Z",
"description": "- Xchecked via VT: 006422c75adf9238cc8e769ab9d13a23e97fc3593e31c63bbd844c8d620bcb74",
"pattern": "[file:hashes.MD5 = 'c0c9088e26cb624248786f12f8f1f2e6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f27-04a8-44b1-92fe-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:23.000Z",
"modified": "2015-09-30T06:20:23.000Z",
"first_observed": "2015-09-30T06:20:23Z",
"last_observed": "2015-09-30T06:20:23Z",
"number_observed": 1,
"object_refs": [
"url--560b7f27-04a8-44b1-92fe-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f27-04a8-44b1-92fe-ecee950d210b",
"value": "https://www.virustotal.com/file/006422c75adf9238cc8e769ab9d13a23e97fc3593e31c63bbd844c8d620bcb74/analysis/1426288314/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f27-f570-4481-8bda-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:23.000Z",
"modified": "2015-09-30T06:20:23.000Z",
"description": "- Xchecked via VT: 42afc71477ec83749d7223789edac4526ae7fd7db3756206bc422aa5e175578b",
"pattern": "[file:hashes.SHA1 = 'fd5ad87c1966d8fc8d7bdfdb600f864b1e0c1032']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f27-53f0-4378-b259-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:23.000Z",
"modified": "2015-09-30T06:20:23.000Z",
"description": "- Xchecked via VT: 42afc71477ec83749d7223789edac4526ae7fd7db3756206bc422aa5e175578b",
"pattern": "[file:hashes.MD5 = '4aa6041670c281c18efb39914683cbab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f28-5bf8-4fc1-b806-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:24.000Z",
"modified": "2015-09-30T06:20:24.000Z",
"first_observed": "2015-09-30T06:20:24Z",
"last_observed": "2015-09-30T06:20:24Z",
"number_observed": 1,
"object_refs": [
"url--560b7f28-5bf8-4fc1-b806-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f28-5bf8-4fc1-b806-ecee950d210b",
"value": "https://www.virustotal.com/file/42afc71477ec83749d7223789edac4526ae7fd7db3756206bc422aa5e175578b/analysis/1426288611/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f28-e4b4-4488-a3e0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:24.000Z",
"modified": "2015-09-30T06:20:24.000Z",
"description": "- Xchecked via VT: e02883913febe7ba3bfbd953ace93619b45e1d31e0bc20dc1a9b532a522ebbca",
"pattern": "[file:hashes.SHA1 = '87339148bacd165978024375124a929c688c8c78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f28-fc24-4779-84b8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:24.000Z",
"modified": "2015-09-30T06:20:24.000Z",
"description": "- Xchecked via VT: e02883913febe7ba3bfbd953ace93619b45e1d31e0bc20dc1a9b532a522ebbca",
"pattern": "[file:hashes.MD5 = '41bb95002d24f20955467c5c486ffb50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f29-232c-47c1-bd4e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:25.000Z",
"modified": "2015-09-30T06:20:25.000Z",
"first_observed": "2015-09-30T06:20:25Z",
"last_observed": "2015-09-30T06:20:25Z",
"number_observed": 1,
"object_refs": [
"url--560b7f29-232c-47c1-bd4e-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f29-232c-47c1-bd4e-ecee950d210b",
"value": "https://www.virustotal.com/file/e02883913febe7ba3bfbd953ace93619b45e1d31e0bc20dc1a9b532a522ebbca/analysis/1426288598/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f29-0980-4da4-afb2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:25.000Z",
"modified": "2015-09-30T06:20:25.000Z",
"description": "- Xchecked via VT: be17828afe89e886160f77e6ea31a10fb9374cde37ec46a4283029ee8425ca04",
"pattern": "[file:hashes.SHA1 = '0c493258cbf3cd6217ad69ba9c977a467543bcb0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f29-0bb8-4427-a6c6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:25.000Z",
"modified": "2015-09-30T06:20:25.000Z",
"description": "- Xchecked via VT: be17828afe89e886160f77e6ea31a10fb9374cde37ec46a4283029ee8425ca04",
"pattern": "[file:hashes.MD5 = '03e5f00b177a42c806fd3700fcda9e46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f2a-73cc-40cb-9fba-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:26.000Z",
"modified": "2015-09-30T06:20:26.000Z",
"first_observed": "2015-09-30T06:20:26Z",
"last_observed": "2015-09-30T06:20:26Z",
"number_observed": 1,
"object_refs": [
"url--560b7f2a-73cc-40cb-9fba-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f2a-73cc-40cb-9fba-ecee950d210b",
"value": "https://www.virustotal.com/file/be17828afe89e886160f77e6ea31a10fb9374cde37ec46a4283029ee8425ca04/analysis/1429829619/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2a-d608-45ed-89a0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:26.000Z",
"modified": "2015-09-30T06:20:26.000Z",
"description": "- Xchecked via VT: 3608243af2cf1b6f710a2c8f06a128524de40535ee0b64cb8562c5739b23c36e",
"pattern": "[file:hashes.SHA1 = 'e2c0da4c2e0d75720182214f62bd791735965758']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2a-31b0-42b7-9cda-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:26.000Z",
"modified": "2015-09-30T06:20:26.000Z",
"description": "- Xchecked via VT: 3608243af2cf1b6f710a2c8f06a128524de40535ee0b64cb8562c5739b23c36e",
"pattern": "[file:hashes.MD5 = '311b91bd2a3cf0f1ac22884c7ff8e02f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f2b-1ebc-459e-a33e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:27.000Z",
"modified": "2015-09-30T06:20:27.000Z",
"first_observed": "2015-09-30T06:20:27Z",
"last_observed": "2015-09-30T06:20:27Z",
"number_observed": 1,
"object_refs": [
"url--560b7f2b-1ebc-459e-a33e-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f2b-1ebc-459e-a33e-ecee950d210b",
"value": "https://www.virustotal.com/file/3608243af2cf1b6f710a2c8f06a128524de40535ee0b64cb8562c5739b23c36e/analysis/1429831315/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2b-7494-4fe9-b9cb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:27.000Z",
"modified": "2015-09-30T06:20:27.000Z",
"description": "- Xchecked via VT: 44dab01089416b88ce26092a9ab6d0f93c49ff8637298fa3b786f7ce0b68867b",
"pattern": "[file:hashes.SHA1 = 'ff6e8f58cef32e993915c1541f3bc017ceb97ce4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2c-f278-4a9b-8e69-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:28.000Z",
"modified": "2015-09-30T06:20:28.000Z",
"description": "- Xchecked via VT: 44dab01089416b88ce26092a9ab6d0f93c49ff8637298fa3b786f7ce0b68867b",
"pattern": "[file:hashes.MD5 = '0f721c740e57f215d1137e72a4e5ba48']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f2c-34e0-4331-9632-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:28.000Z",
"modified": "2015-09-30T06:20:28.000Z",
"first_observed": "2015-09-30T06:20:28Z",
"last_observed": "2015-09-30T06:20:28Z",
"number_observed": 1,
"object_refs": [
"url--560b7f2c-34e0-4331-9632-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f2c-34e0-4331-9632-ecee950d210b",
"value": "https://www.virustotal.com/file/44dab01089416b88ce26092a9ab6d0f93c49ff8637298fa3b786f7ce0b68867b/analysis/1435900032/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2c-7a30-41c6-a716-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:28.000Z",
"modified": "2015-09-30T06:20:28.000Z",
"description": "- Xchecked via VT: 01d576acd2edcc338aab17c57e72604bf5762ce4e425500ca0467b984ec6622d",
"pattern": "[file:hashes.SHA1 = '2853051aa41c93858fbfc434a4c91414b7d4f5d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2d-8b3c-4bd4-8829-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:29.000Z",
"modified": "2015-09-30T06:20:29.000Z",
"description": "- Xchecked via VT: 01d576acd2edcc338aab17c57e72604bf5762ce4e425500ca0467b984ec6622d",
"pattern": "[file:hashes.MD5 = '60e45339b90706c6a2de3455494bba46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f2d-9a68-45aa-8df1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:29.000Z",
"modified": "2015-09-30T06:20:29.000Z",
"first_observed": "2015-09-30T06:20:29Z",
"last_observed": "2015-09-30T06:20:29Z",
"number_observed": 1,
"object_refs": [
"url--560b7f2d-9a68-45aa-8df1-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f2d-9a68-45aa-8df1-ecee950d210b",
"value": "https://www.virustotal.com/file/01d576acd2edcc338aab17c57e72604bf5762ce4e425500ca0467b984ec6622d/analysis/1436352307/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2d-3bf0-436f-aede-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:29.000Z",
"modified": "2015-09-30T06:20:29.000Z",
"description": "- Xchecked via VT: 078ee975c0ad0045c0efffe7ac76a7ffdf0536853795dcf45c4a7721ce59cc9c",
"pattern": "[file:hashes.SHA1 = 'e500a85c017e07654422b8dc0989667b637dbeeb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2e-4348-421d-b54f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:30.000Z",
"modified": "2015-09-30T06:20:30.000Z",
"description": "- Xchecked via VT: 078ee975c0ad0045c0efffe7ac76a7ffdf0536853795dcf45c4a7721ce59cc9c",
"pattern": "[file:hashes.MD5 = '170437839847bf560b9babb7f1b8570e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f2e-9f5c-415f-ba49-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:30.000Z",
"modified": "2015-09-30T06:20:30.000Z",
"first_observed": "2015-09-30T06:20:30Z",
"last_observed": "2015-09-30T06:20:30Z",
"number_observed": 1,
"object_refs": [
"url--560b7f2e-9f5c-415f-ba49-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f2e-9f5c-415f-ba49-ecee950d210b",
"value": "https://www.virustotal.com/file/078ee975c0ad0045c0efffe7ac76a7ffdf0536853795dcf45c4a7721ce59cc9c/analysis/1436530514/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2e-3264-42af-8ea8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:30.000Z",
"modified": "2015-09-30T06:20:30.000Z",
"description": "- Xchecked via VT: 7eced250d7fc59a595a83521c0fbb2a258da01f9c77c1f410d40920ae8ae59a7",
"pattern": "[file:hashes.SHA1 = 'f8b4bc474cb1d4165344481dfb14bc7832aab2ff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2f-2d6c-4b68-875c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:31.000Z",
"modified": "2015-09-30T06:20:31.000Z",
"description": "- Xchecked via VT: 7eced250d7fc59a595a83521c0fbb2a258da01f9c77c1f410d40920ae8ae59a7",
"pattern": "[file:hashes.MD5 = '1553096c8cbc5ed94966da1107820a72']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f2f-3008-4716-b5c5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:31.000Z",
"modified": "2015-09-30T06:20:31.000Z",
"first_observed": "2015-09-30T06:20:31Z",
"last_observed": "2015-09-30T06:20:31Z",
"number_observed": 1,
"object_refs": [
"url--560b7f2f-3008-4716-b5c5-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f2f-3008-4716-b5c5-ecee950d210b",
"value": "https://www.virustotal.com/file/7eced250d7fc59a595a83521c0fbb2a258da01f9c77c1f410d40920ae8ae59a7/analysis/1436560805/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f2f-8e80-4468-8048-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:31.000Z",
"modified": "2015-09-30T06:20:31.000Z",
"description": "- Xchecked via VT: 407d2244de3786249aa489af77169e07268287b1707aaddba1954af6b2d35bdc",
"pattern": "[file:hashes.SHA1 = 'd411b3be2f4da28eab086860207405a25e1bbea4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f30-228c-42b1-b9da-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:32.000Z",
"modified": "2015-09-30T06:20:32.000Z",
"description": "- Xchecked via VT: 407d2244de3786249aa489af77169e07268287b1707aaddba1954af6b2d35bdc",
"pattern": "[file:hashes.MD5 = '3028b427be84579478586495f1aa152d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f30-0724-4390-ba24-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:32.000Z",
"modified": "2015-09-30T06:20:32.000Z",
"first_observed": "2015-09-30T06:20:32Z",
"last_observed": "2015-09-30T06:20:32Z",
"number_observed": 1,
"object_refs": [
"url--560b7f30-0724-4390-ba24-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f30-0724-4390-ba24-ecee950d210b",
"value": "https://www.virustotal.com/file/407d2244de3786249aa489af77169e07268287b1707aaddba1954af6b2d35bdc/analysis/1436568449/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f30-e0f8-4b13-9fee-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:32.000Z",
"modified": "2015-09-30T06:20:32.000Z",
"description": "- Xchecked via VT: 104da591e6b93df35a4917ff34ddc18e6ffe83b226640999680261e84c7d03bf",
"pattern": "[file:hashes.SHA1 = '42d9ce9e3a78d58d2c5b5f02dd2052abf7f697ce']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f31-ee84-49eb-852b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:33.000Z",
"modified": "2015-09-30T06:20:33.000Z",
"description": "- Xchecked via VT: 104da591e6b93df35a4917ff34ddc18e6ffe83b226640999680261e84c7d03bf",
"pattern": "[file:hashes.MD5 = '2fc7c1414e95ebe2156036d5833b5be8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f31-b7a8-45d6-bc35-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:33.000Z",
"modified": "2015-09-30T06:20:33.000Z",
"first_observed": "2015-09-30T06:20:33Z",
"last_observed": "2015-09-30T06:20:33Z",
"number_observed": 1,
"object_refs": [
"url--560b7f31-b7a8-45d6-bc35-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f31-b7a8-45d6-bc35-ecee950d210b",
"value": "https://www.virustotal.com/file/104da591e6b93df35a4917ff34ddc18e6ffe83b226640999680261e84c7d03bf/analysis/1439738824/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f31-da28-4282-934f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:33.000Z",
"modified": "2015-09-30T06:20:33.000Z",
"description": "- Xchecked via VT: b7bbbab46b6d130478c750463dd8882a3e94699c758d6d0964adfaa24fa7735d",
"pattern": "[file:hashes.SHA1 = '11da5642426bd3ad38f51d68b0035f3e8fd54e71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f32-4898-41e5-9f8f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:34.000Z",
"modified": "2015-09-30T06:20:34.000Z",
"description": "- Xchecked via VT: b7bbbab46b6d130478c750463dd8882a3e94699c758d6d0964adfaa24fa7735d",
"pattern": "[file:hashes.MD5 = '2798cb888e9132f68cffaae3798da513']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f32-0b34-4816-90ed-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:34.000Z",
"modified": "2015-09-30T06:20:34.000Z",
"first_observed": "2015-09-30T06:20:34Z",
"last_observed": "2015-09-30T06:20:34Z",
"number_observed": 1,
"object_refs": [
"url--560b7f32-0b34-4816-90ed-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f32-0b34-4816-90ed-ecee950d210b",
"value": "https://www.virustotal.com/file/b7bbbab46b6d130478c750463dd8882a3e94699c758d6d0964adfaa24fa7735d/analysis/1439967586/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f33-431c-4a5a-a6d4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:35.000Z",
"modified": "2015-09-30T06:20:35.000Z",
"description": "- Xchecked via VT: e3b20d45b15400bc98ea7899ea1438a3746c10efae3cae323943709cfbb66e4d",
"pattern": "[file:hashes.SHA1 = '61237927fe022382cb791fbc29b0f81a8d76da13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f33-48d8-4faa-b6ec-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:35.000Z",
"modified": "2015-09-30T06:20:35.000Z",
"description": "- Xchecked via VT: e3b20d45b15400bc98ea7899ea1438a3746c10efae3cae323943709cfbb66e4d",
"pattern": "[file:hashes.MD5 = '06f5e151cd071569511565627ad81a22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f33-6414-4f7c-999c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:35.000Z",
"modified": "2015-09-30T06:20:35.000Z",
"first_observed": "2015-09-30T06:20:35Z",
"last_observed": "2015-09-30T06:20:35Z",
"number_observed": 1,
"object_refs": [
"url--560b7f33-6414-4f7c-999c-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f33-6414-4f7c-999c-ecee950d210b",
"value": "https://www.virustotal.com/file/e3b20d45b15400bc98ea7899ea1438a3746c10efae3cae323943709cfbb66e4d/analysis/1439970875/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f34-e2b0-48d3-80e7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:36.000Z",
"modified": "2015-09-30T06:20:36.000Z",
"description": "- Xchecked via VT: e7bfc14d9136106022b9c4da608c400d6a0b59e019b135b538934b5b170ace28",
"pattern": "[file:hashes.SHA1 = '594b20ea3fdc5c36a997bc50a0cb4040e689a4e9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f34-c81c-4349-902f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:36.000Z",
"modified": "2015-09-30T06:20:36.000Z",
"description": "- Xchecked via VT: e7bfc14d9136106022b9c4da608c400d6a0b59e019b135b538934b5b170ace28",
"pattern": "[file:hashes.MD5 = '2690f890fae5791711e8bc4cc947542b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f34-cdd0-4ec8-9f2b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:36.000Z",
"modified": "2015-09-30T06:20:36.000Z",
"first_observed": "2015-09-30T06:20:36Z",
"last_observed": "2015-09-30T06:20:36Z",
"number_observed": 1,
"object_refs": [
"url--560b7f34-cdd0-4ec8-9f2b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f34-cdd0-4ec8-9f2b-ecee950d210b",
"value": "https://www.virustotal.com/file/e7bfc14d9136106022b9c4da608c400d6a0b59e019b135b538934b5b170ace28/analysis/1439972708/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f35-4ca0-40f3-bd34-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:37.000Z",
"modified": "2015-09-30T06:20:37.000Z",
"description": "- Xchecked via VT: 8403c3de9ea43d5f7d06e3fd952f51a384604a1d7eec000ed3ef0f0822e27fe5",
"pattern": "[file:hashes.SHA1 = 'd93147b2a4b33c32f8c29ad89a906bdfeefc56f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f35-e70c-4276-a925-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:37.000Z",
"modified": "2015-09-30T06:20:37.000Z",
"description": "- Xchecked via VT: 8403c3de9ea43d5f7d06e3fd952f51a384604a1d7eec000ed3ef0f0822e27fe5",
"pattern": "[file:hashes.MD5 = '0bd842a12a0468aeb8563f94f561d1c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f35-105c-4530-91a9-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:37.000Z",
"modified": "2015-09-30T06:20:37.000Z",
"first_observed": "2015-09-30T06:20:37Z",
"last_observed": "2015-09-30T06:20:37Z",
"number_observed": 1,
"object_refs": [
"url--560b7f35-105c-4530-91a9-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f35-105c-4530-91a9-ecee950d210b",
"value": "https://www.virustotal.com/file/8403c3de9ea43d5f7d06e3fd952f51a384604a1d7eec000ed3ef0f0822e27fe5/analysis/1439976488/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f36-c434-4632-9b7c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:38.000Z",
"modified": "2015-09-30T06:20:38.000Z",
"description": "- Xchecked via VT: 90c8402672ab3ec8503902b6e73295c746549c7afefff01f47d5369b2787865f",
"pattern": "[file:hashes.SHA1 = 'cc0dc0dbb8a4e473f5222d51815d355b032859cb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f36-da30-410a-9e2f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:38.000Z",
"modified": "2015-09-30T06:20:38.000Z",
"description": "- Xchecked via VT: 90c8402672ab3ec8503902b6e73295c746549c7afefff01f47d5369b2787865f",
"pattern": "[file:hashes.MD5 = '22222d2b7163fc3697126fc968b6562e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f36-ce8c-4039-99eb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:38.000Z",
"modified": "2015-09-30T06:20:38.000Z",
"first_observed": "2015-09-30T06:20:38Z",
"last_observed": "2015-09-30T06:20:38Z",
"number_observed": 1,
"object_refs": [
"url--560b7f36-ce8c-4039-99eb-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f36-ce8c-4039-99eb-ecee950d210b",
"value": "https://www.virustotal.com/file/90c8402672ab3ec8503902b6e73295c746549c7afefff01f47d5369b2787865f/analysis/1440031386/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f37-6218-44ea-8c03-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:39.000Z",
"modified": "2015-09-30T06:20:39.000Z",
"description": "- Xchecked via VT: 6f9159627eae1325b6d03804536ae72fa6544587747aa597122414c43fef32d1",
"pattern": "[file:hashes.SHA1 = '61698d1c19864b48147572daf3737e7f74bae48a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f37-6340-4c90-a444-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:39.000Z",
"modified": "2015-09-30T06:20:39.000Z",
"description": "- Xchecked via VT: 6f9159627eae1325b6d03804536ae72fa6544587747aa597122414c43fef32d1",
"pattern": "[file:hashes.MD5 = '6042389fda78c74887aac98922cd2194']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f37-0e84-4ab0-9b7b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:39.000Z",
"modified": "2015-09-30T06:20:39.000Z",
"first_observed": "2015-09-30T06:20:39Z",
"last_observed": "2015-09-30T06:20:39Z",
"number_observed": 1,
"object_refs": [
"url--560b7f37-0e84-4ab0-9b7b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f37-0e84-4ab0-9b7b-ecee950d210b",
"value": "https://www.virustotal.com/file/6f9159627eae1325b6d03804536ae72fa6544587747aa597122414c43fef32d1/analysis/1439657441/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f38-a238-4b90-bbf6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:40.000Z",
"modified": "2015-09-30T06:20:40.000Z",
"description": "- Xchecked via VT: 09e40934fe3d7d508552a589df38b9f33c70bccef2624d5f8fb7d720256399b8",
"pattern": "[file:hashes.SHA1 = '75798bfbe21c6ee7191e68b12fd02751aa7e29fd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f38-8828-4fc2-b9a1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:40.000Z",
"modified": "2015-09-30T06:20:40.000Z",
"description": "- Xchecked via VT: 09e40934fe3d7d508552a589df38b9f33c70bccef2624d5f8fb7d720256399b8",
"pattern": "[file:hashes.MD5 = '76b39475b80db847a825ddf0cb141f3b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f38-d764-4a09-add5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:40.000Z",
"modified": "2015-09-30T06:20:40.000Z",
"first_observed": "2015-09-30T06:20:40Z",
"last_observed": "2015-09-30T06:20:40Z",
"number_observed": 1,
"object_refs": [
"url--560b7f38-d764-4a09-add5-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f38-d764-4a09-add5-ecee950d210b",
"value": "https://www.virustotal.com/file/09e40934fe3d7d508552a589df38b9f33c70bccef2624d5f8fb7d720256399b8/analysis/1419709673/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f39-7180-4bf0-9e17-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:41.000Z",
