2812 lines
No EOL
116 KiB
JSON
2812 lines
No EOL
116 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--5614b358-9c54-4b33-96f6-742d950d210b",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T06:00:33.000Z",
|
|
"modified": "2015-10-07T06:00:33.000Z",
|
|
"name": "CthulhuSPRL.be",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--5614b358-9c54-4b33-96f6-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T06:00:33.000Z",
|
|
"modified": "2015-10-07T06:00:33.000Z",
|
|
"name": "OSINT A Fast and Furious Drive-By: Uncovering PTDark Attack Sites by Fortinet",
|
|
"published": "2015-10-07T06:01:42Z",
|
|
"object_refs": [
|
|
"observed-data--5614b372-c588-4858-9d2e-49ff950d210b",
|
|
"url--5614b372-c588-4858-9d2e-49ff950d210b",
|
|
"observed-data--5614b372-4ea4-445f-afd7-4422950d210b",
|
|
"url--5614b372-4ea4-445f-afd7-4422950d210b",
|
|
"indicator--5614b39f-64d8-4b64-b679-039f950d210b",
|
|
"indicator--5614b3a0-9940-40fe-85cc-039f950d210b",
|
|
"indicator--5614b3a0-4aec-4986-b26d-039f950d210b",
|
|
"indicator--5614b3a1-7cfc-4ba9-ba3d-039f950d210b",
|
|
"indicator--5614b3a1-8024-4825-a37f-039f950d210b",
|
|
"indicator--5614b3a1-bf28-461b-a8e7-039f950d210b",
|
|
"indicator--5614b3a2-eb6c-41c7-ae3f-039f950d210b",
|
|
"indicator--5614b3a2-5dd0-4f54-a098-039f950d210b",
|
|
"indicator--5614b3a3-f0b0-46a6-8044-039f950d210b",
|
|
"indicator--5614b3a3-1b74-4c5a-8888-039f950d210b",
|
|
"indicator--5614b3a3-e228-4d49-b26d-039f950d210b",
|
|
"indicator--5614b3a4-8778-43cf-b928-039f950d210b",
|
|
"indicator--5614b3a4-d13c-441d-895f-039f950d210b",
|
|
"indicator--5614b3a4-2e40-4b22-aa1c-039f950d210b",
|
|
"indicator--5614b3c3-83fc-4ed0-a081-742d950d210b",
|
|
"indicator--5614b3c3-83c0-4ab4-8283-742d950d210b",
|
|
"indicator--5614b3c3-6408-44f9-9a30-742d950d210b",
|
|
"x-misp-attribute--5614b3cb-d90c-4cd7-9af0-4c52950d210b",
|
|
"x-misp-attribute--5614b3cb-ddcc-4d97-a750-4442950d210b",
|
|
"x-misp-attribute--5614b3cc-efdc-4e98-b144-4851950d210b",
|
|
"indicator--5614b3e8-3d10-479c-bf40-4090950d210b",
|
|
"indicator--5614b3e9-59e0-489b-87b0-468b950d210b",
|
|
"indicator--5614b3e9-b43c-4af3-b687-4acc950d210b",
|
|
"indicator--5614b3e9-9898-475b-ad31-4f4f950d210b",
|
|
"indicator--5614b3ea-3550-46e7-9d96-4883950d210b",
|
|
"indicator--5614b3ea-6560-4c70-ad4c-4cb1950d210b",
|
|
"indicator--5614b3ea-cac4-4b39-ba05-48d6950d210b",
|
|
"indicator--5614b3eb-6bd8-4917-8638-4e8b950d210b",
|
|
"indicator--5614b3eb-c42c-4a37-8fad-4741950d210b",
|
|
"indicator--5614b3ec-80e4-4400-9f95-45de950d210b",
|
|
"indicator--5614b3ec-12e4-4211-8f98-4b44950d210b",
|
|
"indicator--5614b3ec-cca4-4128-8fe2-4d8d950d210b",
|
|
"indicator--5614b3ed-8c8c-45be-b368-4897950d210b",
|
|
"indicator--5614b3ed-7a34-4bc3-bcff-4d49950d210b",
|
|
"indicator--5614b408-36c8-4d7e-8428-4a82950d210b",
|
|
"indicator--5614b408-8228-4b01-81f9-421e950d210b",
|
|
"indicator--5614b409-0698-4781-bf3d-4f60950d210b",
|
|
"indicator--5614b409-3f50-4d03-9346-4122950d210b",
|
|
"indicator--5614b409-7744-4438-b170-409c950d210b",
|
|
"indicator--5614b40a-9958-4005-a693-4b1a950d210b",
|
|
"indicator--5614b40a-3544-4ac8-9e22-49a1950d210b",
|
|
"indicator--5614b40b-f104-48a6-a526-4f36950d210b",
|
|
"indicator--5614b40b-0f8c-438f-a45a-43cf950d210b",
|
|
"indicator--5614b40b-fdf0-41c0-9ba5-4e79950d210b",
|
|
"indicator--5614b40c-4360-4083-bde8-41da950d210b",
|
|
"indicator--5614b40c-c9cc-468d-a66f-4522950d210b",
|
|
"indicator--5614b40c-01e4-4f9b-a0bd-4413950d210b",
|
|
"indicator--5614b40d-29b0-4211-bd28-4fa8950d210b",
|
|
"indicator--5614b424-5a3c-432f-a4c3-46d9950d210b",
|
|
"indicator--5614b425-3344-44e5-9d5c-45ef950d210b",
|
|
"indicator--5614b425-49f8-402c-9d25-42f7950d210b",
|
|
"indicator--5614b426-9ee0-4551-8475-4d7c950d210b",
|
|
"indicator--5614b427-f2dc-4f70-be42-4e9c950d210b",
|
|
"indicator--5614b427-c6a4-48f6-8819-49c4950d210b",
|
|
"indicator--5614b427-3d18-4176-9380-44ee950d210b",
|
|
"indicator--5614b428-5918-47af-8a40-452f950d210b",
|
|
"indicator--5614b445-7d18-4c54-8a8d-039e950d210b",
|
|
"indicator--5614b446-0824-4007-9818-039e950d210b",
|
|
"indicator--5614b446-7808-4b38-ac99-039e950d210b",
|
|
"indicator--5614b446-2e04-4f09-94ea-039e950d210b",
|
|
"indicator--5614b447-9df8-4be9-8eee-039e950d210b",
|
|
"indicator--5614b447-c670-450d-8928-039e950d210b",
|
|
"indicator--5614b447-a444-4be6-aefd-039e950d210b",
|
|
"indicator--5614b448-f088-4995-bc90-039e950d210b",
|
|
"indicator--5614b448-893c-4e5e-8c1c-039e950d210b",
|
|
"indicator--5614b449-6310-4648-8c7e-039e950d210b",
|
|
"indicator--5614b449-88c4-4048-afaa-039e950d210b",
|
|
"indicator--5614b449-1170-4e16-ae74-039e950d210b",
|
|
"indicator--5614b44a-da80-4d4f-bc72-039e950d210b",
|
|
"indicator--5614b44a-2ed8-4ae5-b68f-039e950d210b",
|
|
"indicator--5614b44a-435c-41df-9bf7-039e950d210b",
|
|
"indicator--5614b44b-1dd0-4ae3-9aa0-039e950d210b",
|
|
"indicator--5614b44b-7f00-44e4-8e4f-039e950d210b",
|
|
"indicator--5614b44c-23a8-45da-a21c-039e950d210b",
|
|
"indicator--5614b44c-9bb0-4053-82da-039e950d210b",
|
|
"indicator--5614b44c-25ec-458c-a38f-039e950d210b",
|
|
"indicator--5614b45f-c34c-4d5c-8592-44ab950d210b",
|
|
"indicator--5614b460-fe5c-4f97-b743-47ed950d210b",
|
|
"indicator--5614b460-3f2c-439f-a98a-44da950d210b",
|
|
"indicator--5614b460-dbd4-42d4-91a8-4e25950d210b",
|
|
"indicator--5614b461-3964-470d-bf46-495e950d210b",
|
|
"indicator--5614b461-cc1c-409b-80d5-48e6950d210b",
|
|
"indicator--5614b462-a2f0-4a58-9765-4edb950d210b",
|
|
"indicator--5614b462-4b38-4418-8b26-430f950d210b",
|
|
"indicator--5614b462-1024-4178-9c08-4595950d210b",
|
|
"indicator--5614b463-6a78-4df1-8436-4f2a950d210b",
|
|
"indicator--5614b476-dc34-4da6-bf61-742d950d210b",
|
|
"indicator--5614b477-fe84-4c03-9e08-742d950d210b",
|
|
"indicator--5614b477-7a44-432c-a364-742d950d210b",
|
|
"indicator--5614b477-946c-40c7-a02b-742d950d210b",
|
|
"indicator--5614b478-5280-4a91-b7b2-742d950d210b",
|
|
"indicator--5614b478-e274-4b54-afbc-742d950d210b",
|
|
"indicator--5614b479-9b74-4b83-8269-742d950d210b",
|
|
"indicator--5614b479-78c4-40a7-9d21-742d950d210b",
|
|
"indicator--5614b479-3528-45b2-b9c5-742d950d210b",
|
|
"indicator--5614b47a-0b50-4ecf-9077-742d950d210b",
|
|
"indicator--5614b47a-c3d0-415c-b5f0-742d950d210b",
|
|
"indicator--5614b47a-dd2c-46b7-94b8-742d950d210b",
|
|
"indicator--5614b47b-0834-4f89-b5b9-742d950d210b",
|
|
"indicator--5614b47b-2954-4681-9bbd-742d950d210b",
|
|
"indicator--5614b47c-dc0c-488e-b86a-742d950d210b",
|
|
"indicator--5614b47c-62a8-463e-94f8-742d950d210b",
|
|
"indicator--5614b47c-0bec-429b-ac6e-742d950d210b",
|
|
"indicator--5614b47d-2878-4966-a8bf-742d950d210b",
|
|
"indicator--5614b47d-f7f4-46e4-b03a-742d950d210b",
|
|
"indicator--5614b47d-c6f0-4b7a-99b7-742d950d210b",
|
|
"indicator--5614b491-46a8-4862-8ccd-4818950d210b",
|
|
"indicator--5614b492-ffcc-4108-a7a9-4f6b950d210b",
|
|
"indicator--5614b492-3b64-4836-b6c3-45d0950d210b",
|
|
"x-misp-attribute--5614b4ed-593c-4e27-a9bd-6aac950d210b"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"type:OSINT"
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5614b372-c588-4858-9d2e-49ff950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:53:54.000Z",
|
|
"modified": "2015-10-07T05:53:54.000Z",
|
|
"first_observed": "2015-10-07T05:53:54Z",
|
|
"last_observed": "2015-10-07T05:53:54Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5614b372-c588-4858-9d2e-49ff950d210b"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5614b372-c588-4858-9d2e-49ff950d210b",
|
|
"value": "http://www.drchaos.com/a-fast-and-furious-drive-by-uncovering-ptdark-attack-sites/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5614b372-4ea4-445f-afd7-4422950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:53:54.000Z",
|
|
"modified": "2015-10-07T05:53:54.000Z",
|
|
"first_observed": "2015-10-07T05:53:54Z",
|
|
"last_observed": "2015-10-07T05:53:54Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5614b372-4ea4-445f-afd7-4422950d210b"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5614b372-4ea4-445f-afd7-4422950d210b",
|
|
"value": "http://www.fortinet.com/sites/default/files/whitepapers/WhitePaper-Drive-By-Campaign.pdf"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b39f-64d8-4b64-b679-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:39.000Z",
|
|
"modified": "2015-10-07T05:54:39.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp88.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a0-9940-40fe-85cc-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:40.000Z",
|
|
"modified": "2015-10-07T05:54:40.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp93.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a0-4aec-4986-b26d-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:40.000Z",
|
|
"modified": "2015-10-07T05:54:40.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp74.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a1-7cfc-4ba9-ba3d-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:41.000Z",
|
|
"modified": "2015-10-07T05:54:41.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp83.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a1-8024-4825-a37f-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:41.000Z",
|
|