"modified": "2015-09-30T06:20:41.000Z",
"description": "- Xchecked via VT: cfd41685b2595d037d557375db6a7598e85c9bd767a03f8fb45b10732c171e27",
"pattern": "[file:hashes.SHA1 = '89c8646fe9d8c842bc0c9748640f674b7aaea449']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f39-7974-4125-be0f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:41.000Z",
"modified": "2015-09-30T06:20:41.000Z",
"description": "- Xchecked via VT: cfd41685b2595d037d557375db6a7598e85c9bd767a03f8fb45b10732c171e27",
"pattern": "[file:hashes.MD5 = '9a68c179f589bca2a0e92d12c6ef7ae1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f39-b884-4bb7-9314-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:41.000Z",
"modified": "2015-09-30T06:20:41.000Z",
"first_observed": "2015-09-30T06:20:41Z",
"last_observed": "2015-09-30T06:20:41Z",
"number_observed": 1,
"object_refs": [
"url--560b7f39-b884-4bb7-9314-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f39-b884-4bb7-9314-ecee950d210b",
"value": "https://www.virustotal.com/file/cfd41685b2595d037d557375db6a7598e85c9bd767a03f8fb45b10732c171e27/analysis/1419641657/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3a-f92c-42ec-be01-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:42.000Z",
"modified": "2015-09-30T06:20:42.000Z",
"description": "- Xchecked via VT: 93755e5ce7cc50509e5a03fff5f6cdbb71020951da8548310c4fe68c1fa56661",
"pattern": "[file:hashes.SHA1 = '00e4ea33a72c47b2b3f639141db7cec9964f8289']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3a-ed2c-418c-972d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:42.000Z",
"modified": "2015-09-30T06:20:42.000Z",
"description": "- Xchecked via VT: 93755e5ce7cc50509e5a03fff5f6cdbb71020951da8548310c4fe68c1fa56661",
"pattern": "[file:hashes.MD5 = '1e41ffa0232a852a516b69bd84073e4d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f3a-ee90-4cfe-aeae-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:42.000Z",
"modified": "2015-09-30T06:20:42.000Z",
"first_observed": "2015-09-30T06:20:42Z",
"last_observed": "2015-09-30T06:20:42Z",
"number_observed": 1,
"object_refs": [
"url--560b7f3a-ee90-4cfe-aeae-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f3a-ee90-4cfe-aeae-ecee950d210b",
"value": "https://www.virustotal.com/file/93755e5ce7cc50509e5a03fff5f6cdbb71020951da8548310c4fe68c1fa56661/analysis/1439909498/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3b-d638-4743-9008-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:43.000Z",
"modified": "2015-09-30T06:20:43.000Z",
"description": "- Xchecked via VT: e16b54b0e20b5fa20f57623f6ae72f0afd9f7d1857e880db71e2a4c468f519d2",
"pattern": "[file:hashes.SHA1 = 'a486797a9e14fdaa1ca29a41510a7a431edb759d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3b-e52c-479f-80f3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:43.000Z",
"modified": "2015-09-30T06:20:43.000Z",
"description": "- Xchecked via VT: e16b54b0e20b5fa20f57623f6ae72f0afd9f7d1857e880db71e2a4c468f519d2",
"pattern": "[file:hashes.MD5 = '20cd25a7bce759a071678bdf8ec7d7bd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f3c-b2e4-4e4f-b669-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:44.000Z",
"modified": "2015-09-30T06:20:44.000Z",
"first_observed": "2015-09-30T06:20:44Z",
"last_observed": "2015-09-30T06:20:44Z",
"number_observed": 1,
"object_refs": [
"url--560b7f3c-b2e4-4e4f-b669-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f3c-b2e4-4e4f-b669-ecee950d210b",
"value": "https://www.virustotal.com/file/e16b54b0e20b5fa20f57623f6ae72f0afd9f7d1857e880db71e2a4c468f519d2/analysis/1439999694/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3c-8794-44d9-8a4b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:44.000Z",
"modified": "2015-09-30T06:20:44.000Z",
"description": "- Xchecked via VT: d8abed3f23bcb188dd0e06178497e893615d4fdd4f2ec94bdbaa1d9659a3b5a7",
"pattern": "[file:hashes.SHA1 = '36ec5baad8569b54121dd6687395d8282df357f8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3c-6d98-4eb0-8547-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:44.000Z",
"modified": "2015-09-30T06:20:44.000Z",
"description": "- Xchecked via VT: d8abed3f23bcb188dd0e06178497e893615d4fdd4f2ec94bdbaa1d9659a3b5a7",
"pattern": "[file:hashes.MD5 = '631a4088fcdc9c5beee4719a6dd1a21f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f3d-0be8-4917-b496-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:45.000Z",
"modified": "2015-09-30T06:20:45.000Z",
"first_observed": "2015-09-30T06:20:45Z",
"last_observed": "2015-09-30T06:20:45Z",
"number_observed": 1,
"object_refs": [
"url--560b7f3d-0be8-4917-b496-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f3d-0be8-4917-b496-ecee950d210b",
"value": "https://www.virustotal.com/file/d8abed3f23bcb188dd0e06178497e893615d4fdd4f2ec94bdbaa1d9659a3b5a7/analysis/1438106370/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3d-07a0-449f-a146-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:45.000Z",
"modified": "2015-09-30T06:20:45.000Z",
"description": "- Xchecked via VT: b7e6a98f0e2ef80003c42c5ecd2574526f82a56fb3e9c2f6c4bd6b3d6e965126",
"pattern": "[file:hashes.SHA1 = '8107b3fa68b510ef4124c51f4687580c6b9991e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3d-4a70-428f-91f3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:45.000Z",
"modified": "2015-09-30T06:20:45.000Z",
"description": "- Xchecked via VT: b7e6a98f0e2ef80003c42c5ecd2574526f82a56fb3e9c2f6c4bd6b3d6e965126",
"pattern": "[file:hashes.MD5 = '62b31e07ba09a554f348874483cc461a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f3e-e358-4b68-8bba-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:46.000Z",
"modified": "2015-09-30T06:20:46.000Z",
"first_observed": "2015-09-30T06:20:46Z",
"last_observed": "2015-09-30T06:20:46Z",
"number_observed": 1,
"object_refs": [
"url--560b7f3e-e358-4b68-8bba-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f3e-e358-4b68-8bba-ecee950d210b",
"value": "https://www.virustotal.com/file/b7e6a98f0e2ef80003c42c5ecd2574526f82a56fb3e9c2f6c4bd6b3d6e965126/analysis/1439397933/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3e-df58-4508-b33e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:46.000Z",
"modified": "2015-09-30T06:20:46.000Z",
"description": "- Xchecked via VT: 571f3a5ef318aaeae60030a6d3d075843e9c00a6588cdc96122ef9be6aecbbe3",
"pattern": "[file:hashes.SHA1 = '2ca6cc50fcb7712ccbc566d5ed6804c30ee7383a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3e-e590-4496-88e9-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:46.000Z",
"modified": "2015-09-30T06:20:46.000Z",
"description": "- Xchecked via VT: 571f3a5ef318aaeae60030a6d3d075843e9c00a6588cdc96122ef9be6aecbbe3",
"pattern": "[file:hashes.MD5 = 'eb3039bac7251ede1b87143dfcafa3b0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f3f-43d0-4799-8ec9-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:47.000Z",
"modified": "2015-09-30T06:20:47.000Z",
"first_observed": "2015-09-30T06:20:47Z",
"last_observed": "2015-09-30T06:20:47Z",
"number_observed": 1,
"object_refs": [
"url--560b7f3f-43d0-4799-8ec9-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f3f-43d0-4799-8ec9-ecee950d210b",
"value": "https://www.virustotal.com/file/571f3a5ef318aaeae60030a6d3d075843e9c00a6588cdc96122ef9be6aecbbe3/analysis/1400840835/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3f-9f5c-4779-813e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:47.000Z",
"modified": "2015-09-30T06:20:47.000Z",
"description": "- Xchecked via VT: 9c7126f1e2a013e0ade23059261b493bafe9b2e7f40e4a38e65aa6cd818b569e",
"pattern": "[file:hashes.SHA1 = '486c36c26e1ee4eeed7488fbcb53182bfe08ac57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f3f-f330-4f07-b2ee-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:47.000Z",
"modified": "2015-09-30T06:20:47.000Z",
"description": "- Xchecked via VT: 9c7126f1e2a013e0ade23059261b493bafe9b2e7f40e4a38e65aa6cd818b569e",
"pattern": "[file:hashes.MD5 = '71c8b3ce6b425672e4408827a2c481a3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f40-6ad4-4e7c-8ab2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:48.000Z",
"modified": "2015-09-30T06:20:48.000Z",
"first_observed": "2015-09-30T06:20:48Z",
"last_observed": "2015-09-30T06:20:48Z",
"number_observed": 1,
"object_refs": [
"url--560b7f40-6ad4-4e7c-8ab2-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f40-6ad4-4e7c-8ab2-ecee950d210b",
"value": "https://www.virustotal.com/file/9c7126f1e2a013e0ade23059261b493bafe9b2e7f40e4a38e65aa6cd818b569e/analysis/1417126165/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f40-4e48-4316-a323-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:48.000Z",
"modified": "2015-09-30T06:20:48.000Z",
"description": "- Xchecked via VT: 58ae22c13ef6d9addfd8e38d96bf72d9ad17be2dc036063031e327cd014e2351",
"pattern": "[file:hashes.SHA1 = '4e0fc2d74c94b26ec66fb25cf698782f9119b681']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f40-9a1c-435e-b1b0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:48.000Z",
"modified": "2015-09-30T06:20:48.000Z",
"description": "- Xchecked via VT: 58ae22c13ef6d9addfd8e38d96bf72d9ad17be2dc036063031e327cd014e2351",
"pattern": "[file:hashes.MD5 = '900ede80ebfe9e9a9fff9f8dcff440d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f41-202c-4ba1-b11b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:49.000Z",
"modified": "2015-09-30T06:20:49.000Z",
"first_observed": "2015-09-30T06:20:49Z",
"last_observed": "2015-09-30T06:20:49Z",
"number_observed": 1,
"object_refs": [
"url--560b7f41-202c-4ba1-b11b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f41-202c-4ba1-b11b-ecee950d210b",
"value": "https://www.virustotal.com/file/58ae22c13ef6d9addfd8e38d96bf72d9ad17be2dc036063031e327cd014e2351/analysis/1436942125/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f41-2358-4609-a5b4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:49.000Z",
"modified": "2015-09-30T06:20:49.000Z",
"description": "- Xchecked via VT: b19937e02b7d24c6c842f975dc155dc39ac28719c6e5531764f72dcee764b4bb",
"pattern": "[file:hashes.SHA1 = '62e6424e2416273b1b0cd4087eb6e7eadcedf9c0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f41-7f2c-4005-9bb2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:49.000Z",
"modified": "2015-09-30T06:20:49.000Z",
"description": "- Xchecked via VT: b19937e02b7d24c6c842f975dc155dc39ac28719c6e5531764f72dcee764b4bb",
"pattern": "[file:hashes.MD5 = '05a3f374aff9b1beeb8f60a28ae013eb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f42-f49c-4980-a8dc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:50.000Z",
"modified": "2015-09-30T06:20:50.000Z",
"first_observed": "2015-09-30T06:20:50Z",
"last_observed": "2015-09-30T06:20:50Z",
"number_observed": 1,
"object_refs": [
"url--560b7f42-f49c-4980-a8dc-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f42-f49c-4980-a8dc-ecee950d210b",
"value": "https://www.virustotal.com/file/b19937e02b7d24c6c842f975dc155dc39ac28719c6e5531764f72dcee764b4bb/analysis/1432081124/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f42-6c28-4074-b92c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:50.000Z",
"modified": "2015-09-30T06:20:50.000Z",
"description": "- Xchecked via VT: 31ed6db9c6e2d95cdbf96171c38b2b27dae5e4acc2b1b95aad250d3de6337b69",
"pattern": "[file:hashes.SHA1 = '150d1d009cee2c88440fbf17f74b80187b931773']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f42-f85c-4357-843a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:50.000Z",
"modified": "2015-09-30T06:20:50.000Z",
"description": "- Xchecked via VT: 31ed6db9c6e2d95cdbf96171c38b2b27dae5e4acc2b1b95aad250d3de6337b69",
"pattern": "[file:hashes.MD5 = 'd713e749b17be8d15d2334bf58048073']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f43-b45c-4082-a0ea-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:51.000Z",
"modified": "2015-09-30T06:20:51.000Z",
"first_observed": "2015-09-30T06:20:51Z",
"last_observed": "2015-09-30T06:20:51Z",
"number_observed": 1,
"object_refs": [
"url--560b7f43-b45c-4082-a0ea-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f43-b45c-4082-a0ea-ecee950d210b",
"value": "https://www.virustotal.com/file/31ed6db9c6e2d95cdbf96171c38b2b27dae5e4acc2b1b95aad250d3de6337b69/analysis/1426794455/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f43-ed44-42d6-bf9c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:51.000Z",
"modified": "2015-09-30T06:20:51.000Z",
"description": "- Xchecked via VT: aa13838efc510ab8890bd89c5f4b1600190bb4aeb26af7b1fe8cf7f5620b4909",
"pattern": "[file:hashes.SHA1 = '3dc1f449a2649a7f9b38033e5a104db5e88ebc18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f43-0e04-4669-b1f6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:51.000Z",
"modified": "2015-09-30T06:20:51.000Z",
"description": "- Xchecked via VT: aa13838efc510ab8890bd89c5f4b1600190bb4aeb26af7b1fe8cf7f5620b4909",
"pattern": "[file:hashes.MD5 = '9014087b318700574ae0aec95456bc5c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f44-91e8-4d44-9b2f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:52.000Z",
"modified": "2015-09-30T06:20:52.000Z",
"first_observed": "2015-09-30T06:20:52Z",
"last_observed": "2015-09-30T06:20:52Z",
"number_observed": 1,
"object_refs": [
"url--560b7f44-91e8-4d44-9b2f-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f44-91e8-4d44-9b2f-ecee950d210b",
"value": "https://www.virustotal.com/file/aa13838efc510ab8890bd89c5f4b1600190bb4aeb26af7b1fe8cf7f5620b4909/analysis/1437067651/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f44-3668-47da-b512-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:52.000Z",
"modified": "2015-09-30T06:20:52.000Z",
"description": "- Xchecked via VT: d64370fca18a2b0b4ac518d135b61ae59d2477429314f5bd4fc313074dada6f3",
"pattern": "[file:hashes.SHA1 = 'b1de430ea69cbb41c289855e086a3977044cc9bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f45-05c8-4f45-a96f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:53.000Z",
"modified": "2015-09-30T06:20:53.000Z",
"description": "- Xchecked via VT: d64370fca18a2b0b4ac518d135b61ae59d2477429314f5bd4fc313074dada6f3",
"pattern": "[file:hashes.MD5 = 'e8de6c983db7e4828d1744646cbd35e4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f45-e9b0-40ab-b330-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:53.000Z",
"modified": "2015-09-30T06:20:53.000Z",
"first_observed": "2015-09-30T06:20:53Z",
"last_observed": "2015-09-30T06:20:53Z",
"number_observed": 1,
"object_refs": [
"url--560b7f45-e9b0-40ab-b330-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f45-e9b0-40ab-b330-ecee950d210b",
"value": "https://www.virustotal.com/file/d64370fca18a2b0b4ac518d135b61ae59d2477429314f5bd4fc313074dada6f3/analysis/1430866086/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f45-ae14-4645-8a6c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:53.000Z",
"modified": "2015-09-30T06:20:53.000Z",
"description": "- Xchecked via VT: 84529a1f6f8eb850ecd505d833592d5e7a2a17d797f1dbb02360283459409d75",
"pattern": "[file:hashes.SHA1 = '3ef860b1393e5e77160144082702e5f19873c73c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f46-cbbc-477c-a8d4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:54.000Z",
"modified": "2015-09-30T06:20:54.000Z",
"description": "- Xchecked via VT: 84529a1f6f8eb850ecd505d833592d5e7a2a17d797f1dbb02360283459409d75",
"pattern": "[file:hashes.MD5 = 'd390fd705810f99399841fcd779149b2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f46-ba7c-4cb8-a33e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:54.000Z",
"modified": "2015-09-30T06:20:54.000Z",
"first_observed": "2015-09-30T06:20:54Z",
"last_observed": "2015-09-30T06:20:54Z",
"number_observed": 1,
"object_refs": [
"url--560b7f46-ba7c-4cb8-a33e-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f46-ba7c-4cb8-a33e-ecee950d210b",
"value": "https://www.virustotal.com/file/84529a1f6f8eb850ecd505d833592d5e7a2a17d797f1dbb02360283459409d75/analysis/1438341610/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f46-bf54-41bd-8039-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:54.000Z",
"modified": "2015-09-30T06:20:54.000Z",
"description": "- Xchecked via VT: 09bd3010831fb3e8cc18460fb353548a92153cc9109cbd9f88b540494a2262ee",
"pattern": "[file:hashes.SHA1 = 'c5e91ee8d699f3aee8edb559c4ec2c3301ffbc8a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f47-20fc-4e8a-a333-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:55.000Z",
"modified": "2015-09-30T06:20:55.000Z",
"description": "- Xchecked via VT: 09bd3010831fb3e8cc18460fb353548a92153cc9109cbd9f88b540494a2262ee",
"pattern": "[file:hashes.MD5 = '8a4ae8c07c9f66688c8a7ba8ad313cd4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f47-ce64-47a9-a28d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:55.000Z",
"modified": "2015-09-30T06:20:55.000Z",
"first_observed": "2015-09-30T06:20:55Z",
"last_observed": "2015-09-30T06:20:55Z",
"number_observed": 1,
"object_refs": [
"url--560b7f47-ce64-47a9-a28d-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f47-ce64-47a9-a28d-ecee950d210b",
"value": "https://www.virustotal.com/file/09bd3010831fb3e8cc18460fb353548a92153cc9109cbd9f88b540494a2262ee/analysis/1439823519/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f47-5228-41cb-8b07-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:55.000Z",
"modified": "2015-09-30T06:20:55.000Z",
"description": "- Xchecked via VT: 26ea3f4271edf083ed7a03bd40b79e8811faf0b175285fa6bbf5d02211c86e63",
"pattern": "[file:hashes.SHA1 = '8646bc91dd792e94d4f334920f22c6fb4fd0d11e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f48-3e20-4107-b260-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:56.000Z",
"modified": "2015-09-30T06:20:56.000Z",
"description": "- Xchecked via VT: 26ea3f4271edf083ed7a03bd40b79e8811faf0b175285fa6bbf5d02211c86e63",
"pattern": "[file:hashes.MD5 = '8e6ade74114f36a8cd598a06b2f2f68b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f48-376c-456f-9a79-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:56.000Z",
"modified": "2015-09-30T06:20:56.000Z",
"first_observed": "2015-09-30T06:20:56Z",
"last_observed": "2015-09-30T06:20:56Z",
"number_observed": 1,
"object_refs": [
"url--560b7f48-376c-456f-9a79-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f48-376c-456f-9a79-ecee950d210b",
"value": "https://www.virustotal.com/file/26ea3f4271edf083ed7a03bd40b79e8811faf0b175285fa6bbf5d02211c86e63/analysis/1403788771/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f48-28d8-47f2-813e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:56.000Z",
"modified": "2015-09-30T06:20:56.000Z",
"description": "- Xchecked via VT: 56ca9845318be57a293fb7bf3b8b0fbfab51f3e3748bf2ddf2f2316d2cf0538d",
"pattern": "[file:hashes.SHA1 = '3731387bd50f6ece79414259c710d2da7ec5942f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f49-8b24-45b0-84b3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:57.000Z",
"modified": "2015-09-30T06:20:57.000Z",
"description": "- Xchecked via VT: 56ca9845318be57a293fb7bf3b8b0fbfab51f3e3748bf2ddf2f2316d2cf0538d",
"pattern": "[file:hashes.MD5 = 'a22baf1876527aad001954ca7c9d948d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f49-c958-413c-b7b4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:57.000Z",
"modified": "2015-09-30T06:20:57.000Z",
"first_observed": "2015-09-30T06:20:57Z",
"last_observed": "2015-09-30T06:20:57Z",
"number_observed": 1,
"object_refs": [
"url--560b7f49-c958-413c-b7b4-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f49-c958-413c-b7b4-ecee950d210b",
"value": "https://www.virustotal.com/file/56ca9845318be57a293fb7bf3b8b0fbfab51f3e3748bf2ddf2f2316d2cf0538d/analysis/1407443852/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f49-0174-487c-8019-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:57.000Z",
"modified": "2015-09-30T06:20:57.000Z",
"description": "- Xchecked via VT: d40216847c36f26644e68ec637321b9ec272c442717562414dd34c2ff087cd23",
"pattern": "[file:hashes.SHA1 = '8b44d89fe569954146ef666b7a3a24e7d372ddb0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4a-1c68-4d19-bbd3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:58.000Z",
"modified": "2015-09-30T06:20:58.000Z",
"description": "- Xchecked via VT: d40216847c36f26644e68ec637321b9ec272c442717562414dd34c2ff087cd23",
"pattern": "[file:hashes.MD5 = 'e0f081f351312de182e8397118584c5a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f4a-084c-489c-be89-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:58.000Z",
"modified": "2015-09-30T06:20:58.000Z",
"first_observed": "2015-09-30T06:20:58Z",
"last_observed": "2015-09-30T06:20:58Z",
"number_observed": 1,
"object_refs": [
"url--560b7f4a-084c-489c-be89-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f4a-084c-489c-be89-ecee950d210b",
"value": "https://www.virustotal.com/file/d40216847c36f26644e68ec637321b9ec272c442717562414dd34c2ff087cd23/analysis/1403799333/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4a-9dc4-45d8-945b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:58.000Z",
"modified": "2015-09-30T06:20:58.000Z",
"description": "- Xchecked via VT: 75c7daa9a54ad96d01ab5a4ee44823c5dabe2087a4021171cf0990b66d56440b",
"pattern": "[file:hashes.SHA1 = '859e3ed9793b32c8e71452d54b927a516d10c45a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4b-c0ac-450e-be22-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:59.000Z",
"modified": "2015-09-30T06:20:59.000Z",
"description": "- Xchecked via VT: 75c7daa9a54ad96d01ab5a4ee44823c5dabe2087a4021171cf0990b66d56440b",
"pattern": "[file:hashes.MD5 = '37351c5f3fd6dacf6c6d2e10108c51e8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f4b-7644-4bd8-9330-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:59.000Z",
"modified": "2015-09-30T06:20:59.000Z",
"first_observed": "2015-09-30T06:20:59Z",
"last_observed": "2015-09-30T06:20:59Z",
"number_observed": 1,
"object_refs": [
"url--560b7f4b-7644-4bd8-9330-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f4b-7644-4bd8-9330-ecee950d210b",
"value": "https://www.virustotal.com/file/75c7daa9a54ad96d01ab5a4ee44823c5dabe2087a4021171cf0990b66d56440b/analysis/1437387085/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4b-8a20-447d-a08a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:20:59.000Z",
"modified": "2015-09-30T06:20:59.000Z",
"description": "- Xchecked via VT: 3aa12e41014f608f6c49310ccff5cca8199939872fbdcef66e6b6c48109e6a7f",
"pattern": "[file:hashes.SHA1 = 'ca2189dae748373ab1e60a7278a647fba4652f95']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:20:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4c-d8a4-4bc4-af68-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:00.000Z",
"modified": "2015-09-30T06:21:00.000Z",
"description": "- Xchecked via VT: 3aa12e41014f608f6c49310ccff5cca8199939872fbdcef66e6b6c48109e6a7f",
"pattern": "[file:hashes.MD5 = '0be43165331bf140304e5ad8f35151e6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f4c-751c-412e-9991-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:00.000Z",
"modified": "2015-09-30T06:21:00.000Z",
"first_observed": "2015-09-30T06:21:00Z",
"last_observed": "2015-09-30T06:21:00Z",
"number_observed": 1,
"object_refs": [
"url--560b7f4c-751c-412e-9991-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f4c-751c-412e-9991-ecee950d210b",
"value": "https://www.virustotal.com/file/3aa12e41014f608f6c49310ccff5cca8199939872fbdcef66e6b6c48109e6a7f/analysis/1438314030/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4c-9688-49f9-9899-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:00.000Z",
"modified": "2015-09-30T06:21:00.000Z",
"description": "- Xchecked via VT: f8e8574ed192ac8529f3cd1e62ca56d3e236d86726af2c71c0ff448d179c5b64",
"pattern": "[file:hashes.SHA1 = 'd2ae08904ff7899466652d5821a5622c4c5c2da0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4d-5df4-4903-b724-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:01.000Z",
"modified": "2015-09-30T06:21:01.000Z",
"description": "- Xchecked via VT: f8e8574ed192ac8529f3cd1e62ca56d3e236d86726af2c71c0ff448d179c5b64",
"pattern": "[file:hashes.MD5 = 'f41cf90ac785b3feb4df517ac6ef4978']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f4d-eaf0-48ad-940a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:01.000Z",
"modified": "2015-09-30T06:21:01.000Z",
"first_observed": "2015-09-30T06:21:01Z",
"last_observed": "2015-09-30T06:21:01Z",
"number_observed": 1,
"object_refs": [
"url--560b7f4d-eaf0-48ad-940a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f4d-eaf0-48ad-940a-ecee950d210b",
"value": "https://www.virustotal.com/file/f8e8574ed192ac8529f3cd1e62ca56d3e236d86726af2c71c0ff448d179c5b64/analysis/1438318110/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4e-2314-48a6-a771-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:02.000Z",
"modified": "2015-09-30T06:21:02.000Z",
"description": "- Xchecked via VT: 41a53b884711b38b5fa0b1324be720b9bcebe48c63c68ab307a699d1b4ed4062",
"pattern": "[file:hashes.SHA1 = '372f687e934eb99875a776366a108c225296ed01']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4e-feac-4c7e-b3b2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:02.000Z",
"modified": "2015-09-30T06:21:02.000Z",
"description": "- Xchecked via VT: 41a53b884711b38b5fa0b1324be720b9bcebe48c63c68ab307a699d1b4ed4062",
"pattern": "[file:hashes.MD5 = '5e9b2faa34a3d9b0496eefecbd913b3a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f4e-60e0-4b5f-98f1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:02.000Z",
"modified": "2015-09-30T06:21:02.000Z",
"first_observed": "2015-09-30T06:21:02Z",
"last_observed": "2015-09-30T06:21:02Z",
"number_observed": 1,
"object_refs": [
"url--560b7f4e-60e0-4b5f-98f1-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f4e-60e0-4b5f-98f1-ecee950d210b",
"value": "https://www.virustotal.com/file/41a53b884711b38b5fa0b1324be720b9bcebe48c63c68ab307a699d1b4ed4062/analysis/1438378884/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4f-789c-49ec-8e55-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:03.000Z",
"modified": "2015-09-30T06:21:03.000Z",
"description": "- Xchecked via VT: dc6ae027272ef367dc71e7cbf7457f345a811f52b04e9557cf8dbb2bbd60c7dd",
"pattern": "[file:hashes.SHA1 = '91f7cd661f6ecb7ee4f63def182f631f492ef6d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f4f-4998-4623-b088-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:03.000Z",
"modified": "2015-09-30T06:21:03.000Z",
"description": "- Xchecked via VT: dc6ae027272ef367dc71e7cbf7457f345a811f52b04e9557cf8dbb2bbd60c7dd",
"pattern": "[file:hashes.MD5 = '94a7ae9272eb372c6891284f2de23e85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f4f-e678-4831-a812-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:03.000Z",
"modified": "2015-09-30T06:21:03.000Z",
"first_observed": "2015-09-30T06:21:03Z",
"last_observed": "2015-09-30T06:21:03Z",
"number_observed": 1,
"object_refs": [
"url--560b7f4f-e678-4831-a812-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f4f-e678-4831-a812-ecee950d210b",
"value": "https://www.virustotal.com/file/dc6ae027272ef367dc71e7cbf7457f345a811f52b04e9557cf8dbb2bbd60c7dd/analysis/1433692115/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f50-3f34-44a7-b20d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:04.000Z",
"modified": "2015-09-30T06:21:04.000Z",
"description": "- Xchecked via VT: ce5865f9bc79b838a64b72e5a01613f666242ecb6bad743d9f1507e3be448e12",
"pattern": "[file:hashes.SHA1 = '5708e8f75e771d7a8796dfb0133e490cb082660f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f50-caf8-44a5-b85e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:04.000Z",
"modified": "2015-09-30T06:21:04.000Z",
"description": "- Xchecked via VT: ce5865f9bc79b838a64b72e5a01613f666242ecb6bad743d9f1507e3be448e12",
"pattern": "[file:hashes.MD5 = '6a7956622c0d168fa19ffb2ffeb3240a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f50-9f54-4fc6-83ea-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:04.000Z",
"modified": "2015-09-30T06:21:04.000Z",
"first_observed": "2015-09-30T06:21:04Z",
"last_observed": "2015-09-30T06:21:04Z",
"number_observed": 1,
"object_refs": [
"url--560b7f50-9f54-4fc6-83ea-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f50-9f54-4fc6-83ea-ecee950d210b",
"value": "https://www.virustotal.com/file/ce5865f9bc79b838a64b72e5a01613f666242ecb6bad743d9f1507e3be448e12/analysis/1433692119/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f51-8fdc-4737-ac1e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:05.000Z",
"modified": "2015-09-30T06:21:05.000Z",
"description": "- Xchecked via VT: 15e3c8b2cfb1fae0a187233dedbc4c2ae516b5263c8f1e46ff0cff4c4d1e5f75",
"pattern": "[file:hashes.SHA1 = '417373c3762855b26aa1f04ffac91b7f7374ce3c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f51-9344-4b12-be31-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:05.000Z",
"modified": "2015-09-30T06:21:05.000Z",
"description": "- Xchecked via VT: 15e3c8b2cfb1fae0a187233dedbc4c2ae516b5263c8f1e46ff0cff4c4d1e5f75",
"pattern": "[file:hashes.MD5 = 'cca82f85c12b36e5ca67b90e054086a1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f51-564c-4d2e-a8cd-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:05.000Z",
"modified": "2015-09-30T06:21:05.000Z",
"first_observed": "2015-09-30T06:21:05Z",
"last_observed": "2015-09-30T06:21:05Z",
"number_observed": 1,
"object_refs": [
"url--560b7f51-564c-4d2e-a8cd-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f51-564c-4d2e-a8cd-ecee950d210b",
"value": "https://www.virustotal.com/file/15e3c8b2cfb1fae0a187233dedbc4c2ae516b5263c8f1e46ff0cff4c4d1e5f75/analysis/1436227210/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f52-0768-4ca0-8da2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:06.000Z",
"modified": "2015-09-30T06:21:06.000Z",
"description": "- Xchecked via VT: 961c82c349f8f8c3a5c52e2f9ed9f19644cc6a8ce2a316f077c1bc0ea069aa41",
"pattern": "[file:hashes.SHA1 = '5edc7e86342d5d2d23a2d7092bb50b3a4f27363d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f52-ad24-461a-88bd-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:06.000Z",
"modified": "2015-09-30T06:21:06.000Z",
"description": "- Xchecked via VT: 961c82c349f8f8c3a5c52e2f9ed9f19644cc6a8ce2a316f077c1bc0ea069aa41",
"pattern": "[file:hashes.MD5 = '6033a1768940c725e74f59c50e50229d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f52-d4d0-4736-886e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:06.000Z",
"modified": "2015-09-30T06:21:06.000Z",
"first_observed": "2015-09-30T06:21:06Z",
"last_observed": "2015-09-30T06:21:06Z",
"number_observed": 1,
"object_refs": [
"url--560b7f52-d4d0-4736-886e-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f52-d4d0-4736-886e-ecee950d210b",
"value": "https://www.virustotal.com/file/961c82c349f8f8c3a5c52e2f9ed9f19644cc6a8ce2a316f077c1bc0ea069aa41/analysis/1436726320/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f53-9544-4f7d-bbb3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:07.000Z",
"modified": "2015-09-30T06:21:07.000Z",
"description": "- Xchecked via VT: efaf184a3050507c814304b4a5b2dbe69843c2ca3921d126c89f7a1b2e75d44f",
"pattern": "[file:hashes.SHA1 = '3f39164b4a4152136d3d939c9545524b38f4af86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f53-c100-4116-a546-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:07.000Z",
"modified": "2015-09-30T06:21:07.000Z",
"description": "- Xchecked via VT: efaf184a3050507c814304b4a5b2dbe69843c2ca3921d126c89f7a1b2e75d44f",
"pattern": "[file:hashes.MD5 = '143f5df98395cf2208559784ce16c0df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f53-e038-4fb3-8a8f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:07.000Z",
"modified": "2015-09-30T06:21:07.000Z",
"first_observed": "2015-09-30T06:21:07Z",
"last_observed": "2015-09-30T06:21:07Z",
"number_observed": 1,
"object_refs": [
"url--560b7f53-e038-4fb3-8a8f-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f53-e038-4fb3-8a8f-ecee950d210b",
"value": "https://www.virustotal.com/file/efaf184a3050507c814304b4a5b2dbe69843c2ca3921d126c89f7a1b2e75d44f/analysis/1440397457/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f54-8c88-4202-84b5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:08.000Z",
"modified": "2015-09-30T06:21:08.000Z",
"description": "- Xchecked via VT: 0b3acfcc16ddb5134031f929db7cf11974b716cc85832e196abc61cb2054e4c2",
"pattern": "[file:hashes.SHA1 = 'ede466041179283a9d948b1f8e163f8458434246']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f54-5e8c-4bc0-8ba7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:08.000Z",
"modified": "2015-09-30T06:21:08.000Z",
"description": "- Xchecked via VT: 0b3acfcc16ddb5134031f929db7cf11974b716cc85832e196abc61cb2054e4c2",
"pattern": "[file:hashes.MD5 = '07cfeebc1da6a39d31576e47a9429fae']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f54-53a4-488f-9849-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:08.000Z",
"modified": "2015-09-30T06:21:08.000Z",
"first_observed": "2015-09-30T06:21:08Z",
"last_observed": "2015-09-30T06:21:08Z",
"number_observed": 1,
"object_refs": [
"url--560b7f54-53a4-488f-9849-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f54-53a4-488f-9849-ecee950d210b",
"value": "https://www.virustotal.com/file/0b3acfcc16ddb5134031f929db7cf11974b716cc85832e196abc61cb2054e4c2/analysis/1440569681/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f55-3854-47b5-b64a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:09.000Z",
"modified": "2015-09-30T06:21:09.000Z",
"description": "- Xchecked via VT: 27fb1bb918db5ba845166a118aece1b11ff4d609cbeb5706cd754155a284484d",
"pattern": "[file:hashes.SHA1 = 'd743ae85736e23ea4dd0a816866e2d0273927e2f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f55-5d78-468a-9082-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:09.000Z",
"modified": "2015-09-30T06:21:09.000Z",
"description": "- Xchecked via VT: 27fb1bb918db5ba845166a118aece1b11ff4d609cbeb5706cd754155a284484d",
"pattern": "[file:hashes.MD5 = 'bf7ea2b2d64e8cc899a5b2b8ac823920']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f56-6994-4235-a832-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:10.000Z",
"modified": "2015-09-30T06:21:10.000Z",
"first_observed": "2015-09-30T06:21:10Z",
"last_observed": "2015-09-30T06:21:10Z",
"number_observed": 1,
"object_refs": [
"url--560b7f56-6994-4235-a832-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f56-6994-4235-a832-ecee950d210b",
"value": "https://www.virustotal.com/file/27fb1bb918db5ba845166a118aece1b11ff4d609cbeb5706cd754155a284484d/analysis/1439977292/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f56-c3d0-4f29-a0ed-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:10.000Z",
"modified": "2015-09-30T06:21:10.000Z",
"description": "- Xchecked via VT: cb457186690b39f2474f786c0ddf6ae64c39668a81c953a2c639d074e48aef63",
"pattern": "[file:hashes.SHA1 = '9e9d5ee5805c82395025a212e0bae0e2a99abfc8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f56-75f8-4754-995c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:10.000Z",
"modified": "2015-09-30T06:21:10.000Z",
"description": "- Xchecked via VT: cb457186690b39f2474f786c0ddf6ae64c39668a81c953a2c639d074e48aef63",
"pattern": "[file:hashes.MD5 = '72054547d648a41ad2ec233873389d24']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f57-e4a0-466c-9e18-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:11.000Z",
"modified": "2015-09-30T06:21:11.000Z",
"first_observed": "2015-09-30T06:21:11Z",
"last_observed": "2015-09-30T06:21:11Z",
"number_observed": 1,
"object_refs": [
"url--560b7f57-e4a0-466c-9e18-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f57-e4a0-466c-9e18-ecee950d210b",
"value": "https://www.virustotal.com/file/cb457186690b39f2474f786c0ddf6ae64c39668a81c953a2c639d074e48aef63/analysis/1440537043/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f57-3d2c-4396-ab6d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:11.000Z",
"modified": "2015-09-30T06:21:11.000Z",
"description": "- Xchecked via VT: 2f7679a09b70275bc8b73271206179fee0f7d78ebb4a0ba22caffc52aeac7a3f",
"pattern": "[file:hashes.SHA1 = 'a4313b885471a149f3267e21f7dd40991a1a5c0e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f57-8eb0-40a1-8578-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:11.000Z",
"modified": "2015-09-30T06:21:11.000Z",
"description": "- Xchecked via VT: 2f7679a09b70275bc8b73271206179fee0f7d78ebb4a0ba22caffc52aeac7a3f",
"pattern": "[file:hashes.MD5 = 'a693f7454cd13515539c9e37a3d42b76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f58-53c4-43ce-8048-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:12.000Z",
"modified": "2015-09-30T06:21:12.000Z",
"first_observed": "2015-09-30T06:21:12Z",
"last_observed": "2015-09-30T06:21:12Z",
"number_observed": 1,
"object_refs": [
"url--560b7f58-53c4-43ce-8048-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f58-53c4-43ce-8048-ecee950d210b",
"value": "https://www.virustotal.com/file/2f7679a09b70275bc8b73271206179fee0f7d78ebb4a0ba22caffc52aeac7a3f/analysis/1438708594/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f58-cca8-4566-bd44-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:12.000Z",
"modified": "2015-09-30T06:21:12.000Z",
"description": "- Xchecked via VT: df07d6065b2f890107704f9944d4b51be895d27da5a85e4691cab076cb7d3e30",
"pattern": "[file:hashes.SHA1 = 'b7631b426525deeccf1ad09b950c5daac86c491b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f58-0054-49c2-9bea-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:12.000Z",
"modified": "2015-09-30T06:21:12.000Z",
"description": "- Xchecked via VT: df07d6065b2f890107704f9944d4b51be895d27da5a85e4691cab076cb7d3e30",
"pattern": "[file:hashes.MD5 = '28420ae0e74f8c3acfdeea8124469eb3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f59-fb94-4e50-a43b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:13.000Z",
"modified": "2015-09-30T06:21:13.000Z",
"first_observed": "2015-09-30T06:21:13Z",
"last_observed": "2015-09-30T06:21:13Z",
"number_observed": 1,
"object_refs": [
"url--560b7f59-fb94-4e50-a43b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f59-fb94-4e50-a43b-ecee950d210b",
"value": "https://www.virustotal.com/file/df07d6065b2f890107704f9944d4b51be895d27da5a85e4691cab076cb7d3e30/analysis/1438344237/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f59-9428-476b-aa4f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:13.000Z",
"modified": "2015-09-30T06:21:13.000Z",
"description": "- Xchecked via VT: f30d236706be7b369aab6f88b4c3965ec995736de972f5d23b74942dc206d9f7",
"pattern": "[file:hashes.SHA1 = '730f3a586422c8db5f62a4e92115a474ee280b11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f59-7a68-4dec-93df-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:13.000Z",
"modified": "2015-09-30T06:21:13.000Z",
"description": "- Xchecked via VT: f30d236706be7b369aab6f88b4c3965ec995736de972f5d23b74942dc206d9f7",
"pattern": "[file:hashes.MD5 = '8f19d29229637c709339f593b88cbe2d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f5a-7b84-444e-b617-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:14.000Z",
"modified": "2015-09-30T06:21:14.000Z",
"first_observed": "2015-09-30T06:21:14Z",
"last_observed": "2015-09-30T06:21:14Z",
"number_observed": 1,
"object_refs": [
"url--560b7f5a-7b84-444e-b617-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f5a-7b84-444e-b617-ecee950d210b",
"value": "https://www.virustotal.com/file/f30d236706be7b369aab6f88b4c3965ec995736de972f5d23b74942dc206d9f7/analysis/1438343604/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5a-5f0c-48cb-930c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:14.000Z",
"modified": "2015-09-30T06:21:14.000Z",
"description": "- Xchecked via VT: ee5e08eb83d126701948916b4de29c468541438bad48d0871c29e9b9dac83268",
"pattern": "[file:hashes.SHA1 = '89510a879a78d2cad138b5e35f5e11135967cf3d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5a-1804-47a9-a1e0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:14.000Z",
"modified": "2015-09-30T06:21:14.000Z",
"description": "- Xchecked via VT: ee5e08eb83d126701948916b4de29c468541438bad48d0871c29e9b9dac83268",
"pattern": "[file:hashes.MD5 = '5151521174b7165c8dd3ac3205286ed6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f5b-a7d0-4c3d-ac3a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:15.000Z",
"modified": "2015-09-30T06:21:15.000Z",
"first_observed": "2015-09-30T06:21:15Z",
"last_observed": "2015-09-30T06:21:15Z",
"number_observed": 1,
"object_refs": [
"url--560b7f5b-a7d0-4c3d-ac3a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f5b-a7d0-4c3d-ac3a-ecee950d210b",
"value": "https://www.virustotal.com/file/ee5e08eb83d126701948916b4de29c468541438bad48d0871c29e9b9dac83268/analysis/1428348086/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5b-b62c-480c-803e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:15.000Z",
"modified": "2015-09-30T06:21:15.000Z",
"description": "- Xchecked via VT: ce8159b6dec980e1971b25bc04918e00c8a31675b3f0bb557f80db22ce616944",
"pattern": "[file:hashes.SHA1 = 'b3fc4f096e0ea59cce67b8b9995a609121dc63ad']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5b-dc60-4a3c-8edc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:15.000Z",
"modified": "2015-09-30T06:21:15.000Z",
"description": "- Xchecked via VT: ce8159b6dec980e1971b25bc04918e00c8a31675b3f0bb557f80db22ce616944",
"pattern": "[file:hashes.MD5 = '40a0681eff7ccdd50975c890c9757aff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f5c-9b64-4dc3-b61b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:16.000Z",
"modified": "2015-09-30T06:21:16.000Z",
"first_observed": "2015-09-30T06:21:16Z",
"last_observed": "2015-09-30T06:21:16Z",
"number_observed": 1,
"object_refs": [
"url--560b7f5c-9b64-4dc3-b61b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f5c-9b64-4dc3-b61b-ecee950d210b",
"value": "https://www.virustotal.com/file/ce8159b6dec980e1971b25bc04918e00c8a31675b3f0bb557f80db22ce616944/analysis/1429654634/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5c-0678-4a9f-afa3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:16.000Z",
"modified": "2015-09-30T06:21:16.000Z",
"description": "- Xchecked via VT: f996b5c6e3272d955965b4763df63a46eb2fd4cea2255844c929a099c6ac6dec",
"pattern": "[file:hashes.SHA1 = '68faa294488bf6198cd5ca8b67bd6b2dca275ba9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5c-70d4-4325-874c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:16.000Z",
"modified": "2015-09-30T06:21:16.000Z",
"description": "- Xchecked via VT: f996b5c6e3272d955965b4763df63a46eb2fd4cea2255844c929a099c6ac6dec",
"pattern": "[file:hashes.MD5 = '212f0fa4ed3449f4918c59876dcb9321']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f5d-c970-415e-baa9-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:17.000Z",
"modified": "2015-09-30T06:21:17.000Z",
"first_observed": "2015-09-30T06:21:17Z",
"last_observed": "2015-09-30T06:21:17Z",
"number_observed": 1,
"object_refs": [
"url--560b7f5d-c970-415e-baa9-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f5d-c970-415e-baa9-ecee950d210b",
"value": "https://www.virustotal.com/file/f996b5c6e3272d955965b4763df63a46eb2fd4cea2255844c929a099c6ac6dec/analysis/1429679813/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5d-e128-4a49-bcd6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:17.000Z",
"modified": "2015-09-30T06:21:17.000Z",