"modified": "2015-10-07T05:54:41.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = '98asas.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a1-bf28-461b-a8e7-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:41.000Z",
|
|
"modified": "2015-10-07T05:54:41.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp20.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a2-eb6c-41c7-ae3f-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:42.000Z",
|
|
"modified": "2015-10-07T05:54:42.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp57.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a2-5dd0-4f54-a098-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:42.000Z",
|
|
"modified": "2015-10-07T05:54:42.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp66.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a3-f0b0-46a6-8044-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:43.000Z",
|
|
"modified": "2015-10-07T05:54:43.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp75.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a3-1b74-4c5a-8888-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:43.000Z",
|
|
"modified": "2015-10-07T05:54:43.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp85.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a3-e228-4d49-b26d-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:43.000Z",
|
|
"modified": "2015-10-07T05:54:43.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp95.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a4-8778-43cf-b928-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:44.000Z",
|
|
"modified": "2015-10-07T05:54:44.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp32.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a4-d13c-441d-895f-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:44.000Z",
|
|
"modified": "2015-10-07T05:54:44.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp09.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3a4-2e40-4b22-aa1c-039f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:54:44.000Z",
|
|
"modified": "2015-10-07T05:54:44.000Z",
|
|
"description": "domain associated with qianxxxx1@gmail.com",
|
|
"pattern": "[domain-name:value = 'xpxp69.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:54:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3c3-83fc-4ed0-a081-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:15.000Z",
|
|
"modified": "2015-10-07T05:55:15.000Z",
|
|
"description": "Registrant",
|
|
"pattern": "[email-message:from_ref.value = 'qianxxxx1@gmail.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"email-src\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3c3-83c0-4ab4-8283-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:15.000Z",
|
|
"modified": "2015-10-07T05:55:15.000Z",
|
|
"description": "Registrant",
|
|
"pattern": "[email-message:from_ref.value = 'qianxxxx2@gmail.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"email-src\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3c3-6408-44f9-9a30-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:15.000Z",
|
|
"modified": "2015-10-07T05:55:15.000Z",
|
|
"description": "Registrant",
|
|
"pattern": "[email-message:from_ref.value = 'qianxxxx3@gmail.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"email-src\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5614b3cb-d90c-4cd7-9af0-4c52950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:23.000Z",
|
|
"modified": "2015-10-07T05:55:23.000Z",
|
|
"labels": [
|
|
"misp:type=\"text\"",
|
|
"misp:category=\"Attribution\""
|
|
],
|
|
"x_misp_category": "Attribution",
|
|
"x_misp_type": "text",
|
|
"x_misp_value": "qianxxxx1@gmail.com"
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5614b3cb-ddcc-4d97-a750-4442950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:23.000Z",
|
|
"modified": "2015-10-07T05:55:23.000Z",
|
|
"labels": [
|
|
"misp:type=\"text\"",
|
|
"misp:category=\"Attribution\""
|
|
],
|
|
"x_misp_category": "Attribution",
|
|
"x_misp_type": "text",
|
|
"x_misp_value": "qianxxxx2@gmail.com"
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5614b3cc-efdc-4e98-b144-4851950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:24.000Z",
|
|
"modified": "2015-10-07T05:55:24.000Z",
|
|
"labels": [
|
|
"misp:type=\"text\"",
|
|
"misp:category=\"Attribution\""
|
|
],
|
|
"x_misp_category": "Attribution",
|
|
"x_misp_type": "text",
|
|
"x_misp_value": "qianxxxx3@gmail.com"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3e8-3d10-479c-bf40-4090950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:52.000Z",
|
|
"modified": "2015-10-07T05:55:52.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '77xxee.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3e9-59e0-489b-87b0-468b950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:53.000Z",
|
|
"modified": "2015-10-07T05:55:53.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '55jjkk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3e9-b43c-4af3-b687-4acc950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:53.000Z",
|
|
"modified": "2015-10-07T05:55:53.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '800aaa.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3e9-9898-475b-ad31-4f4f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:53.000Z",
|
|
"modified": "2015-10-07T05:55:53.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '22xcxc.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3ea-3550-46e7-9d96-4883950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:54.000Z",
|
|
"modified": "2015-10-07T05:55:54.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '22vvyy.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3ea-6560-4c70-ad4c-4cb1950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:54.000Z",
|
|
"modified": "2015-10-07T05:55:54.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '22eevv.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3ea-cac4-4b39-ba05-48d6950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:54.000Z",
|
|
"modified": "2015-10-07T05:55:54.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '22kkvv.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3eb-6bd8-4917-8638-4e8b950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:55.000Z",
|
|
"modified": "2015-10-07T05:55:55.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '22xxdd.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3eb-c42c-4a37-8fad-4741950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:55.000Z",
|
|
"modified": "2015-10-07T05:55:55.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '22vvxx.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3ec-80e4-4400-9f95-45de950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:56.000Z",
|
|
"modified": "2015-10-07T05:55:56.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '66kkjj.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3ec-12e4-4211-8f98-4b44950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:56.000Z",
|
|
"modified": "2015-10-07T05:55:56.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '88zxzx.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3ec-cca4-4128-8fe2-4d8d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:56.000Z",
|
|
"modified": "2015-10-07T05:55:56.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '11eevv.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3ed-8c8c-45be-b368-4897950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:57.000Z",
|
|
"modified": "2015-10-07T05:55:57.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '55zxzx.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b3ed-7a34-4bc3-bcff-4d49950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:55:57.000Z",
|
|
"modified": "2015-10-07T05:55:57.000Z",
|
|
"description": "Domain associated with qianxxxx2@gmail.com",
|
|
"pattern": "[domain-name:value = '55vvxx.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:55:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b408-36c8-4d7e-8428-4a82950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:24.000Z",
|
|
"modified": "2015-10-07T05:56:24.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '80wbw.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b408-8228-4b01-81f9-421e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:24.000Z",
|
|
"modified": "2015-10-07T05:56:24.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '70wbw.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b409-0698-4781-bf3d-4f60950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:25.000Z",
|
|
"modified": "2015-10-07T05:56:25.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '800qaz.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b409-3f50-4d03-9346-4122950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:25.000Z",
|
|
"modified": "2015-10-07T05:56:25.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '789kxk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b409-7744-4438-b170-409c950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:25.000Z",
|
|
"modified": "2015-10-07T05:56:25.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '30wbw.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40a-9958-4005-a693-4b1a950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:26.000Z",
|
|