"description": "- Xchecked via VT: 64021a7845db7da82a4f181443f7de25a03fad24bd5f5547bab17bfd4a041191",
"pattern": "[file:hashes.SHA1 = 'd763f09a8aa998eea60162346c10099601c08850']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5d-4c60-4cf0-aa72-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:17.000Z",
"modified": "2015-09-30T06:21:17.000Z",
"description": "- Xchecked via VT: 64021a7845db7da82a4f181443f7de25a03fad24bd5f5547bab17bfd4a041191",
"pattern": "[file:hashes.MD5 = 'd468924e99f0abadb6f80b34ab62295c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f5e-48f0-4d27-8d45-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:18.000Z",
"modified": "2015-09-30T06:21:18.000Z",
"first_observed": "2015-09-30T06:21:18Z",
"last_observed": "2015-09-30T06:21:18Z",
"number_observed": 1,
"object_refs": [
"url--560b7f5e-48f0-4d27-8d45-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f5e-48f0-4d27-8d45-ecee950d210b",
"value": "https://www.virustotal.com/file/64021a7845db7da82a4f181443f7de25a03fad24bd5f5547bab17bfd4a041191/analysis/1429731003/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5e-24a0-4531-83a3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:18.000Z",
"modified": "2015-09-30T06:21:18.000Z",
"description": "- Xchecked via VT: b02f82d3148ddf6feb293dfbb7b287bcae793ee648b8cd700319521d9e108f2f",
"pattern": "[file:hashes.SHA1 = '44e123be84430e9401d0392ecdd58c104eedbbcd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5f-2434-403d-a22f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:19.000Z",
"modified": "2015-09-30T06:21:19.000Z",
"description": "- Xchecked via VT: b02f82d3148ddf6feb293dfbb7b287bcae793ee648b8cd700319521d9e108f2f",
"pattern": "[file:hashes.MD5 = 'e099ffdfd3365656ea9a52b846ab78d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f5f-2664-4bd1-aad1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:19.000Z",
"modified": "2015-09-30T06:21:19.000Z",
"first_observed": "2015-09-30T06:21:19Z",
"last_observed": "2015-09-30T06:21:19Z",
"number_observed": 1,
"object_refs": [
"url--560b7f5f-2664-4bd1-aad1-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f5f-2664-4bd1-aad1-ecee950d210b",
"value": "https://www.virustotal.com/file/b02f82d3148ddf6feb293dfbb7b287bcae793ee648b8cd700319521d9e108f2f/analysis/1430317271/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f5f-a214-4444-932b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:19.000Z",
"modified": "2015-09-30T06:21:19.000Z",
"description": "- Xchecked via VT: 01c64c90b3d18c0d24e56cf7794e60957b6231eaf05707118a9d033bee08926b",
"pattern": "[file:hashes.SHA1 = '89720333a17df910bc6a054012714ecc741fb3be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f60-37d4-460c-948a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:20.000Z",
"modified": "2015-09-30T06:21:20.000Z",
"description": "- Xchecked via VT: 01c64c90b3d18c0d24e56cf7794e60957b6231eaf05707118a9d033bee08926b",
"pattern": "[file:hashes.MD5 = '747503a41f14dc1437aa6456cae97073']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f60-36c8-4153-8303-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:20.000Z",
"modified": "2015-09-30T06:21:20.000Z",
"first_observed": "2015-09-30T06:21:20Z",
"last_observed": "2015-09-30T06:21:20Z",
"number_observed": 1,
"object_refs": [
"url--560b7f60-36c8-4153-8303-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f60-36c8-4153-8303-ecee950d210b",
"value": "https://www.virustotal.com/file/01c64c90b3d18c0d24e56cf7794e60957b6231eaf05707118a9d033bee08926b/analysis/1430337829/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f60-8e38-4cf0-b854-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:20.000Z",
"modified": "2015-09-30T06:21:20.000Z",
"description": "- Xchecked via VT: 5e3fcc323042fc47d2888d0e9d567bf81a3be72d8b327ad6ced721a269d50156",
"pattern": "[file:hashes.SHA1 = 'e14ea718489469508727bbddd5540f229ec0b85b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f61-a604-46f4-a5ae-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:21.000Z",
"modified": "2015-09-30T06:21:21.000Z",
"description": "- Xchecked via VT: 5e3fcc323042fc47d2888d0e9d567bf81a3be72d8b327ad6ced721a269d50156",
"pattern": "[file:hashes.MD5 = '877bea6c6d8f224f7f543b02aeed70c7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f61-7208-4d79-9d40-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:21.000Z",
"modified": "2015-09-30T06:21:21.000Z",
"first_observed": "2015-09-30T06:21:21Z",
"last_observed": "2015-09-30T06:21:21Z",
"number_observed": 1,
"object_refs": [
"url--560b7f61-7208-4d79-9d40-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f61-7208-4d79-9d40-ecee950d210b",
"value": "https://www.virustotal.com/file/5e3fcc323042fc47d2888d0e9d567bf81a3be72d8b327ad6ced721a269d50156/analysis/1437595096/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f61-26b8-4802-a843-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:21.000Z",
"modified": "2015-09-30T06:21:21.000Z",
"description": "- Xchecked via VT: fff42f45f813aeee6c78b91cd4fad8eda9b5ac1daaba532057caa2f12cf62b21",
"pattern": "[file:hashes.SHA1 = '4de52a7a0706c584be33374ff9b3f66114927864']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f62-b290-4edc-b275-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:22.000Z",
"modified": "2015-09-30T06:21:22.000Z",
"description": "- Xchecked via VT: fff42f45f813aeee6c78b91cd4fad8eda9b5ac1daaba532057caa2f12cf62b21",
"pattern": "[file:hashes.MD5 = 'a836d7d18cdd90e3cf7e00733cc836e3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f62-b790-4902-bdc8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:22.000Z",
"modified": "2015-09-30T06:21:22.000Z",
"first_observed": "2015-09-30T06:21:22Z",
"last_observed": "2015-09-30T06:21:22Z",
"number_observed": 1,
"object_refs": [
"url--560b7f62-b790-4902-bdc8-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f62-b790-4902-bdc8-ecee950d210b",
"value": "https://www.virustotal.com/file/fff42f45f813aeee6c78b91cd4fad8eda9b5ac1daaba532057caa2f12cf62b21/analysis/1440002406/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f62-34c0-4a94-a5d5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:22.000Z",
"modified": "2015-09-30T06:21:22.000Z",
"description": "- Xchecked via VT: 6d8c79824a86f622b5b8557c75a7f6a49688704db365dc33ec24191d60229965",
"pattern": "[file:hashes.SHA1 = 'fb39230c7024934dc7a12bcbf9bf6a7829364d29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f63-1f24-4531-b94e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:23.000Z",
"modified": "2015-09-30T06:21:23.000Z",
"description": "- Xchecked via VT: 6d8c79824a86f622b5b8557c75a7f6a49688704db365dc33ec24191d60229965",
"pattern": "[file:hashes.MD5 = '3d8ca14ec309c583ed4183656004f8b7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f63-02ac-403e-b215-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:23.000Z",
"modified": "2015-09-30T06:21:23.000Z",
"first_observed": "2015-09-30T06:21:23Z",
"last_observed": "2015-09-30T06:21:23Z",
"number_observed": 1,
"object_refs": [
"url--560b7f63-02ac-403e-b215-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f63-02ac-403e-b215-ecee950d210b",
"value": "https://www.virustotal.com/file/6d8c79824a86f622b5b8557c75a7f6a49688704db365dc33ec24191d60229965/analysis/1437614146/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f63-f3b4-4b32-82ce-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:23.000Z",
"modified": "2015-09-30T06:21:23.000Z",
"description": "- Xchecked via VT: 36637f950c4e8594a61af23117db588baf84fc4d66cd8e76456f6794498074d4",
"pattern": "[file:hashes.SHA1 = '0fb8febf686604e3c2437716b2187bd201f7e48a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f64-e968-4f98-8116-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:24.000Z",
"modified": "2015-09-30T06:21:24.000Z",
"description": "- Xchecked via VT: 36637f950c4e8594a61af23117db588baf84fc4d66cd8e76456f6794498074d4",
"pattern": "[file:hashes.MD5 = '0b1e3ef9846afab42d17defd2d9ab56f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f64-2a94-491d-8fcb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:24.000Z",
"modified": "2015-09-30T06:21:24.000Z",
"first_observed": "2015-09-30T06:21:24Z",
"last_observed": "2015-09-30T06:21:24Z",
"number_observed": 1,
"object_refs": [
"url--560b7f64-2a94-491d-8fcb-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f64-2a94-491d-8fcb-ecee950d210b",
"value": "https://www.virustotal.com/file/36637f950c4e8594a61af23117db588baf84fc4d66cd8e76456f6794498074d4/analysis/1437957926/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f64-6a60-4677-ae01-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:24.000Z",
"modified": "2015-09-30T06:21:24.000Z",
"description": "- Xchecked via VT: aed8b0be53abc3873bd787751831cc1c3494968496d4c5218193a1001389cacd",
"pattern": "[file:hashes.SHA1 = '0357f089a238d2eb959bec3fa6e7de11925c9716']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f65-49f4-42b6-a2b8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:25.000Z",
"modified": "2015-09-30T06:21:25.000Z",
"description": "- Xchecked via VT: aed8b0be53abc3873bd787751831cc1c3494968496d4c5218193a1001389cacd",
"pattern": "[file:hashes.MD5 = '71bd0491a4acb84a4f694566cbf519d0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f65-fb1c-4665-b6c6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:25.000Z",
"modified": "2015-09-30T06:21:25.000Z",
"first_observed": "2015-09-30T06:21:25Z",
"last_observed": "2015-09-30T06:21:25Z",
"number_observed": 1,
"object_refs": [
"url--560b7f65-fb1c-4665-b6c6-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f65-fb1c-4665-b6c6-ecee950d210b",
"value": "https://www.virustotal.com/file/aed8b0be53abc3873bd787751831cc1c3494968496d4c5218193a1001389cacd/analysis/1439561366/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f65-0a2c-462e-b45a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:25.000Z",
"modified": "2015-09-30T06:21:25.000Z",
"description": "- Xchecked via VT: 81e93901c6251794a035c30a80bc05b5546ba44c0878d2e9062b0aaedf93eb7c",
"pattern": "[file:hashes.SHA1 = '553b0eb26a879f3505f6b28e2179538c0531b225']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f66-b8a4-44f5-b78b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:26.000Z",
"modified": "2015-09-30T06:21:26.000Z",
"description": "- Xchecked via VT: 81e93901c6251794a035c30a80bc05b5546ba44c0878d2e9062b0aaedf93eb7c",
"pattern": "[file:hashes.MD5 = '62de488bcbed2c3b9e38bb38383d910b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f66-b300-40a1-914b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:26.000Z",
"modified": "2015-09-30T06:21:26.000Z",
"first_observed": "2015-09-30T06:21:26Z",
"last_observed": "2015-09-30T06:21:26Z",
"number_observed": 1,
"object_refs": [
"url--560b7f66-b300-40a1-914b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f66-b300-40a1-914b-ecee950d210b",
"value": "https://www.virustotal.com/file/81e93901c6251794a035c30a80bc05b5546ba44c0878d2e9062b0aaedf93eb7c/analysis/1438606123/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f67-b664-4d0c-b13f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:27.000Z",
"modified": "2015-09-30T06:21:27.000Z",
"description": "- Xchecked via VT: 082b759112d4b1ff8744ae0a57378503790139e80391d552bf13f6d5a1f25ba1",
"pattern": "[file:hashes.SHA1 = '52a033be6125559d05542c3436ab7a371f2b3394']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f67-cb7c-4452-9dbb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:27.000Z",
"modified": "2015-09-30T06:21:27.000Z",
"description": "- Xchecked via VT: 082b759112d4b1ff8744ae0a57378503790139e80391d552bf13f6d5a1f25ba1",
"pattern": "[file:hashes.MD5 = '0a1635bcf4262db222980bcb7af81a18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f67-41ac-438b-9f40-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:27.000Z",
"modified": "2015-09-30T06:21:27.000Z",
"first_observed": "2015-09-30T06:21:27Z",
"last_observed": "2015-09-30T06:21:27Z",
"number_observed": 1,
"object_refs": [
"url--560b7f67-41ac-438b-9f40-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f67-41ac-438b-9f40-ecee950d210b",
"value": "https://www.virustotal.com/file/082b759112d4b1ff8744ae0a57378503790139e80391d552bf13f6d5a1f25ba1/analysis/1409956080/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f68-2a80-4e59-83df-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:28.000Z",
"modified": "2015-09-30T06:21:28.000Z",
"description": "- Xchecked via VT: 2eca841c80cdbfea098a7b00ce67b3a075050bc704f9f6e73fc15b3e7538c51b",
"pattern": "[file:hashes.SHA1 = '17b7943288b736ee8624bcd3b1892d84d93d2d06']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f68-3e64-4b55-b78e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:28.000Z",
"modified": "2015-09-30T06:21:28.000Z",
"description": "- Xchecked via VT: 2eca841c80cdbfea098a7b00ce67b3a075050bc704f9f6e73fc15b3e7538c51b",
"pattern": "[file:hashes.MD5 = 'e7490d20b353446c4d8849fa6fccaf13']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f68-0b54-4d05-b8ef-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:28.000Z",
"modified": "2015-09-30T06:21:28.000Z",
"first_observed": "2015-09-30T06:21:28Z",
"last_observed": "2015-09-30T06:21:28Z",
"number_observed": 1,
"object_refs": [
"url--560b7f68-0b54-4d05-b8ef-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f68-0b54-4d05-b8ef-ecee950d210b",
"value": "https://www.virustotal.com/file/2eca841c80cdbfea098a7b00ce67b3a075050bc704f9f6e73fc15b3e7538c51b/analysis/1420968653/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f69-f3a0-41c1-90bc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:29.000Z",
"modified": "2015-09-30T06:21:29.000Z",
"description": "- Xchecked via VT: 1060c81ff8769ec6b0e0b69797cfa33a9de71b1a9b77ff7b0e817ed6f3419c4c",
"pattern": "[file:hashes.SHA1 = 'd062430c31cefb16a31685cf0acb1c6884239c1b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f69-8764-453b-aacc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:29.000Z",
"modified": "2015-09-30T06:21:29.000Z",
"description": "- Xchecked via VT: 1060c81ff8769ec6b0e0b69797cfa33a9de71b1a9b77ff7b0e817ed6f3419c4c",
"pattern": "[file:hashes.MD5 = 'ac2fae5ae776b5e67bc8806afb4380fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f69-52c4-4c12-87f9-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:29.000Z",
"modified": "2015-09-30T06:21:29.000Z",
"first_observed": "2015-09-30T06:21:29Z",
"last_observed": "2015-09-30T06:21:29Z",
"number_observed": 1,
"object_refs": [
"url--560b7f69-52c4-4c12-87f9-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f69-52c4-4c12-87f9-ecee950d210b",
"value": "https://www.virustotal.com/file/1060c81ff8769ec6b0e0b69797cfa33a9de71b1a9b77ff7b0e817ed6f3419c4c/analysis/1438947777/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6a-b7ac-41a5-8ad0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:30.000Z",
"modified": "2015-09-30T06:21:30.000Z",
"description": "- Xchecked via VT: c55f7e4fe38c3dff91bd235025403e1b57bace8b0f8be024e39fb144c4c2b18b",
"pattern": "[file:hashes.SHA1 = '18eea67c6d010769a2374ea38e1c2f89009be6f7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6a-8a78-4529-81e1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:30.000Z",
"modified": "2015-09-30T06:21:30.000Z",
"description": "- Xchecked via VT: c55f7e4fe38c3dff91bd235025403e1b57bace8b0f8be024e39fb144c4c2b18b",
"pattern": "[file:hashes.MD5 = '9d3e5c2ead61cb98c3ba6bf60d5c8951']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f6a-9300-4c8d-b3ba-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:30.000Z",
"modified": "2015-09-30T06:21:30.000Z",
"first_observed": "2015-09-30T06:21:30Z",
"last_observed": "2015-09-30T06:21:30Z",
"number_observed": 1,
"object_refs": [
"url--560b7f6a-9300-4c8d-b3ba-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f6a-9300-4c8d-b3ba-ecee950d210b",
"value": "https://www.virustotal.com/file/c55f7e4fe38c3dff91bd235025403e1b57bace8b0f8be024e39fb144c4c2b18b/analysis/1439002546/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6b-c510-4750-a916-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:31.000Z",
"modified": "2015-09-30T06:21:31.000Z",
"description": "- Xchecked via VT: 23b0edd21973850cdedfad0ad4945165ced7219baed704383146a97370be010e",
"pattern": "[file:hashes.SHA1 = '3fb2aabd871794ee2d9a9ba9c3fb909689a4ed51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6b-8e04-4c48-bd98-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:31.000Z",
"modified": "2015-09-30T06:21:31.000Z",
"description": "- Xchecked via VT: 23b0edd21973850cdedfad0ad4945165ced7219baed704383146a97370be010e",
"pattern": "[file:hashes.MD5 = '88c39a5311052460f17226f35bbc823e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f6b-7754-4be4-9715-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:31.000Z",
"modified": "2015-09-30T06:21:31.000Z",
"first_observed": "2015-09-30T06:21:31Z",
"last_observed": "2015-09-30T06:21:31Z",
"number_observed": 1,
"object_refs": [
"url--560b7f6b-7754-4be4-9715-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f6b-7754-4be4-9715-ecee950d210b",
"value": "https://www.virustotal.com/file/23b0edd21973850cdedfad0ad4945165ced7219baed704383146a97370be010e/analysis/1439660046/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6c-b738-48f9-bb72-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:32.000Z",
"modified": "2015-09-30T06:21:32.000Z",
"description": "- Xchecked via VT: 57cbec5317cb03e69bb5c9ffc01852c4bd65e7905ce75b42086715cd72c057fd",
"pattern": "[file:hashes.SHA1 = '763ff11e4aed050844a643eef1052af615bce622']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6c-1b8c-49c8-ada3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:32.000Z",
"modified": "2015-09-30T06:21:32.000Z",
"description": "- Xchecked via VT: 57cbec5317cb03e69bb5c9ffc01852c4bd65e7905ce75b42086715cd72c057fd",
"pattern": "[file:hashes.MD5 = '4db968d4d8202ee9372ad291914edfb3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f6c-15a4-4260-a827-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:32.000Z",
"modified": "2015-09-30T06:21:32.000Z",
"first_observed": "2015-09-30T06:21:32Z",
"last_observed": "2015-09-30T06:21:32Z",
"number_observed": 1,
"object_refs": [
"url--560b7f6c-15a4-4260-a827-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f6c-15a4-4260-a827-ecee950d210b",
"value": "https://www.virustotal.com/file/57cbec5317cb03e69bb5c9ffc01852c4bd65e7905ce75b42086715cd72c057fd/analysis/1433445737/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6d-2dac-4c0d-95fb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:33.000Z",
"modified": "2015-09-30T06:21:33.000Z",
"description": "- Xchecked via VT: 66fcf7b770ca9f62f18c4c30e3d4597b9ba86091d737abb4f83acfd31ed81f4f",
"pattern": "[file:hashes.SHA1 = '75cc7159ba568fb936354473c70c338e37f1a55c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6d-d01c-4ee4-b4d8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:33.000Z",
"modified": "2015-09-30T06:21:33.000Z",
"description": "- Xchecked via VT: 66fcf7b770ca9f62f18c4c30e3d4597b9ba86091d737abb4f83acfd31ed81f4f",
"pattern": "[file:hashes.MD5 = '6cdbe9944dc0f99bd89379b5bb715ddc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f6d-b72c-490c-8be8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:33.000Z",
"modified": "2015-09-30T06:21:33.000Z",
"first_observed": "2015-09-30T06:21:33Z",
"last_observed": "2015-09-30T06:21:33Z",
"number_observed": 1,
"object_refs": [
"url--560b7f6d-b72c-490c-8be8-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f6d-b72c-490c-8be8-ecee950d210b",
"value": "https://www.virustotal.com/file/66fcf7b770ca9f62f18c4c30e3d4597b9ba86091d737abb4f83acfd31ed81f4f/analysis/1439259048/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6e-4678-4a2a-894e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:34.000Z",
"modified": "2015-09-30T06:21:34.000Z",
"description": "- Xchecked via VT: 00a5acef64e2dceb12cf5590f84a493fd12645703a798ecc52ba5a121ff409d1",
"pattern": "[file:hashes.SHA1 = 'b241dbd7dac13a1c1ecd276f67dd69e1cd0e0626']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6e-5c50-422a-99ce-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:34.000Z",
"modified": "2015-09-30T06:21:34.000Z",
"description": "- Xchecked via VT: 00a5acef64e2dceb12cf5590f84a493fd12645703a798ecc52ba5a121ff409d1",
"pattern": "[file:hashes.MD5 = 'e7ed0bcfe5cc395e3cbcddf15bed3c6e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f6f-76bc-40bc-90bc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:35.000Z",
"modified": "2015-09-30T06:21:35.000Z",
"first_observed": "2015-09-30T06:21:35Z",
"last_observed": "2015-09-30T06:21:35Z",
"number_observed": 1,
"object_refs": [
"url--560b7f6f-76bc-40bc-90bc-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f6f-76bc-40bc-90bc-ecee950d210b",
"value": "https://www.virustotal.com/file/00a5acef64e2dceb12cf5590f84a493fd12645703a798ecc52ba5a121ff409d1/analysis/1441795956/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6f-0098-4002-b350-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:35.000Z",
"modified": "2015-09-30T06:21:35.000Z",
"description": "- Xchecked via VT: d29e6de5308d741df1ef25933afdca1f07fc8e14f01ad08abaf0ec335526c15b",
"pattern": "[file:hashes.SHA1 = '5c6c199a3b017ae831d105d1eaf85d6f0bdbead2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f6f-0f14-4cdc-996d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:35.000Z",
"modified": "2015-09-30T06:21:35.000Z",
"description": "- Xchecked via VT: d29e6de5308d741df1ef25933afdca1f07fc8e14f01ad08abaf0ec335526c15b",
"pattern": "[file:hashes.MD5 = '5cbc7d16ef81c3f276d09194070c4a36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f70-3a58-4350-967a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:36.000Z",
"modified": "2015-09-30T06:21:36.000Z",
"first_observed": "2015-09-30T06:21:36Z",
"last_observed": "2015-09-30T06:21:36Z",
"number_observed": 1,
"object_refs": [
"url--560b7f70-3a58-4350-967a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f70-3a58-4350-967a-ecee950d210b",
"value": "https://www.virustotal.com/file/d29e6de5308d741df1ef25933afdca1f07fc8e14f01ad08abaf0ec335526c15b/analysis/1438956870/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f70-271c-4c6e-bb05-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:36.000Z",
"modified": "2015-09-30T06:21:36.000Z",
"description": "- Xchecked via VT: b6d5eb42776bf12e593d31091ad2b69761d3c8594fb7eee787d71410de0a1426",
"pattern": "[file:hashes.SHA1 = '3b7c20f6830541625b711e4811722b86f8d30403']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f70-88a4-444e-9caa-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:36.000Z",
"modified": "2015-09-30T06:21:36.000Z",
"description": "- Xchecked via VT: b6d5eb42776bf12e593d31091ad2b69761d3c8594fb7eee787d71410de0a1426",
"pattern": "[file:hashes.MD5 = '7e7e176451b69ddca975f8bb8a2ef091']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f71-ffa4-4806-9536-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:37.000Z",
"modified": "2015-09-30T06:21:37.000Z",
"first_observed": "2015-09-30T06:21:37Z",
"last_observed": "2015-09-30T06:21:37Z",
"number_observed": 1,
"object_refs": [
"url--560b7f71-ffa4-4806-9536-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f71-ffa4-4806-9536-ecee950d210b",
"value": "https://www.virustotal.com/file/b6d5eb42776bf12e593d31091ad2b69761d3c8594fb7eee787d71410de0a1426/analysis/1438957582/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f71-110c-44d8-becb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:37.000Z",
"modified": "2015-09-30T06:21:37.000Z",
"description": "- Xchecked via VT: 725933eb961e119e1a2d9ba8da928be65d7e4553d037f745465eaaead54977d2",
"pattern": "[file:hashes.SHA1 = 'f046806b1b845071a410a73526f59a90ed4fec7c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f71-a878-4ff9-bc21-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:37.000Z",
"modified": "2015-09-30T06:21:37.000Z",
"description": "- Xchecked via VT: 725933eb961e119e1a2d9ba8da928be65d7e4553d037f745465eaaead54977d2",
"pattern": "[file:hashes.MD5 = '0fe68e98b3bc127cdaff68fb25fc5f59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f72-febc-4a90-80bc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:38.000Z",
"modified": "2015-09-30T06:21:38.000Z",
"first_observed": "2015-09-30T06:21:38Z",
"last_observed": "2015-09-30T06:21:38Z",
"number_observed": 1,
"object_refs": [
"url--560b7f72-febc-4a90-80bc-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f72-febc-4a90-80bc-ecee950d210b",
"value": "https://www.virustotal.com/file/725933eb961e119e1a2d9ba8da928be65d7e4553d037f745465eaaead54977d2/analysis/1443102946/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f72-c7d8-4291-bcb8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:38.000Z",
"modified": "2015-09-30T06:21:38.000Z",
"description": "- Xchecked via VT: cc511fd5fb450965ea680d90fc2a56282c52f8ca672fb8584195b4cfc614c223",
"pattern": "[file:hashes.SHA1 = '940c3fe1e5a75b454f56b5ef63bea71dce362295']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f72-57d8-4fe1-ba69-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:38.000Z",
"modified": "2015-09-30T06:21:38.000Z",
"description": "- Xchecked via VT: cc511fd5fb450965ea680d90fc2a56282c52f8ca672fb8584195b4cfc614c223",
"pattern": "[file:hashes.MD5 = '5b2a35e4bb6f0d1cf2f371891071dadb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f73-9b9c-41f9-9f28-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:39.000Z",
"modified": "2015-09-30T06:21:39.000Z",
"first_observed": "2015-09-30T06:21:39Z",
"last_observed": "2015-09-30T06:21:39Z",
"number_observed": 1,
"object_refs": [
"url--560b7f73-9b9c-41f9-9f28-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f73-9b9c-41f9-9f28-ecee950d210b",
"value": "https://www.virustotal.com/file/cc511fd5fb450965ea680d90fc2a56282c52f8ca672fb8584195b4cfc614c223/analysis/1439051414/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f73-df10-471f-a868-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:39.000Z",
"modified": "2015-09-30T06:21:39.000Z",
"description": "- Xchecked via VT: 3162ca675eca28160a4431c43afa26efc5d4bd2d05220c7145016bc9f444b1bc",
"pattern": "[file:hashes.SHA1 = '1673598325b10c4790f4f38f7be37ffb3ef4d8a6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f73-ef9c-4c9d-8d35-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:39.000Z",
"modified": "2015-09-30T06:21:39.000Z",
"description": "- Xchecked via VT: 3162ca675eca28160a4431c43afa26efc5d4bd2d05220c7145016bc9f444b1bc",
"pattern": "[file:hashes.MD5 = '2d34e62848bbbef2b46c36a22f5d22ec']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f74-91a8-4d06-b342-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:40.000Z",
"modified": "2015-09-30T06:21:40.000Z",
"first_observed": "2015-09-30T06:21:40Z",
"last_observed": "2015-09-30T06:21:40Z",
"number_observed": 1,
"object_refs": [
"url--560b7f74-91a8-4d06-b342-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f74-91a8-4d06-b342-ecee950d210b",
"value": "https://www.virustotal.com/file/3162ca675eca28160a4431c43afa26efc5d4bd2d05220c7145016bc9f444b1bc/analysis/1439050621/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f74-0eb4-4365-9aa9-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:40.000Z",
"modified": "2015-09-30T06:21:40.000Z",
"description": "- Xchecked via VT: 85520da67298838c434440e2f20c63474f5e80f09f5695a93e0f7533547c9f4f",
"pattern": "[file:hashes.SHA1 = '0931fa513ac5f9a9bda5e4959afa6d178ee2df58']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f74-3a2c-4455-9d9c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:40.000Z",
"modified": "2015-09-30T06:21:40.000Z",
"description": "- Xchecked via VT: 85520da67298838c434440e2f20c63474f5e80f09f5695a93e0f7533547c9f4f",
"pattern": "[file:hashes.MD5 = '8ae88863314780a57bda74c3a8e42de3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f75-7264-45d4-ab4a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:41.000Z",
"modified": "2015-09-30T06:21:41.000Z",
"first_observed": "2015-09-30T06:21:41Z",
"last_observed": "2015-09-30T06:21:41Z",
"number_observed": 1,
"object_refs": [
"url--560b7f75-7264-45d4-ab4a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f75-7264-45d4-ab4a-ecee950d210b",
"value": "https://www.virustotal.com/file/85520da67298838c434440e2f20c63474f5e80f09f5695a93e0f7533547c9f4f/analysis/1439768292/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f75-6f80-4a13-9fe9-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:41.000Z",
"modified": "2015-09-30T06:21:41.000Z",
"description": "- Xchecked via VT: 842688e8890b1a95d3a7920e1b3007ea75609372b37d84345211fb8412d1b80e",
"pattern": "[file:hashes.SHA1 = '4b66227feb70e952b593a9332da9a1b2a470ae8e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f75-fd2c-4de3-a435-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:41.000Z",
"modified": "2015-09-30T06:21:41.000Z",
"description": "- Xchecked via VT: 842688e8890b1a95d3a7920e1b3007ea75609372b37d84345211fb8412d1b80e",
"pattern": "[file:hashes.MD5 = '0d7a8105c570ff571c27dcd2b188543e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f76-33f4-4132-a4b5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:42.000Z",
"modified": "2015-09-30T06:21:42.000Z",
"first_observed": "2015-09-30T06:21:42Z",
"last_observed": "2015-09-30T06:21:42Z",
"number_observed": 1,
"object_refs": [
"url--560b7f76-33f4-4132-a4b5-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f76-33f4-4132-a4b5-ecee950d210b",
"value": "https://www.virustotal.com/file/842688e8890b1a95d3a7920e1b3007ea75609372b37d84345211fb8412d1b80e/analysis/1439770543/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f76-0f50-4033-a71e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:42.000Z",
"modified": "2015-09-30T06:21:42.000Z",
"description": "- Xchecked via VT: 853074fdb60a0650dbb8fbc9653bedfb3c1bfa45d4420c7b49f283e1588a2ded",
"pattern": "[file:hashes.SHA1 = 'ec658a4a0fcda765bcdbbb779a30449b69f7efb4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f76-8d4c-4476-98cd-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:42.000Z",
"modified": "2015-09-30T06:21:42.000Z",
"description": "- Xchecked via VT: 853074fdb60a0650dbb8fbc9653bedfb3c1bfa45d4420c7b49f283e1588a2ded",
"pattern": "[file:hashes.MD5 = '1a258db726af3e0056e506773b571fdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f77-e090-4916-938b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:43.000Z",
"modified": "2015-09-30T06:21:43.000Z",
"first_observed": "2015-09-30T06:21:43Z",
"last_observed": "2015-09-30T06:21:43Z",
"number_observed": 1,
"object_refs": [
"url--560b7f77-e090-4916-938b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f77-e090-4916-938b-ecee950d210b",
"value": "https://www.virustotal.com/file/853074fdb60a0650dbb8fbc9653bedfb3c1bfa45d4420c7b49f283e1588a2ded/analysis/1443094769/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f77-fb64-4527-a356-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:43.000Z",
"modified": "2015-09-30T06:21:43.000Z",
"description": "- Xchecked via VT: ba9e79c84932a56bd5be581d412ad7983f7099213367703e29bea9ee1deb0d69",
"pattern": "[file:hashes.SHA1 = '512cb73672a7c7505fd116f434d2c509d1ffe711']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f78-568c-4049-a75f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:44.000Z",
"modified": "2015-09-30T06:21:44.000Z",
"description": "- Xchecked via VT: ba9e79c84932a56bd5be581d412ad7983f7099213367703e29bea9ee1deb0d69",
"pattern": "[file:hashes.MD5 = 'ab78f6c5f4027bedb4df4535cfffb1ba']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f78-836c-415c-81f6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:44.000Z",
"modified": "2015-09-30T06:21:44.000Z",
"first_observed": "2015-09-30T06:21:44Z",
"last_observed": "2015-09-30T06:21:44Z",
"number_observed": 1,
"object_refs": [
"url--560b7f78-836c-415c-81f6-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f78-836c-415c-81f6-ecee950d210b",
"value": "https://www.virustotal.com/file/ba9e79c84932a56bd5be581d412ad7983f7099213367703e29bea9ee1deb0d69/analysis/1439838949/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f78-2588-44a4-b341-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:44.000Z",
"modified": "2015-09-30T06:21:44.000Z",
"description": "- Xchecked via VT: f81d30e97d4073540ec3724f0872759a67b84ec0f5e2f6a4ab2893361d79459e",
"pattern": "[file:hashes.SHA1 = '9bbae36de419dcc16a7dc8c05f6af9ab36132f26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f79-e788-4218-abf7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:45.000Z",
"modified": "2015-09-30T06:21:45.000Z",
"description": "- Xchecked via VT: f81d30e97d4073540ec3724f0872759a67b84ec0f5e2f6a4ab2893361d79459e",
"pattern": "[file:hashes.MD5 = '890fc045f64784e02c3dacda14acfb51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f79-c9d0-49d0-ba5d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:45.000Z",
"modified": "2015-09-30T06:21:45.000Z",
"first_observed": "2015-09-30T06:21:45Z",
"last_observed": "2015-09-30T06:21:45Z",
"number_observed": 1,
"object_refs": [
"url--560b7f79-c9d0-49d0-ba5d-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f79-c9d0-49d0-ba5d-ecee950d210b",
"value": "https://www.virustotal.com/file/f81d30e97d4073540ec3724f0872759a67b84ec0f5e2f6a4ab2893361d79459e/analysis/1439712183/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f79-cfd4-4842-8401-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:45.000Z",
"modified": "2015-09-30T06:21:45.000Z",
"description": "- Xchecked via VT: b91b48c65d165bfc3013c728a6d2dcc71665c35f407dedc44d56b8354f61d7a5",
"pattern": "[file:hashes.SHA1 = 'a25c94174f0f4a8a4627c7ce839ddc399370f219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7a-29c8-437d-8e0b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:46.000Z",
"modified": "2015-09-30T06:21:46.000Z",
"description": "- Xchecked via VT: b91b48c65d165bfc3013c728a6d2dcc71665c35f407dedc44d56b8354f61d7a5",
"pattern": "[file:hashes.MD5 = '3e1af29ac6914e2d0d67f4da87a158c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f7a-90f4-45f8-a28a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:46.000Z",
"modified": "2015-09-30T06:21:46.000Z",
"first_observed": "2015-09-30T06:21:46Z",
"last_observed": "2015-09-30T06:21:46Z",
"number_observed": 1,
"object_refs": [
"url--560b7f7a-90f4-45f8-a28a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f7a-90f4-45f8-a28a-ecee950d210b",
"value": "https://www.virustotal.com/file/b91b48c65d165bfc3013c728a6d2dcc71665c35f407dedc44d56b8354f61d7a5/analysis/1440503169/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7a-c814-4fc4-9cfe-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:46.000Z",
"modified": "2015-09-30T06:21:46.000Z",
"description": "- Xchecked via VT: 1adc4f09c95abfa7287bfc393550fc7ff1068c2efd331945f7f848bdccf4cb08",
"pattern": "[file:hashes.SHA1 = '2f594b3ca8458f15bc0558db49ceeea69743316f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7b-c550-4304-a398-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:47.000Z",
"modified": "2015-09-30T06:21:47.000Z",
"description": "- Xchecked via VT: 1adc4f09c95abfa7287bfc393550fc7ff1068c2efd331945f7f848bdccf4cb08",
"pattern": "[file:hashes.MD5 = '1d998294bb4889106483ef5cc0d670a4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f7b-f068-45c6-8453-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:47.000Z",
"modified": "2015-09-30T06:21:47.000Z",
"first_observed": "2015-09-30T06:21:47Z",
"last_observed": "2015-09-30T06:21:47Z",
"number_observed": 1,
"object_refs": [
"url--560b7f7b-f068-45c6-8453-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f7b-f068-45c6-8453-ecee950d210b",
"value": "https://www.virustotal.com/file/1adc4f09c95abfa7287bfc393550fc7ff1068c2efd331945f7f848bdccf4cb08/analysis/1435431373/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7b-e614-4779-ade4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:47.000Z",
"modified": "2015-09-30T06:21:47.000Z",
"description": "- Xchecked via VT: fc8220350791c1574f0fc5ccef0aac15f5cac5924586760765611dfe879bca4a",
"pattern": "[file:hashes.SHA1 = '5e89c77ec22936e1610f0c3959094dad34f62df8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7c-3c04-48a3-a9a6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:48.000Z",
"modified": "2015-09-30T06:21:48.000Z",
"description": "- Xchecked via VT: fc8220350791c1574f0fc5ccef0aac15f5cac5924586760765611dfe879bca4a",
"pattern": "[file:hashes.MD5 = '82ec24a39f6b904c27b1a54afa795acb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f7c-818c-41ec-8926-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:48.000Z",
"modified": "2015-09-30T06:21:48.000Z",
"first_observed": "2015-09-30T06:21:48Z",
"last_observed": "2015-09-30T06:21:48Z",
"number_observed": 1,
"object_refs": [
"url--560b7f7c-818c-41ec-8926-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f7c-818c-41ec-8926-ecee950d210b",
"value": "https://www.virustotal.com/file/fc8220350791c1574f0fc5ccef0aac15f5cac5924586760765611dfe879bca4a/analysis/1427587856/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7c-1338-461d-aa0c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:48.000Z",
"modified": "2015-09-30T06:21:48.000Z",
"description": "- Xchecked via VT: c3993df28edad5933a59f5a1792b2a7359988cbe8043ff5bcfb92d82d5c91d94",
"pattern": "[file:hashes.SHA1 = '4aa11cea017a94c19c415669333930aff57fb242']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7d-9000-4de5-aa9b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:49.000Z",
"modified": "2015-09-30T06:21:49.000Z",
"description": "- Xchecked via VT: c3993df28edad5933a59f5a1792b2a7359988cbe8043ff5bcfb92d82d5c91d94",
"pattern": "[file:hashes.MD5 = 'cb96bbbbbf4e7be25859c100094e9861']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f7d-9f6c-467a-8978-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:49.000Z",
"modified": "2015-09-30T06:21:49.000Z",
"first_observed": "2015-09-30T06:21:49Z",
"last_observed": "2015-09-30T06:21:49Z",
"number_observed": 1,
"object_refs": [
"url--560b7f7d-9f6c-467a-8978-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f7d-9f6c-467a-8978-ecee950d210b",
"value": "https://www.virustotal.com/file/c3993df28edad5933a59f5a1792b2a7359988cbe8043ff5bcfb92d82d5c91d94/analysis/1433882313/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7d-edd8-4a35-8198-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:49.000Z",
"modified": "2015-09-30T06:21:49.000Z",
"description": "- Xchecked via VT: 60396eed12aec83242a5bfc22a6931e53c63c3b98c017b7a39017b1e9631a438",
"pattern": "[file:hashes.SHA1 = 'fd3b7e38f9b33bd8770d027a5e6e037f75822294']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7e-f47c-487f-bb8c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:50.000Z",
"modified": "2015-09-30T06:21:50.000Z",
"description": "- Xchecked via VT: 60396eed12aec83242a5bfc22a6931e53c63c3b98c017b7a39017b1e9631a438",
"pattern": "[file:hashes.MD5 = 'a96f25cc715a936550f488655bb75827']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f7e-413c-4cf9-bf02-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:50.000Z",
"modified": "2015-09-30T06:21:50.000Z",
"first_observed": "2015-09-30T06:21:50Z",
"last_observed": "2015-09-30T06:21:50Z",
"number_observed": 1,
"object_refs": [
"url--560b7f7e-413c-4cf9-bf02-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f7e-413c-4cf9-bf02-ecee950d210b",
"value": "https://www.virustotal.com/file/60396eed12aec83242a5bfc22a6931e53c63c3b98c017b7a39017b1e9631a438/analysis/1434746353/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7e-ff60-4af5-a273-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:50.000Z",
"modified": "2015-09-30T06:21:50.000Z",
"description": "- Xchecked via VT: 49614e87a0b76a4a563f25bfda0c2573ee38b4b4c8ca3b2e526746484391489b",
"pattern": "[file:hashes.SHA1 = '0c4334aaee6c127945c1dcbf50c6953ab00795c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f7f-9ea4-4f9d-8933-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:51.000Z",
"modified": "2015-09-30T06:21:51.000Z",
"description": "- Xchecked via VT: 49614e87a0b76a4a563f25bfda0c2573ee38b4b4c8ca3b2e526746484391489b",
"pattern": "[file:hashes.MD5 = '6592c738203ef220145bf10d2880d148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f7f-e2ec-455f-b820-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:51.000Z",
"modified": "2015-09-30T06:21:51.000Z",
"first_observed": "2015-09-30T06:21:51Z",
"last_observed": "2015-09-30T06:21:51Z",
"number_observed": 1,
"object_refs": [
"url--560b7f7f-e2ec-455f-b820-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f7f-e2ec-455f-b820-ecee950d210b",
"value": "https://www.virustotal.com/file/49614e87a0b76a4a563f25bfda0c2573ee38b4b4c8ca3b2e526746484391489b/analysis/1415014579/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f80-2338-422d-b8d6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:52.000Z",
"modified": "2015-09-30T06:21:52.000Z",
"description": "- Xchecked via VT: 7181204ad17576bdaf92e198710083d6b80ab4f8962785f89254e0da384c4f9d",
"pattern": "[file:hashes.SHA1 = '8a6a418c4f13c30cbb4ff451d3bcb957232ff80c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f80-e928-4e3a-b483-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:52.000Z",
"modified": "2015-09-30T06:21:52.000Z",
"description": "- Xchecked via VT: 7181204ad17576bdaf92e198710083d6b80ab4f8962785f89254e0da384c4f9d",
"pattern": "[file:hashes.MD5 = 'd8e0e69ad14623af270180bd8a0a81a2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f80-53cc-45b9-8513-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:52.000Z",
"modified": "2015-09-30T06:21:52.000Z",
"first_observed": "2015-09-30T06:21:52Z",
"last_observed": "2015-09-30T06:21:52Z",
"number_observed": 1,
"object_refs": [
"url--560b7f80-53cc-45b9-8513-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f80-53cc-45b9-8513-ecee950d210b",
"value": "https://www.virustotal.com/file/7181204ad17576bdaf92e198710083d6b80ab4f8962785f89254e0da384c4f9d/analysis/1413275373/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f81-0768-4908-a7f6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:53.000Z",
"modified": "2015-09-30T06:21:53.000Z",
"description": "- Xchecked via VT: 32dfff3c64e62fd182c1e22944ba8a92508b987083960be42d27742344e4e843",
"pattern": "[file:hashes.SHA1 = 'fa3a14ee8239739d580019147f4e2a07a042d863']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f81-23f4-4d06-a61a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:53.000Z",
"modified": "2015-09-30T06:21:53.000Z",
"description": "- Xchecked via VT: 32dfff3c64e62fd182c1e22944ba8a92508b987083960be42d27742344e4e843",
"pattern": "[file:hashes.MD5 = '51544e234e2506aa1c2c83962135dec8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f81-a6e4-4479-bf4b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:53.000Z",
"modified": "2015-09-30T06:21:53.000Z",
"first_observed": "2015-09-30T06:21:53Z",
"last_observed": "2015-09-30T06:21:53Z",
"number_observed": 1,
"object_refs": [
"url--560b7f81-a6e4-4479-bf4b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f81-a6e4-4479-bf4b-ecee950d210b",
"value": "https://www.virustotal.com/file/32dfff3c64e62fd182c1e22944ba8a92508b987083960be42d27742344e4e843/analysis/1432302784/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f82-f354-44c7-844b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:54.000Z",
"modified": "2015-09-30T06:21:54.000Z",
"description": "- Xchecked via VT: 67b160dabfeb6537413325f9d8f7284251431fa8066a408955cb574c30e1b762",
"pattern": "[file:hashes.SHA1 = '0ad88e00a2163187131e26c762ea8a3c3f3de7fc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f82-0b94-4427-ba2f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:54.000Z",