"modified": "2015-10-07T05:56:26.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '22qaz.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40a-3544-4ac8-9e22-49a1950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:26.000Z",
|
|
"modified": "2015-10-07T05:56:26.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '88kjk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40b-f104-48a6-a526-4f36950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:27.000Z",
|
|
"modified": "2015-10-07T05:56:27.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '800wbw.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40b-0f8c-438f-a45a-43cf950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:27.000Z",
|
|
"modified": "2015-10-07T05:56:27.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '400kjk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40b-fdf0-41c0-9ba5-4e79950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:27.000Z",
|
|
"modified": "2015-10-07T05:56:27.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '300wbw.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40c-4360-4083-bde8-41da950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:28.000Z",
|
|
"modified": "2015-10-07T05:56:28.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '789xmx.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40c-c9cc-468d-a66f-4522950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:28.000Z",
|
|
"modified": "2015-10-07T05:56:28.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '70kxk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40c-01e4-4f9b-a0bd-4413950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:28.000Z",
|
|
"modified": "2015-10-07T05:56:28.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '222kxk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b40d-29b0-4211-bd28-4fa8950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:29.000Z",
|
|
"modified": "2015-10-07T05:56:29.000Z",
|
|
"description": "Domain associated with qianxxxx3@gmail.com",
|
|
"pattern": "[domain-name:value = '789kjk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b424-5a3c-432f-a4c3-46d9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:52.000Z",
|
|
"modified": "2015-10-07T05:56:52.000Z",
|
|
"description": "Domain associated with LIU YUMING",
|
|
"pattern": "[domain-name:value = 'xpxp64.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b425-3344-44e5-9d5c-45ef950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:53.000Z",
|
|
"modified": "2015-10-07T05:56:53.000Z",
|
|
"description": "Domain associated with LIU YUMING",
|
|
"pattern": "[domain-name:value = '23asas.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b425-49f8-402c-9d25-42f7950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:53.000Z",
|
|
"modified": "2015-10-07T05:56:53.000Z",
|
|
"description": "Domain associated with LIU YUMING",
|
|
"pattern": "[domain-name:value = '24asas.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b426-9ee0-4551-8475-4d7c950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:54.000Z",
|
|
"modified": "2015-10-07T05:56:54.000Z",
|
|
"description": "Domain associated with LIU YUMING",
|
|
"pattern": "[domain-name:value = '200kxk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b427-f2dc-4f70-be42-4e9c950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:55.000Z",
|
|
"modified": "2015-10-07T05:56:55.000Z",
|
|
"description": "Domain associated with LIU YUMING",
|
|
"pattern": "[domain-name:value = 'xpxp33.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b427-c6a4-48f6-8819-49c4950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:55.000Z",
|
|
"modified": "2015-10-07T05:56:55.000Z",
|
|
"description": "Domain associated with LIU YUMING",
|
|
"pattern": "[domain-name:value = '65asas.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b427-3d18-4176-9380-44ee950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:55.000Z",
|
|
"modified": "2015-10-07T05:56:55.000Z",
|
|
"description": "Domain associated with LIU YUMING",
|
|
"pattern": "[domain-name:value = '789xkx.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b428-5918-47af-8a40-452f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:56:56.000Z",
|
|
"modified": "2015-10-07T05:56:56.000Z",
|
|
"description": "Domain associated with LIU YUMING",
|
|
"pattern": "[domain-name:value = '71asas.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:56:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b445-7d18-4c54-8a8d-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:25.000Z",
|
|
"modified": "2015-10-07T05:57:25.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b446-0824-4007-9818-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:26.000Z",
|