"modified": "2015-09-30T06:21:54.000Z",
"description": "- Xchecked via VT: 67b160dabfeb6537413325f9d8f7284251431fa8066a408955cb574c30e1b762",
"pattern": "[file:hashes.MD5 = 'cc20b818da2fef83d6b2e78afa959262']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f82-47d0-4fef-80a5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:54.000Z",
"modified": "2015-09-30T06:21:54.000Z",
"first_observed": "2015-09-30T06:21:54Z",
"last_observed": "2015-09-30T06:21:54Z",
"number_observed": 1,
"object_refs": [
"url--560b7f82-47d0-4fef-80a5-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f82-47d0-4fef-80a5-ecee950d210b",
"value": "https://www.virustotal.com/file/67b160dabfeb6537413325f9d8f7284251431fa8066a408955cb574c30e1b762/analysis/1438459951/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f83-fe1c-4c35-a27c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:55.000Z",
"modified": "2015-09-30T06:21:55.000Z",
"description": "- Xchecked via VT: d79031c1dc82ba24863da8aecf6d452c066875f52e5bf71e912c8e5f3824eff9",
"pattern": "[file:hashes.SHA1 = '1717fd2d9659b90e23be278f8e85bea2a42ca061']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f83-b0e0-48c8-b245-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:55.000Z",
"modified": "2015-09-30T06:21:55.000Z",
"description": "- Xchecked via VT: d79031c1dc82ba24863da8aecf6d452c066875f52e5bf71e912c8e5f3824eff9",
"pattern": "[file:hashes.MD5 = '306c94015195c8eb6787e0b4d8a0b74d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f83-5484-4da2-8a6f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:55.000Z",
"modified": "2015-09-30T06:21:55.000Z",
"first_observed": "2015-09-30T06:21:55Z",
"last_observed": "2015-09-30T06:21:55Z",
"number_observed": 1,
"object_refs": [
"url--560b7f83-5484-4da2-8a6f-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f83-5484-4da2-8a6f-ecee950d210b",
"value": "https://www.virustotal.com/file/d79031c1dc82ba24863da8aecf6d452c066875f52e5bf71e912c8e5f3824eff9/analysis/1438138219/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f84-6bdc-43e1-a4d8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:56.000Z",
"modified": "2015-09-30T06:21:56.000Z",
"description": "- Xchecked via VT: 848b2c91d158110df33ecb25832825de0bc1e99c945fc74d2a236f6171afda08",
"pattern": "[file:hashes.SHA1 = '831a009820b614b6bbfcc6bd6989d80f084805fb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f84-e0e0-480f-beb4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:56.000Z",
"modified": "2015-09-30T06:21:56.000Z",
"description": "- Xchecked via VT: 848b2c91d158110df33ecb25832825de0bc1e99c945fc74d2a236f6171afda08",
"pattern": "[file:hashes.MD5 = '06c36b9163d1bb200a92c621578f5e93']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f84-099c-4e03-9db3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:56.000Z",
"modified": "2015-09-30T06:21:56.000Z",
"first_observed": "2015-09-30T06:21:56Z",
"last_observed": "2015-09-30T06:21:56Z",
"number_observed": 1,
"object_refs": [
"url--560b7f84-099c-4e03-9db3-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f84-099c-4e03-9db3-ecee950d210b",
"value": "https://www.virustotal.com/file/848b2c91d158110df33ecb25832825de0bc1e99c945fc74d2a236f6171afda08/analysis/1438601104/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f85-aa88-427c-a7a8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:57.000Z",
"modified": "2015-09-30T06:21:57.000Z",
"description": "- Xchecked via VT: c8066ab6a2fcbf4ac541b36921d29e8b4dcbd04df5ac62c6f2a44da8db322317",
"pattern": "[file:hashes.SHA1 = 'c70515cb4d9cb05134bebbe57be929f19eca4947']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f85-8744-464f-867b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:57.000Z",
"modified": "2015-09-30T06:21:57.000Z",
"description": "- Xchecked via VT: c8066ab6a2fcbf4ac541b36921d29e8b4dcbd04df5ac62c6f2a44da8db322317",
"pattern": "[file:hashes.MD5 = '4544b60ae9e14ea4369f5719c48da495']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f85-23bc-4e40-bd7a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:57.000Z",
"modified": "2015-09-30T06:21:57.000Z",
"first_observed": "2015-09-30T06:21:57Z",
"last_observed": "2015-09-30T06:21:57Z",
"number_observed": 1,
"object_refs": [
"url--560b7f85-23bc-4e40-bd7a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f85-23bc-4e40-bd7a-ecee950d210b",
"value": "https://www.virustotal.com/file/c8066ab6a2fcbf4ac541b36921d29e8b4dcbd04df5ac62c6f2a44da8db322317/analysis/1420090099/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f86-04f0-4346-96d2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:58.000Z",
"modified": "2015-09-30T06:21:58.000Z",
"description": "- Xchecked via VT: d533467474b94674c8ff4ff0c2cd19cd55152d29f1ecf58ec028e23f46cf779d",
"pattern": "[file:hashes.SHA1 = '43c6341140292e4fccdf58cc8c9f23ecc06a6880']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f86-f084-4d31-a684-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:58.000Z",
"modified": "2015-09-30T06:21:58.000Z",
"description": "- Xchecked via VT: d533467474b94674c8ff4ff0c2cd19cd55152d29f1ecf58ec028e23f46cf779d",
"pattern": "[file:hashes.MD5 = '6fbfa18ccc37ce4145a66eb24d9b104b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f86-740c-4a19-96d1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:58.000Z",
"modified": "2015-09-30T06:21:58.000Z",
"first_observed": "2015-09-30T06:21:58Z",
"last_observed": "2015-09-30T06:21:58Z",
"number_observed": 1,
"object_refs": [
"url--560b7f86-740c-4a19-96d1-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f86-740c-4a19-96d1-ecee950d210b",
"value": "https://www.virustotal.com/file/d533467474b94674c8ff4ff0c2cd19cd55152d29f1ecf58ec028e23f46cf779d/analysis/1423122225/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f87-0a30-4c42-b997-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:59.000Z",
"modified": "2015-09-30T06:21:59.000Z",
"description": "- Xchecked via VT: 2b5a5d0754267b92b8b554ebfdd9f4664567fce2843ee253a95f283732e66185",
"pattern": "[file:hashes.SHA1 = '7b5f23b0eb21a953147554ef3229b4f76666501a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f87-abec-4f39-b43a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:59.000Z",
"modified": "2015-09-30T06:21:59.000Z",
"description": "- Xchecked via VT: 2b5a5d0754267b92b8b554ebfdd9f4664567fce2843ee253a95f283732e66185",
"pattern": "[file:hashes.MD5 = '616b43d56d4487ae99b9013d68e03457']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:21:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f87-b858-434d-b752-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:21:59.000Z",
"modified": "2015-09-30T06:21:59.000Z",
"first_observed": "2015-09-30T06:21:59Z",
"last_observed": "2015-09-30T06:21:59Z",
"number_observed": 1,
"object_refs": [
"url--560b7f87-b858-434d-b752-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f87-b858-434d-b752-ecee950d210b",
"value": "https://www.virustotal.com/file/2b5a5d0754267b92b8b554ebfdd9f4664567fce2843ee253a95f283732e66185/analysis/1430770453/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f88-9300-4dfb-ba3a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:00.000Z",
"modified": "2015-09-30T06:22:00.000Z",
"description": "- Xchecked via VT: 6d7c3528bf4a6979427476fa069cc4847eba6a634237c11d36143374e3c0d87f",
"pattern": "[file:hashes.SHA1 = '4fc2527ab837407a5f00f6db7209311179724b68']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f88-58bc-4d84-b230-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:00.000Z",
"modified": "2015-09-30T06:22:00.000Z",
"description": "- Xchecked via VT: 6d7c3528bf4a6979427476fa069cc4847eba6a634237c11d36143374e3c0d87f",
"pattern": "[file:hashes.MD5 = '349c0e35d4f5ae1039027b45b5c64ed6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f89-a308-473d-a4c4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:01.000Z",
"modified": "2015-09-30T06:22:01.000Z",
"first_observed": "2015-09-30T06:22:01Z",
"last_observed": "2015-09-30T06:22:01Z",
"number_observed": 1,
"object_refs": [
"url--560b7f89-a308-473d-a4c4-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f89-a308-473d-a4c4-ecee950d210b",
"value": "https://www.virustotal.com/file/6d7c3528bf4a6979427476fa069cc4847eba6a634237c11d36143374e3c0d87f/analysis/1436810305/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f89-06c0-48ed-82d7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:01.000Z",
"modified": "2015-09-30T06:22:01.000Z",
"description": "- Xchecked via VT: 5648b43285cfa6557a7e4b70b31dbd15e7bc6b3643eec9537bea82a0367776b4",
"pattern": "[file:hashes.SHA1 = 'a839dd946e8575d5a8cc63ca528d15af1201e1af']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f89-5a90-49bc-9072-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:01.000Z",
"modified": "2015-09-30T06:22:01.000Z",
"description": "- Xchecked via VT: 5648b43285cfa6557a7e4b70b31dbd15e7bc6b3643eec9537bea82a0367776b4",
"pattern": "[file:hashes.MD5 = '8a5a670c15a587749e73c329b076e253']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f8a-6c1c-4198-ac01-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:02.000Z",
"modified": "2015-09-30T06:22:02.000Z",
"first_observed": "2015-09-30T06:22:02Z",
"last_observed": "2015-09-30T06:22:02Z",
"number_observed": 1,
"object_refs": [
"url--560b7f8a-6c1c-4198-ac01-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f8a-6c1c-4198-ac01-ecee950d210b",
"value": "https://www.virustotal.com/file/5648b43285cfa6557a7e4b70b31dbd15e7bc6b3643eec9537bea82a0367776b4/analysis/1436811570/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8a-632c-471d-91fb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:02.000Z",
"modified": "2015-09-30T06:22:02.000Z",
"description": "- Xchecked via VT: e98567419d27849e8e7e7a74f64b8cf981e82b2205bbee20f4b9b63f3d83c6bf",
"pattern": "[file:hashes.SHA1 = 'd78ae835d0c6981055343b80fd7b9eaa6968e219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8a-9540-4c39-a2c7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:02.000Z",
"modified": "2015-09-30T06:22:02.000Z",
"description": "- Xchecked via VT: e98567419d27849e8e7e7a74f64b8cf981e82b2205bbee20f4b9b63f3d83c6bf",
"pattern": "[file:hashes.MD5 = 'f5483977d060485b1e8ad6dbd57416d1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f8b-fad4-4b44-8641-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:03.000Z",
"modified": "2015-09-30T06:22:03.000Z",
"first_observed": "2015-09-30T06:22:03Z",
"last_observed": "2015-09-30T06:22:03Z",
"number_observed": 1,
"object_refs": [
"url--560b7f8b-fad4-4b44-8641-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f8b-fad4-4b44-8641-ecee950d210b",
"value": "https://www.virustotal.com/file/e98567419d27849e8e7e7a74f64b8cf981e82b2205bbee20f4b9b63f3d83c6bf/analysis/1436813271/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8b-fd64-4565-8a19-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:03.000Z",
"modified": "2015-09-30T06:22:03.000Z",
"description": "- Xchecked via VT: 814e455f4bee7cbf103c29a3b6f1a06f7dc3bbe2185f1bf13d29c6e08e33af5c",
"pattern": "[file:hashes.SHA1 = '25b5e9fe28816d5d963eca735974199490b9ccde']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8b-4a84-4dc1-a148-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:03.000Z",
"modified": "2015-09-30T06:22:03.000Z",
"description": "- Xchecked via VT: 814e455f4bee7cbf103c29a3b6f1a06f7dc3bbe2185f1bf13d29c6e08e33af5c",
"pattern": "[file:hashes.MD5 = 'c7d0203df595f256d0ef00fd7aa8d792']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f8c-e854-4495-8062-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:04.000Z",
"modified": "2015-09-30T06:22:04.000Z",
"first_observed": "2015-09-30T06:22:04Z",
"last_observed": "2015-09-30T06:22:04Z",
"number_observed": 1,
"object_refs": [
"url--560b7f8c-e854-4495-8062-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f8c-e854-4495-8062-ecee950d210b",
"value": "https://www.virustotal.com/file/814e455f4bee7cbf103c29a3b6f1a06f7dc3bbe2185f1bf13d29c6e08e33af5c/analysis/1436955455/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8c-0f1c-4ae4-b717-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:04.000Z",
"modified": "2015-09-30T06:22:04.000Z",
"description": "- Xchecked via VT: 53d210e4071f82b4b738bc7b2b1aae5831a37ae4372dfca3f09336838f50fb94",
"pattern": "[file:hashes.SHA1 = 'a94be87fc3134a14425ad2f160fc91720609d88b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8c-e400-4477-afed-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:04.000Z",
"modified": "2015-09-30T06:22:04.000Z",
"description": "- Xchecked via VT: 53d210e4071f82b4b738bc7b2b1aae5831a37ae4372dfca3f09336838f50fb94",
"pattern": "[file:hashes.MD5 = '08e98238a42c604592167b55c3f3751c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f8d-a898-4f2c-8636-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:05.000Z",
"modified": "2015-09-30T06:22:05.000Z",
"first_observed": "2015-09-30T06:22:05Z",
"last_observed": "2015-09-30T06:22:05Z",
"number_observed": 1,
"object_refs": [
"url--560b7f8d-a898-4f2c-8636-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f8d-a898-4f2c-8636-ecee950d210b",
"value": "https://www.virustotal.com/file/53d210e4071f82b4b738bc7b2b1aae5831a37ae4372dfca3f09336838f50fb94/analysis/1436957435/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8d-cd4c-4542-b9c2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:05.000Z",
"modified": "2015-09-30T06:22:05.000Z",
"description": "- Xchecked via VT: 4efbd4bbb28759d9b01d86a85d7d5db40091aa867a242d9598158ef101261062",
"pattern": "[file:hashes.SHA1 = '1868af6b99d0df4674987341ca40c24b51844856']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8d-ce70-44cc-b2f5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:05.000Z",
"modified": "2015-09-30T06:22:05.000Z",
"description": "- Xchecked via VT: 4efbd4bbb28759d9b01d86a85d7d5db40091aa867a242d9598158ef101261062",
"pattern": "[file:hashes.MD5 = 'cbc3c6371af8e9888ced9f02a8d7be57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f8e-b4c4-4038-95ab-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:06.000Z",
"modified": "2015-09-30T06:22:06.000Z",
"first_observed": "2015-09-30T06:22:06Z",
"last_observed": "2015-09-30T06:22:06Z",
"number_observed": 1,
"object_refs": [
"url--560b7f8e-b4c4-4038-95ab-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f8e-b4c4-4038-95ab-ecee950d210b",
"value": "https://www.virustotal.com/file/4efbd4bbb28759d9b01d86a85d7d5db40091aa867a242d9598158ef101261062/analysis/1436959902/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8e-ec40-41af-aa2e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:06.000Z",
"modified": "2015-09-30T06:22:06.000Z",
"description": "- Xchecked via VT: e705642623688a534fa6cf4d63edad3f81886cdc1a3eed0f62fa35a25708b532",
"pattern": "[file:hashes.SHA1 = '6b05626901e651166bec2877eb3563aa588f7ac9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8e-7950-46eb-9d66-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:06.000Z",
"modified": "2015-09-30T06:22:06.000Z",
"description": "- Xchecked via VT: e705642623688a534fa6cf4d63edad3f81886cdc1a3eed0f62fa35a25708b532",
"pattern": "[file:hashes.MD5 = 'c057822dbd02a957a834d468c0739688']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f8f-8a88-4e52-a5dc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:07.000Z",
"modified": "2015-09-30T06:22:07.000Z",
"first_observed": "2015-09-30T06:22:07Z",
"last_observed": "2015-09-30T06:22:07Z",
"number_observed": 1,
"object_refs": [
"url--560b7f8f-8a88-4e52-a5dc-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f8f-8a88-4e52-a5dc-ecee950d210b",
"value": "https://www.virustotal.com/file/e705642623688a534fa6cf4d63edad3f81886cdc1a3eed0f62fa35a25708b532/analysis/1438454425/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8f-5400-44f3-b328-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:07.000Z",
"modified": "2015-09-30T06:22:07.000Z",
"description": "- Xchecked via VT: ffb024edcda51e83bad0579fb069ff39deb9f780a910295a8e84aed12c9a273a",
"pattern": "[file:hashes.SHA1 = '9de323eb997c395f4450b71ddb496724da7f0c8f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f8f-739c-4f97-8009-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:07.000Z",
"modified": "2015-09-30T06:22:07.000Z",
"description": "- Xchecked via VT: ffb024edcda51e83bad0579fb069ff39deb9f780a910295a8e84aed12c9a273a",
"pattern": "[file:hashes.MD5 = 'ef5d32b1aeb869016b5c4e3db0083d1b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f90-d114-466f-81b5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:08.000Z",
"modified": "2015-09-30T06:22:08.000Z",
"first_observed": "2015-09-30T06:22:08Z",
"last_observed": "2015-09-30T06:22:08Z",
"number_observed": 1,
"object_refs": [
"url--560b7f90-d114-466f-81b5-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f90-d114-466f-81b5-ecee950d210b",
"value": "https://www.virustotal.com/file/ffb024edcda51e83bad0579fb069ff39deb9f780a910295a8e84aed12c9a273a/analysis/1438469691/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f90-e71c-4815-981d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:08.000Z",
"modified": "2015-09-30T06:22:08.000Z",
"description": "- Xchecked via VT: f0bd6a4a3728c955bfb74b1e534d298b3faef9e00b688d96022b063d544499e8",
"pattern": "[file:hashes.SHA1 = '0524705a27ff1d0c6aaec269e948cbcc31fa656c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f91-d2b8-46ea-a766-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:09.000Z",
"modified": "2015-09-30T06:22:09.000Z",
"description": "- Xchecked via VT: f0bd6a4a3728c955bfb74b1e534d298b3faef9e00b688d96022b063d544499e8",
"pattern": "[file:hashes.MD5 = '57f3bb0151e57d278d0ace404f3c86d1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f91-c804-46e0-858f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:09.000Z",
"modified": "2015-09-30T06:22:09.000Z",
"first_observed": "2015-09-30T06:22:09Z",
"last_observed": "2015-09-30T06:22:09Z",
"number_observed": 1,
"object_refs": [
"url--560b7f91-c804-46e0-858f-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f91-c804-46e0-858f-ecee950d210b",
"value": "https://www.virustotal.com/file/f0bd6a4a3728c955bfb74b1e534d298b3faef9e00b688d96022b063d544499e8/analysis/1438529435/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f91-7830-4f29-b1bd-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:09.000Z",
"modified": "2015-09-30T06:22:09.000Z",
"description": "- Xchecked via VT: 1dffb5af3c6718f3435ed6ba62e559b905c130c49ba2d2b54e27e1fd8c4730f8",
"pattern": "[file:hashes.SHA1 = '0a70ee13af088a2fdac5d8d001d9d60c147223db']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f92-f66c-4d8e-a056-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:10.000Z",
"modified": "2015-09-30T06:22:10.000Z",
"description": "- Xchecked via VT: 1dffb5af3c6718f3435ed6ba62e559b905c130c49ba2d2b54e27e1fd8c4730f8",
"pattern": "[file:hashes.MD5 = '971cb2f81f39d7f0f2741f1013c6acc7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f92-8a64-478b-9ccf-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:10.000Z",
"modified": "2015-09-30T06:22:10.000Z",
"first_observed": "2015-09-30T06:22:10Z",
"last_observed": "2015-09-30T06:22:10Z",
"number_observed": 1,
"object_refs": [
"url--560b7f92-8a64-478b-9ccf-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f92-8a64-478b-9ccf-ecee950d210b",
"value": "https://www.virustotal.com/file/1dffb5af3c6718f3435ed6ba62e559b905c130c49ba2d2b54e27e1fd8c4730f8/analysis/1439586376/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f92-7b34-410c-8753-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:10.000Z",
"modified": "2015-09-30T06:22:10.000Z",
"description": "- Xchecked via VT: 5954cad1f14520f766d2afaa5b4f117213ea6557c9bbf8bc240d0abe48a21dd3",
"pattern": "[file:hashes.SHA1 = '95cab86b4e7a99fee46c587dbd1fb78b57b3ef35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f93-e4d0-4eaf-bf10-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:11.000Z",
"modified": "2015-09-30T06:22:11.000Z",
"description": "- Xchecked via VT: 5954cad1f14520f766d2afaa5b4f117213ea6557c9bbf8bc240d0abe48a21dd3",
"pattern": "[file:hashes.MD5 = '35bca75155de4d95b150fb068b5cb8ff']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f93-9798-4d04-8501-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:11.000Z",
"modified": "2015-09-30T06:22:11.000Z",
"first_observed": "2015-09-30T06:22:11Z",
"last_observed": "2015-09-30T06:22:11Z",
"number_observed": 1,
"object_refs": [
"url--560b7f93-9798-4d04-8501-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f93-9798-4d04-8501-ecee950d210b",
"value": "https://www.virustotal.com/file/5954cad1f14520f766d2afaa5b4f117213ea6557c9bbf8bc240d0abe48a21dd3/analysis/1385677989/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f93-ca98-4424-b38b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:11.000Z",
"modified": "2015-09-30T06:22:11.000Z",
"description": "- Xchecked via VT: 256d1b1e294d90464a5d9bdbffed7633eac78177ed1fbbf04de0ec1645de8d80",
"pattern": "[file:hashes.SHA1 = 'e79208be283299b2a2b84709591b65dff5e10285']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f94-dd50-4e2f-80b2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:12.000Z",
"modified": "2015-09-30T06:22:12.000Z",
"description": "- Xchecked via VT: 256d1b1e294d90464a5d9bdbffed7633eac78177ed1fbbf04de0ec1645de8d80",
"pattern": "[file:hashes.MD5 = 'a293abd92c328bc4f57e34f16b391892']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f94-0bc4-415e-a0ab-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:12.000Z",
"modified": "2015-09-30T06:22:12.000Z",
"first_observed": "2015-09-30T06:22:12Z",
"last_observed": "2015-09-30T06:22:12Z",
"number_observed": 1,
"object_refs": [
"url--560b7f94-0bc4-415e-a0ab-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f94-0bc4-415e-a0ab-ecee950d210b",
"value": "https://www.virustotal.com/file/256d1b1e294d90464a5d9bdbffed7633eac78177ed1fbbf04de0ec1645de8d80/analysis/1387361022/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f94-c27c-46d1-80f8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:12.000Z",
"modified": "2015-09-30T06:22:12.000Z",
"description": "- Xchecked via VT: 529b84de281aad5c51425fb765cb3ebfa4fcc8668c5b8d2bfa34df54e3311bea",
"pattern": "[file:hashes.SHA1 = '07f81d00d605f60c7872951b1e9fea36e7e38eb6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f95-c024-4de8-82dc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:13.000Z",
"modified": "2015-09-30T06:22:13.000Z",
"description": "- Xchecked via VT: 529b84de281aad5c51425fb765cb3ebfa4fcc8668c5b8d2bfa34df54e3311bea",
"pattern": "[file:hashes.MD5 = '1187e5e1ba7dc7cd3be10725d74d7321']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f95-3cb8-4d6d-9b0b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:13.000Z",
"modified": "2015-09-30T06:22:13.000Z",
"first_observed": "2015-09-30T06:22:13Z",
"last_observed": "2015-09-30T06:22:13Z",
"number_observed": 1,
"object_refs": [
"url--560b7f95-3cb8-4d6d-9b0b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f95-3cb8-4d6d-9b0b-ecee950d210b",
"value": "https://www.virustotal.com/file/529b84de281aad5c51425fb765cb3ebfa4fcc8668c5b8d2bfa34df54e3311bea/analysis/1441851347/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f95-b2a4-4eb7-868b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:13.000Z",
"modified": "2015-09-30T06:22:13.000Z",
"description": "- Xchecked via VT: 04e80d92935a62ea50fddc812af67d653f26b1297ff5aae9e00f0d5989221f16",
"pattern": "[file:hashes.SHA1 = '093d09c7134f218d1bfc69a16c354366ad33858d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f96-b32c-49c2-a634-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:14.000Z",
"modified": "2015-09-30T06:22:14.000Z",
"description": "- Xchecked via VT: 04e80d92935a62ea50fddc812af67d653f26b1297ff5aae9e00f0d5989221f16",
"pattern": "[file:hashes.MD5 = 'fe4c899dec39393f0aaad261dce2aee8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f96-98b8-4b48-aad1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:14.000Z",
"modified": "2015-09-30T06:22:14.000Z",
"first_observed": "2015-09-30T06:22:14Z",
"last_observed": "2015-09-30T06:22:14Z",
"number_observed": 1,
"object_refs": [
"url--560b7f96-98b8-4b48-aad1-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f96-98b8-4b48-aad1-ecee950d210b",
"value": "https://www.virustotal.com/file/04e80d92935a62ea50fddc812af67d653f26b1297ff5aae9e00f0d5989221f16/analysis/1387411264/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f96-4060-41c9-b5a6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:14.000Z",
"modified": "2015-09-30T06:22:14.000Z",
"description": "- Xchecked via VT: 7b256a4feb703ddb71c4e1954b7bdfcf55d5ea98b463a231700585ae9f3ab9fe",
"pattern": "[file:hashes.SHA1 = '2819f1a12f2ff0866020cd14addb168a9ff79453']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f97-6964-48b7-8c0f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:15.000Z",
"modified": "2015-09-30T06:22:15.000Z",
"description": "- Xchecked via VT: 7b256a4feb703ddb71c4e1954b7bdfcf55d5ea98b463a231700585ae9f3ab9fe",
"pattern": "[file:hashes.MD5 = 'c7322a76ebc9ffbd84975666c6391139']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f97-97d0-4388-abc1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:15.000Z",
"modified": "2015-09-30T06:22:15.000Z",
"first_observed": "2015-09-30T06:22:15Z",
"last_observed": "2015-09-30T06:22:15Z",
"number_observed": 1,
"object_refs": [
"url--560b7f97-97d0-4388-abc1-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f97-97d0-4388-abc1-ecee950d210b",
"value": "https://www.virustotal.com/file/7b256a4feb703ddb71c4e1954b7bdfcf55d5ea98b463a231700585ae9f3ab9fe/analysis/1401844321/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f97-d5b0-492e-91b8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:15.000Z",
"modified": "2015-09-30T06:22:15.000Z",
"description": "- Xchecked via VT: e4006855ec7c5385712d59a24a2a436249969b46664b0ed2696eb93a4301b40e",
"pattern": "[file:hashes.SHA1 = '111fbdde3cc68f25e5acc1d7a655a76135c240f3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f98-6d9c-4207-b84e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:16.000Z",
"modified": "2015-09-30T06:22:16.000Z",
"description": "- Xchecked via VT: e4006855ec7c5385712d59a24a2a436249969b46664b0ed2696eb93a4301b40e",
"pattern": "[file:hashes.MD5 = '17b808d9d00b2c38829d156cf9d449c9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f98-8ae0-48dd-a948-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:16.000Z",
"modified": "2015-09-30T06:22:16.000Z",
"first_observed": "2015-09-30T06:22:16Z",
"last_observed": "2015-09-30T06:22:16Z",
"number_observed": 1,
"object_refs": [
"url--560b7f98-8ae0-48dd-a948-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f98-8ae0-48dd-a948-ecee950d210b",
"value": "https://www.virustotal.com/file/e4006855ec7c5385712d59a24a2a436249969b46664b0ed2696eb93a4301b40e/analysis/1428712761/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f99-afc0-4d30-b256-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:16.000Z",
"modified": "2015-09-30T06:22:16.000Z",
"description": "- Xchecked via VT: eaa0b7b635c53c6411017f6a7a6b6134b6748c816648a66cb345c0ad07cc7a5b",
"pattern": "[file:hashes.SHA1 = '695fda027a3140a2865beb12ab8f04d4c80fe662']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f99-33c0-42f4-a43b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:17.000Z",
"modified": "2015-09-30T06:22:17.000Z",
"description": "- Xchecked via VT: eaa0b7b635c53c6411017f6a7a6b6134b6748c816648a66cb345c0ad07cc7a5b",
"pattern": "[file:hashes.MD5 = '5edd4e65079b6e8d54dbda867a4d57a9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f99-f138-4c81-81df-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:17.000Z",
"modified": "2015-09-30T06:22:17.000Z",
"first_observed": "2015-09-30T06:22:17Z",
"last_observed": "2015-09-30T06:22:17Z",
"number_observed": 1,
"object_refs": [
"url--560b7f99-f138-4c81-81df-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f99-f138-4c81-81df-ecee950d210b",
"value": "https://www.virustotal.com/file/eaa0b7b635c53c6411017f6a7a6b6134b6748c816648a66cb345c0ad07cc7a5b/analysis/1401845781/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9a-c6dc-47cd-a167-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:18.000Z",
"modified": "2015-09-30T06:22:18.000Z",
"description": "- Xchecked via VT: f38d79ac3e02753b532a1c9ab25c9fcd943707b33a8535c455b8bf69a83531be",
"pattern": "[file:hashes.SHA1 = '44dfeff15a1cc7263d4768b2456343b01c00b308']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9a-dd60-4382-be5e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:18.000Z",
"modified": "2015-09-30T06:22:18.000Z",
"description": "- Xchecked via VT: f38d79ac3e02753b532a1c9ab25c9fcd943707b33a8535c455b8bf69a83531be",
"pattern": "[file:hashes.MD5 = '44f72e8ec4670404a7a7c3d8ae78c3a8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f9a-bab0-4089-814b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:18.000Z",
"modified": "2015-09-30T06:22:18.000Z",
"first_observed": "2015-09-30T06:22:18Z",
"last_observed": "2015-09-30T06:22:18Z",
"number_observed": 1,
"object_refs": [
"url--560b7f9a-bab0-4089-814b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f9a-bab0-4089-814b-ecee950d210b",
"value": "https://www.virustotal.com/file/f38d79ac3e02753b532a1c9ab25c9fcd943707b33a8535c455b8bf69a83531be/analysis/1391073052/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9b-7380-48a0-b832-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:19.000Z",
"modified": "2015-09-30T06:22:19.000Z",
"description": "- Xchecked via VT: 0a409e6564ecbec9021d8efa46f09430949f1dfe6d2cda9d8d3f69d75b56debc",
"pattern": "[file:hashes.SHA1 = 'fb5b7e3f91ebd781b4f08eadb8d242592932720b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9b-bc60-447f-91a8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:19.000Z",
"modified": "2015-09-30T06:22:19.000Z",
"description": "- Xchecked via VT: 0a409e6564ecbec9021d8efa46f09430949f1dfe6d2cda9d8d3f69d75b56debc",
"pattern": "[file:hashes.MD5 = '67d913c0b11abdb314481feea86d67a5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f9b-56b0-43dc-bb0f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:19.000Z",
"modified": "2015-09-30T06:22:19.000Z",
"first_observed": "2015-09-30T06:22:19Z",
"last_observed": "2015-09-30T06:22:19Z",
"number_observed": 1,
"object_refs": [
"url--560b7f9b-56b0-43dc-bb0f-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f9b-56b0-43dc-bb0f-ecee950d210b",
"value": "https://www.virustotal.com/file/0a409e6564ecbec9021d8efa46f09430949f1dfe6d2cda9d8d3f69d75b56debc/analysis/1397151393/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9c-7b78-4ed2-bc25-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:20.000Z",
"modified": "2015-09-30T06:22:20.000Z",
"description": "- Xchecked via VT: 7b657480bd8566125cbf65835cccc7f50e111b0dd69c7989db55144447cf27a1",
"pattern": "[file:hashes.SHA1 = 'ef78f110b44b05d8e00b12ce280bbcb3e7bb4da3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9c-b020-4db1-b23c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:20.000Z",
"modified": "2015-09-30T06:22:20.000Z",
"description": "- Xchecked via VT: 7b657480bd8566125cbf65835cccc7f50e111b0dd69c7989db55144447cf27a1",
"pattern": "[file:hashes.MD5 = '72f59fba546d6d4ee6222f8bd61fe64a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f9c-daec-424f-b93d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:20.000Z",
"modified": "2015-09-30T06:22:20.000Z",
"first_observed": "2015-09-30T06:22:20Z",
"last_observed": "2015-09-30T06:22:20Z",
"number_observed": 1,
"object_refs": [
"url--560b7f9c-daec-424f-b93d-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f9c-daec-424f-b93d-ecee950d210b",
"value": "https://www.virustotal.com/file/7b657480bd8566125cbf65835cccc7f50e111b0dd69c7989db55144447cf27a1/analysis/1401296706/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9d-6538-4e41-8f75-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:21.000Z",
"modified": "2015-09-30T06:22:21.000Z",
"description": "- Xchecked via VT: c86d599340ae313766e9f90dd2bcbeade0ec5b455625cb4646036a262d94cf00",
"pattern": "[file:hashes.SHA1 = '6dad3635045acd6389da9d4c10f2f8bc9f1c37d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9d-f134-4b53-922b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:21.000Z",
"modified": "2015-09-30T06:22:21.000Z",
"description": "- Xchecked via VT: c86d599340ae313766e9f90dd2bcbeade0ec5b455625cb4646036a262d94cf00",
"pattern": "[file:hashes.MD5 = 'f4628eb539eb60cccb5934294bbc7e07']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f9d-70e8-4f12-8902-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:21.000Z",
"modified": "2015-09-30T06:22:21.000Z",
"first_observed": "2015-09-30T06:22:21Z",
"last_observed": "2015-09-30T06:22:21Z",
"number_observed": 1,
"object_refs": [
"url--560b7f9d-70e8-4f12-8902-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f9d-70e8-4f12-8902-ecee950d210b",
"value": "https://www.virustotal.com/file/c86d599340ae313766e9f90dd2bcbeade0ec5b455625cb4646036a262d94cf00/analysis/1401439384/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9e-3358-41ee-a9e0-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:22.000Z",
"modified": "2015-09-30T06:22:22.000Z",
"description": "- Xchecked via VT: b5943196abbf03e61427a439fcf85b5ae0c12b8144c5a4c07c9f6a20444c9c78",
"pattern": "[file:hashes.SHA1 = '1a758bd710d9e8f623b07ac16a9c308d424dde97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9e-f9a4-406f-950e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:22.000Z",
"modified": "2015-09-30T06:22:22.000Z",
"description": "- Xchecked via VT: b5943196abbf03e61427a439fcf85b5ae0c12b8144c5a4c07c9f6a20444c9c78",
"pattern": "[file:hashes.MD5 = '0d91731f0e69997b12ed2c31a5c7a4d2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f9e-f784-4b30-97f2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:22.000Z",
"modified": "2015-09-30T06:22:22.000Z",
"first_observed": "2015-09-30T06:22:22Z",
"last_observed": "2015-09-30T06:22:22Z",
"number_observed": 1,
"object_refs": [
"url--560b7f9e-f784-4b30-97f2-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f9e-f784-4b30-97f2-ecee950d210b",
"value": "https://www.virustotal.com/file/b5943196abbf03e61427a439fcf85b5ae0c12b8144c5a4c07c9f6a20444c9c78/analysis/1426270406/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9f-cbe4-4bfa-8a59-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:23.000Z",
"modified": "2015-09-30T06:22:23.000Z",
"description": "- Xchecked via VT: b2efb0253290b46c481c3faa86408aea7e0dd0b4e02bde3a7b8c0a2c24838ad8",
"pattern": "[file:hashes.SHA1 = '9e31e2358bafb176aa6bb5633111ededab899c3f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7f9f-a428-4bed-86b9-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:23.000Z",
"modified": "2015-09-30T06:22:23.000Z",
"description": "- Xchecked via VT: b2efb0253290b46c481c3faa86408aea7e0dd0b4e02bde3a7b8c0a2c24838ad8",
"pattern": "[file:hashes.MD5 = '3877f34a65517296e0c79514c4f0b030']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7f9f-167c-437b-bc7d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:23.000Z",
"modified": "2015-09-30T06:22:23.000Z",
"first_observed": "2015-09-30T06:22:23Z",
"last_observed": "2015-09-30T06:22:23Z",
"number_observed": 1,
"object_refs": [
"url--560b7f9f-167c-437b-bc7d-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7f9f-167c-437b-bc7d-ecee950d210b",
"value": "https://www.virustotal.com/file/b2efb0253290b46c481c3faa86408aea7e0dd0b4e02bde3a7b8c0a2c24838ad8/analysis/1426425122/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa0-8588-4d94-bc5f-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:24.000Z",
"modified": "2015-09-30T06:22:24.000Z",
"description": "- Xchecked via VT: 0fc7034d2974777fa87ad733eb5c2e2f9dae45bb19110be10033a7bc24f47dc3",
"pattern": "[file:hashes.SHA1 = '48c2c78dd37f2bdd6b633c80a4fca161a5c9a363']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa0-64b4-421c-a967-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:24.000Z",
"modified": "2015-09-30T06:22:24.000Z",
"description": "- Xchecked via VT: 0fc7034d2974777fa87ad733eb5c2e2f9dae45bb19110be10033a7bc24f47dc3",
"pattern": "[file:hashes.MD5 = 'a87a85d1192cec809b2d2aa16b39868a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa0-2ecc-491f-80a6-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:24.000Z",
"modified": "2015-09-30T06:22:24.000Z",
"first_observed": "2015-09-30T06:22:24Z",
"last_observed": "2015-09-30T06:22:24Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa0-2ecc-491f-80a6-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa0-2ecc-491f-80a6-ecee950d210b",
"value": "https://www.virustotal.com/file/0fc7034d2974777fa87ad733eb5c2e2f9dae45bb19110be10033a7bc24f47dc3/analysis/1414049451/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa1-0e8c-4d1e-a945-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:25.000Z",
"modified": "2015-09-30T06:22:25.000Z",
"description": "- Xchecked via VT: 8e0e0a6fc42bae18cd59a5ab8f7e8444e5cea45fc8032cb3e45a208668f4e397",
"pattern": "[file:hashes.SHA1 = '977e64a44d284d34910ec21270ff377f13022b46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa1-c3ec-4d13-bc7a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:25.000Z",
"modified": "2015-09-30T06:22:25.000Z",
"description": "- Xchecked via VT: 8e0e0a6fc42bae18cd59a5ab8f7e8444e5cea45fc8032cb3e45a208668f4e397",
"pattern": "[file:hashes.MD5 = '4c52379be0db609d919e385e8747dd76']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa2-ad10-4c5e-8d22-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:26.000Z",
"modified": "2015-09-30T06:22:26.000Z",
"first_observed": "2015-09-30T06:22:26Z",
"last_observed": "2015-09-30T06:22:26Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa2-ad10-4c5e-8d22-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa2-ad10-4c5e-8d22-ecee950d210b",
"value": "https://www.virustotal.com/file/8e0e0a6fc42bae18cd59a5ab8f7e8444e5cea45fc8032cb3e45a208668f4e397/analysis/1440118825/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa2-7fa8-4bc5-b1a1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:26.000Z",
"modified": "2015-09-30T06:22:26.000Z",
"description": "- Xchecked via VT: 0b02b38446b4fc57afd1ab12404c371fac5c573be2b2e621b5d932747ee900cc",
"pattern": "[file:hashes.SHA1 = '28b92fe2286519b0975e9cd2d5a81023c1180841']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa2-7d3c-4b8c-bbf2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:26.000Z",
"modified": "2015-09-30T06:22:26.000Z",
"description": "- Xchecked via VT: 0b02b38446b4fc57afd1ab12404c371fac5c573be2b2e621b5d932747ee900cc",
"pattern": "[file:hashes.MD5 = '935d1f2d02b2c07cead90230c7b59caa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa3-9404-486f-b722-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:27.000Z",
"modified": "2015-09-30T06:22:27.000Z",
"first_observed": "2015-09-30T06:22:27Z",
"last_observed": "2015-09-30T06:22:27Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa3-9404-486f-b722-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa3-9404-486f-b722-ecee950d210b",
"value": "https://www.virustotal.com/file/0b02b38446b4fc57afd1ab12404c371fac5c573be2b2e621b5d932747ee900cc/analysis/1411712815/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa3-1830-43c3-a01c-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:27.000Z",
"modified": "2015-09-30T06:22:27.000Z",
"description": "- Xchecked via VT: f351206366b9f263add16413bbdfd035a181d3141ca1e58d2aa5128a594b94c4",
"pattern": "[file:hashes.SHA1 = '70850f795d110a8737b0a901dca088e7ab313645']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa3-8e68-4aba-a462-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:27.000Z",
"modified": "2015-09-30T06:22:27.000Z",
"description": "- Xchecked via VT: f351206366b9f263add16413bbdfd035a181d3141ca1e58d2aa5128a594b94c4",
"pattern": "[file:hashes.MD5 = '246f7df086241bc5516468aaf3a41dcd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa4-b298-4d64-bfa7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:28.000Z",
"modified": "2015-09-30T06:22:28.000Z",
"first_observed": "2015-09-30T06:22:28Z",
"last_observed": "2015-09-30T06:22:28Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa4-b298-4d64-bfa7-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa4-b298-4d64-bfa7-ecee950d210b",
"value": "https://www.virustotal.com/file/f351206366b9f263add16413bbdfd035a181d3141ca1e58d2aa5128a594b94c4/analysis/1426239682/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa4-0e1c-47cf-b029-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:28.000Z",
"modified": "2015-09-30T06:22:28.000Z",
"description": "- Xchecked via VT: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075",
"pattern": "[file:hashes.SHA1 = '646f109012bac000fe1bc58f40d112f77483f22a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa4-3e38-4b64-8f16-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:28.000Z",
"modified": "2015-09-30T06:22:28.000Z",
"description": "- Xchecked via VT: e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075",
"pattern": "[file:hashes.MD5 = '2923b250a3660c034aa7831d5e6d7f3c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa5-e340-481e-925d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:29.000Z",
"modified": "2015-09-30T06:22:29.000Z",
"first_observed": "2015-09-30T06:22:29Z",
"last_observed": "2015-09-30T06:22:29Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa5-e340-481e-925d-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa5-e340-481e-925d-ecee950d210b",
"value": "https://www.virustotal.com/file/e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075/analysis/1443501413/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa5-1f34-49b7-bad4-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:29.000Z",
"modified": "2015-09-30T06:22:29.000Z",
"description": "- Xchecked via VT: 4b3a46074d7d985ba0809039dfcf91031114aef5e3cf28b6dcea00d131eabbf3",
"pattern": "[file:hashes.SHA1 = '54b5c53606f1f9fa73078798b70a391a26116990']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa5-2470-4f02-957d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:29.000Z",
"modified": "2015-09-30T06:22:29.000Z",
"description": "- Xchecked via VT: 4b3a46074d7d985ba0809039dfcf91031114aef5e3cf28b6dcea00d131eabbf3",
"pattern": "[file:hashes.MD5 = 'f07d60d9162861c701804c92e52d9281']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa6-7b74-45e7-8726-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:30.000Z",
"modified": "2015-09-30T06:22:30.000Z",
"first_observed": "2015-09-30T06:22:30Z",
"last_observed": "2015-09-30T06:22:30Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa6-7b74-45e7-8726-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa6-7b74-45e7-8726-ecee950d210b",
"value": "https://www.virustotal.com/file/4b3a46074d7d985ba0809039dfcf91031114aef5e3cf28b6dcea00d131eabbf3/analysis/1411436324/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa6-b7dc-4f10-90e5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:30.000Z",
"modified": "2015-09-30T06:22:30.000Z",
"description": "- Xchecked via VT: 5a1605492e82a5fa325fe97f4e859591dc2cbd9c18bec3ad26c1c2ef09e358b5",
"pattern": "[file:hashes.SHA1 = 'fbe482767e47f04249f813574e865df640651404']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa6-54c8-4d2c-9680-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:30.000Z",
"modified": "2015-09-30T06:22:30.000Z",
"description": "- Xchecked via VT: 5a1605492e82a5fa325fe97f4e859591dc2cbd9c18bec3ad26c1c2ef09e358b5",
"pattern": "[file:hashes.MD5 = 'b5268f079098c47b832df9f87bb34d32']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa7-a52c-459c-ba36-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:31.000Z",
"modified": "2015-09-30T06:22:31.000Z",
"first_observed": "2015-09-30T06:22:31Z",
"last_observed": "2015-09-30T06:22:31Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa7-a52c-459c-ba36-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa7-a52c-459c-ba36-ecee950d210b",
"value": "https://www.virustotal.com/file/5a1605492e82a5fa325fe97f4e859591dc2cbd9c18bec3ad26c1c2ef09e358b5/analysis/1410684606/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa7-1100-4a20-bb98-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:31.000Z",
"modified": "2015-09-30T06:22:31.000Z",
"description": "- Xchecked via VT: 9d6cc6254427c9032fa0aef4f42959c8ed8ea746f236c09ab00b0afa21f11e18",
"pattern": "[file:hashes.SHA1 = '1779624e43ed696ff5df265db6fc5a9b0aa86aef']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa7-dd70-475e-826b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:31.000Z",
"modified": "2015-09-30T06:22:31.000Z",
"description": "- Xchecked via VT: 9d6cc6254427c9032fa0aef4f42959c8ed8ea746f236c09ab00b0afa21f11e18",
"pattern": "[file:hashes.MD5 = '89fd10e8395bf74bf80a5f78731f7103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa8-f444-4db4-849b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:32.000Z",
"modified": "2015-09-30T06:22:32.000Z",
"first_observed": "2015-09-30T06:22:32Z",
"last_observed": "2015-09-30T06:22:32Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa8-f444-4db4-849b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa8-f444-4db4-849b-ecee950d210b",
"value": "https://www.virustotal.com/file/9d6cc6254427c9032fa0aef4f42959c8ed8ea746f236c09ab00b0afa21f11e18/analysis/1410779859/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa8-e398-4daa-94d5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:32.000Z",
"modified": "2015-09-30T06:22:32.000Z",
"description": "- Xchecked via VT: 6484651244da52bb8825d38d7f21aac2a71bb20ccee1c9e93ec5d24ab590fa11",
"pattern": "[file:hashes.SHA1 = '7e9c2ea6ff409b58fa2d6ea2200d4bff2c893204']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa8-c434-4af8-8e36-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:32.000Z",
"modified": "2015-09-30T06:22:32.000Z",
"description": "- Xchecked via VT: 6484651244da52bb8825d38d7f21aac2a71bb20ccee1c9e93ec5d24ab590fa11",
"pattern": "[file:hashes.MD5 = 'b7efe7e5a843326f7152b6ea6fed396c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fa9-b16c-4aa2-a88a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:33.000Z",
"modified": "2015-09-30T06:22:33.000Z",
"first_observed": "2015-09-30T06:22:33Z",
"last_observed": "2015-09-30T06:22:33Z",
"number_observed": 1,
"object_refs": [
"url--560b7fa9-b16c-4aa2-a88a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fa9-b16c-4aa2-a88a-ecee950d210b",
"value": "https://www.virustotal.com/file/6484651244da52bb8825d38d7f21aac2a71bb20ccee1c9e93ec5d24ab590fa11/analysis/1410081689/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa9-17e4-4c31-aaf3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:33.000Z",
"modified": "2015-09-30T06:22:33.000Z",
"description": "- Xchecked via VT: 96f89ae023dccbebf8bfd49962befb97360c5d0ab60ffcc550a312cb6a1d8205",
"pattern": "[file:hashes.SHA1 = '10072987dc0801003c8c5fa007c5b21cefee5602']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fa9-fa2c-443c-b6e8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:33.000Z",
"modified": "2015-09-30T06:22:33.000Z",
"description": "- Xchecked via VT: 96f89ae023dccbebf8bfd49962befb97360c5d0ab60ffcc550a312cb6a1d8205",
"pattern": "[file:hashes.MD5 = 'c1e88cc69f847c5e5f4fb7b3432f651d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7faa-74e8-48da-afe2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:34.000Z",
"modified": "2015-09-30T06:22:34.000Z",
"first_observed": "2015-09-30T06:22:34Z",
"last_observed": "2015-09-30T06:22:34Z",
"number_observed": 1,
"object_refs": [
"url--560b7faa-74e8-48da-afe2-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7faa-74e8-48da-afe2-ecee950d210b",
"value": "https://www.virustotal.com/file/96f89ae023dccbebf8bfd49962befb97360c5d0ab60ffcc550a312cb6a1d8205/analysis/1408708475/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7faa-2e60-4a5e-b751-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:34.000Z",
"modified": "2015-09-30T06:22:34.000Z",
"description": "- Xchecked via VT: 8c2eae88d831541e6bafef1c4557694b1611ce4c4fcf82cd565ff5e8eb60f7ba",
"pattern": "[file:hashes.SHA1 = '236439fe7e754a1013d737aa36aa7812d034e7c6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fab-9788-49f0-9435-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:35.000Z",
"modified": "2015-09-30T06:22:35.000Z",
"description": "- Xchecked via VT: 8c2eae88d831541e6bafef1c4557694b1611ce4c4fcf82cd565ff5e8eb60f7ba",
"pattern": "[file:hashes.MD5 = 'd5ddff7358b5bd8e88ce4c2d1dc45db4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fab-2094-41dd-9cfa-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:35.000Z",
"modified": "2015-09-30T06:22:35.000Z",
"first_observed": "2015-09-30T06:22:35Z",
"last_observed": "2015-09-30T06:22:35Z",
"number_observed": 1,
"object_refs": [
"url--560b7fab-2094-41dd-9cfa-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fab-2094-41dd-9cfa-ecee950d210b",
"value": "https://www.virustotal.com/file/8c2eae88d831541e6bafef1c4557694b1611ce4c4fcf82cd565ff5e8eb60f7ba/analysis/1408886971/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fab-a4ac-4f60-8617-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:35.000Z",
"modified": "2015-09-30T06:22:35.000Z",
"description": "- Xchecked via VT: 2a10aa2626f4afdade579376ff9dbd0c3d59faf3ad049ae2b512e521ecaa4588",
"pattern": "[file:hashes.SHA1 = '36625615fa2ec3329e1ec3769e8b92a739b41772']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fac-0a60-4bcd-ad08-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:36.000Z",
"modified": "2015-09-30T06:22:36.000Z",
"description": "- Xchecked via VT: 2a10aa2626f4afdade579376ff9dbd0c3d59faf3ad049ae2b512e521ecaa4588",
"pattern": "[file:hashes.MD5 = '9a1b4f7a81ea8f677091a5c1c5a905d3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fac-61dc-4732-b88a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:36.000Z",
"modified": "2015-09-30T06:22:36.000Z",
"first_observed": "2015-09-30T06:22:36Z",
"last_observed": "2015-09-30T06:22:36Z",
"number_observed": 1,
"object_refs": [
"url--560b7fac-61dc-4732-b88a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fac-61dc-4732-b88a-ecee950d210b",
"value": "https://www.virustotal.com/file/2a10aa2626f4afdade579376ff9dbd0c3d59faf3ad049ae2b512e521ecaa4588/analysis/1408896611/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fac-9394-4e8c-ad15-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:36.000Z",
"modified": "2015-09-30T06:22:36.000Z",
"description": "- Xchecked via VT: f88711a5dfca2b69cf49a167e5e95de731477e127d3248493b2c218979c64f10",
"pattern": "[file:hashes.SHA1 = '0ed00e558fad9326782a86b27df341c121fd1aab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fad-06d0-45bf-bfef-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:37.000Z",
"modified": "2015-09-30T06:22:37.000Z",
"description": "- Xchecked via VT: f88711a5dfca2b69cf49a167e5e95de731477e127d3248493b2c218979c64f10",
"pattern": "[file:hashes.MD5 = '07bc9829bdd611ddeb319f165d34f367']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fad-bdfc-44af-9cea-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:37.000Z",
"modified": "2015-09-30T06:22:37.000Z",
"first_observed": "2015-09-30T06:22:37Z",
"last_observed": "2015-09-30T06:22:37Z",
"number_observed": 1,
"object_refs": [
"url--560b7fad-bdfc-44af-9cea-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fad-bdfc-44af-9cea-ecee950d210b",
"value": "https://www.virustotal.com/file/f88711a5dfca2b69cf49a167e5e95de731477e127d3248493b2c218979c64f10/analysis/1409549583/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fad-9130-4783-97df-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:37.000Z",
"modified": "2015-09-30T06:22:37.000Z",
"description": "- Xchecked via VT: 5d54ecab41e5fc7a1e3cc22772d3ee7f9f0831238de72b45cca9b4d45f79a952",
"pattern": "[file:hashes.SHA1 = '420a1eb5358c85ee421ec257d2649ebb2cdb2458']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fae-e658-4e1c-b1dc-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:38.000Z",
"modified": "2015-09-30T06:22:38.000Z",
"description": "- Xchecked via VT: 5d54ecab41e5fc7a1e3cc22772d3ee7f9f0831238de72b45cca9b4d45f79a952",
"pattern": "[file:hashes.MD5 = '4f8d32c1638feba13973c17a4db5833e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fae-a360-479a-a8d2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:38.000Z",
"modified": "2015-09-30T06:22:38.000Z",
"first_observed": "2015-09-30T06:22:38Z",
"last_observed": "2015-09-30T06:22:38Z",
"number_observed": 1,
"object_refs": [
"url--560b7fae-a360-479a-a8d2-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fae-a360-479a-a8d2-ecee950d210b",
"value": "https://www.virustotal.com/file/5d54ecab41e5fc7a1e3cc22772d3ee7f9f0831238de72b45cca9b4d45f79a952/analysis/1432084449/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fae-17b0-4ab0-a821-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:38.000Z",
"modified": "2015-09-30T06:22:38.000Z",
"description": "- Xchecked via VT: 9d41cf0ebcca829453644dd63417442640992586234ea3c1b5e212dfa322df58",
"pattern": "[file:hashes.SHA1 = '7e5cd14cfa5c649e4730f7b580c2ef8289c277da']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7faf-246c-4197-9e7b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:39.000Z",
"modified": "2015-09-30T06:22:39.000Z",
"description": "- Xchecked via VT: 9d41cf0ebcca829453644dd63417442640992586234ea3c1b5e212dfa322df58",
"pattern": "[file:hashes.MD5 = '13c54bc45be51937771b407054bfba44']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7faf-d2f4-4393-bd9a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:39.000Z",
"modified": "2015-09-30T06:22:39.000Z",
"first_observed": "2015-09-30T06:22:39Z",
"last_observed": "2015-09-30T06:22:39Z",
"number_observed": 1,
"object_refs": [
"url--560b7faf-d2f4-4393-bd9a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7faf-d2f4-4393-bd9a-ecee950d210b",
"value": "https://www.virustotal.com/file/9d41cf0ebcca829453644dd63417442640992586234ea3c1b5e212dfa322df58/analysis/1410255406/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7faf-9034-477b-8e41-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:39.000Z",
"modified": "2015-09-30T06:22:39.000Z",
"description": "- Xchecked via VT: e77e78a514459c50891334b8cb8199ff04cfb151ffa29260516098d12f1267e1",
"pattern": "[file:hashes.SHA1 = '1fa15a637eeb0901cb9f7d9798bcf8d5eb5035ab']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb0-cf98-4a90-9c85-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:40.000Z",
"modified": "2015-09-30T06:22:40.000Z",
"description": "- Xchecked via VT: e77e78a514459c50891334b8cb8199ff04cfb151ffa29260516098d12f1267e1",
"pattern": "[file:hashes.MD5 = '2bb06185cb28439b61b97a014f8846c1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb0-d574-4c89-bfd2-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:40.000Z",
"modified": "2015-09-30T06:22:40.000Z",
"first_observed": "2015-09-30T06:22:40Z",
"last_observed": "2015-09-30T06:22:40Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb0-d574-4c89-bfd2-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb0-d574-4c89-bfd2-ecee950d210b",
"value": "https://www.virustotal.com/file/e77e78a514459c50891334b8cb8199ff04cfb151ffa29260516098d12f1267e1/analysis/1423310656/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb0-d44c-48fd-a54b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:40.000Z",
"modified": "2015-09-30T06:22:40.000Z",
"description": "- Xchecked via VT: 2ec3a4843a4143dcbc8ab51b9f5d08b9dbb32d1aed09be265d71d443d2039262",
"pattern": "[file:hashes.SHA1 = '1933a01d63b874d429f4abb7036fa7fdc26078fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb1-64d4-498f-8647-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:41.000Z",
"modified": "2015-09-30T06:22:41.000Z",
"description": "- Xchecked via VT: 2ec3a4843a4143dcbc8ab51b9f5d08b9dbb32d1aed09be265d71d443d2039262",
"pattern": "[file:hashes.MD5 = '43e7da802eeddc19e0c6f1df5b6c5368']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb1-2470-48a2-a98a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:41.000Z",
"modified": "2015-09-30T06:22:41.000Z",
"first_observed": "2015-09-30T06:22:41Z",
"last_observed": "2015-09-30T06:22:41Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb1-2470-48a2-a98a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb1-2470-48a2-a98a-ecee950d210b",
"value": "https://www.virustotal.com/file/2ec3a4843a4143dcbc8ab51b9f5d08b9dbb32d1aed09be265d71d443d2039262/analysis/1422876609/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb1-d018-4162-885d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:41.000Z",
"modified": "2015-09-30T06:22:41.000Z",
"description": "- Xchecked via VT: d3818609fdf32437e1c6ff7f28ab1e579df7459209cdc07c43221130a5087e6a",
"pattern": "[file:hashes.SHA1 = '62326d8f715737ff3c90b1e772ec3903f2c786c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb2-2ab4-43b2-abf7-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:42.000Z",
"modified": "2015-09-30T06:22:42.000Z",
"description": "- Xchecked via VT: d3818609fdf32437e1c6ff7f28ab1e579df7459209cdc07c43221130a5087e6a",
"pattern": "[file:hashes.MD5 = 'd4dc7657170f98fda1ac5f2e766dd01b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb2-aee4-4c14-abdf-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:42.000Z",
"modified": "2015-09-30T06:22:42.000Z",
"first_observed": "2015-09-30T06:22:42Z",
"last_observed": "2015-09-30T06:22:42Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb2-aee4-4c14-abdf-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb2-aee4-4c14-abdf-ecee950d210b",
"value": "https://www.virustotal.com/file/d3818609fdf32437e1c6ff7f28ab1e579df7459209cdc07c43221130a5087e6a/analysis/1426848032/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb3-9158-4ec3-824e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:43.000Z",
"modified": "2015-09-30T06:22:43.000Z",
"description": "- Xchecked via VT: e12b45322be430a1355dc4e4f5567cc50b4dbbc48ad2253a9f22c5dc013eaebd",
"pattern": "[file:hashes.SHA1 = '97f5b371099ca66f728721c7d2cf8907bc66b3d6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb3-282c-4381-a917-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:43.000Z",
"modified": "2015-09-30T06:22:43.000Z",
"description": "- Xchecked via VT: e12b45322be430a1355dc4e4f5567cc50b4dbbc48ad2253a9f22c5dc013eaebd",
"pattern": "[file:hashes.MD5 = 'e4c8646278af0456d42b072828dab1d9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb3-6ea0-4ea1-8e86-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:43.000Z",
"modified": "2015-09-30T06:22:43.000Z",
"first_observed": "2015-09-30T06:22:43Z",
"last_observed": "2015-09-30T06:22:43Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb3-6ea0-4ea1-8e86-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb3-6ea0-4ea1-8e86-ecee950d210b",
"value": "https://www.virustotal.com/file/e12b45322be430a1355dc4e4f5567cc50b4dbbc48ad2253a9f22c5dc013eaebd/analysis/1425929876/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb4-e314-407c-9b6e-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:44.000Z",
"modified": "2015-09-30T06:22:44.000Z",
"description": "- Xchecked via VT: 1fd4bc2c7a94c377fabf1b915057e911a4f0e1292ec47aaefc0d196adf582111",
"pattern": "[file:hashes.SHA1 = '61598d8a891ff33530d63cbbf0e36365381ac6a4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb4-25fc-405e-b0ee-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:44.000Z",
"modified": "2015-09-30T06:22:44.000Z",
"description": "- Xchecked via VT: 1fd4bc2c7a94c377fabf1b915057e911a4f0e1292ec47aaefc0d196adf582111",
"pattern": "[file:hashes.MD5 = 'ed4d7fac91928a53ee1b0e4d13a8aef1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb4-324c-481d-85a8-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:44.000Z",
"modified": "2015-09-30T06:22:44.000Z",
"first_observed": "2015-09-30T06:22:44Z",
"last_observed": "2015-09-30T06:22:44Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb4-324c-481d-85a8-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb4-324c-481d-85a8-ecee950d210b",
"value": "https://www.virustotal.com/file/1fd4bc2c7a94c377fabf1b915057e911a4f0e1292ec47aaefc0d196adf582111/analysis/1438501521/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb5-481c-4493-baeb-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:45.000Z",
"modified": "2015-09-30T06:22:45.000Z",
"description": "- Xchecked via VT: d90a53693c2efc4a8442f0bb9aa33a094ce4aac9f536b4b6e247d2f0f7f8943e",
"pattern": "[file:hashes.SHA1 = 'd11fd2c2bb0e6a0d4993e8e33f44a6740de61f39']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb5-e2bc-4739-a38d-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:45.000Z",
"modified": "2015-09-30T06:22:45.000Z",
"description": "- Xchecked via VT: d90a53693c2efc4a8442f0bb9aa33a094ce4aac9f536b4b6e247d2f0f7f8943e",
"pattern": "[file:hashes.MD5 = '084a6f71cd23996c55ceb5a5da512a1a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb5-ec0c-4875-8178-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:45.000Z",
"modified": "2015-09-30T06:22:45.000Z",
"first_observed": "2015-09-30T06:22:45Z",
"last_observed": "2015-09-30T06:22:45Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb5-ec0c-4875-8178-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb5-ec0c-4875-8178-ecee950d210b",
"value": "https://www.virustotal.com/file/d90a53693c2efc4a8442f0bb9aa33a094ce4aac9f536b4b6e247d2f0f7f8943e/analysis/1438571718/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb6-1b08-491a-97f3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:46.000Z",
"modified": "2015-09-30T06:22:46.000Z",
"description": "- Xchecked via VT: 5805998f30d7a5a5ef61140d0b61e86fe2fedf195e75124beefb3c831447d8ed",
"pattern": "[file:hashes.SHA1 = '5b9ff8873d950d18626bb4ef44dd6978a60cfb54']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb6-958c-49d8-84f3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:46.000Z",
"modified": "2015-09-30T06:22:46.000Z",
"description": "- Xchecked via VT: 5805998f30d7a5a5ef61140d0b61e86fe2fedf195e75124beefb3c831447d8ed",
"pattern": "[file:hashes.MD5 = 'dc4a02cc4313c437dc34fedd617eacb9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb6-0ec0-4fb9-a46b-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:46.000Z",
"modified": "2015-09-30T06:22:46.000Z",
"first_observed": "2015-09-30T06:22:46Z",
"last_observed": "2015-09-30T06:22:46Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb6-0ec0-4fb9-a46b-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb6-0ec0-4fb9-a46b-ecee950d210b",
"value": "https://www.virustotal.com/file/5805998f30d7a5a5ef61140d0b61e86fe2fedf195e75124beefb3c831447d8ed/analysis/1440401777/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb7-5ad8-4ebb-94d3-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:47.000Z",
"modified": "2015-09-30T06:22:47.000Z",
"description": "- Xchecked via VT: f478e50328f905318e7e2f95d9cfc5773de074c371d1403d5c95a4d53637b994",
"pattern": "[file:hashes.SHA1 = 'ca4aa889c48890a749aae614f4fb36d68fe5cf31']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb7-c490-4d51-bda5-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:47.000Z",
"modified": "2015-09-30T06:22:47.000Z",
"description": "- Xchecked via VT: f478e50328f905318e7e2f95d9cfc5773de074c371d1403d5c95a4d53637b994",
"pattern": "[file:hashes.MD5 = '92508908ad991fc19e33b00bc482be71']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb7-0b20-46f7-a53a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:47.000Z",
"modified": "2015-09-30T06:22:47.000Z",
"first_observed": "2015-09-30T06:22:47Z",
"last_observed": "2015-09-30T06:22:47Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb7-0b20-46f7-a53a-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb7-0b20-46f7-a53a-ecee950d210b",
"value": "https://www.virustotal.com/file/f478e50328f905318e7e2f95d9cfc5773de074c371d1403d5c95a4d53637b994/analysis/1439824004/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb8-8224-491b-9a1a-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:48.000Z",
"modified": "2015-09-30T06:22:48.000Z",
"description": "- Xchecked via VT: 27989136ce5c5a543a85115f8c360bf12c467ca9f5d24db1b84e7bc22fab1b8c",
"pattern": "[file:hashes.SHA1 = '1684374076d583ad79906dc3fe5307b68979a4c8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--560b7fb8-7cc8-4d95-8ce1-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:48.000Z",
"modified": "2015-09-30T06:22:48.000Z",
"description": "- Xchecked via VT: 27989136ce5c5a543a85115f8c360bf12c467ca9f5d24db1b84e7bc22fab1b8c",
"pattern": "[file:hashes.MD5 = '8fae9e6fb87c1813cf64a037a3b6fe08']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-09-30T06:22:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--560b7fb8-2b5c-4880-b275-ecee950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-09-30T06:22:48.000Z",
"modified": "2015-09-30T06:22:48.000Z",
"first_observed": "2015-09-30T06:22:48Z",
"last_observed": "2015-09-30T06:22:48Z",
"number_observed": 1,
"object_refs": [
"url--560b7fb8-2b5c-4880-b275-ecee950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--560b7fb8-2b5c-4880-b275-ecee950d210b",
"value": "https://www.virustotal.com/file/27989136ce5c5a543a85115f8c360bf12c467ca9f5d24db1b84e7bc22fab1b8c/analysis/1442469296/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink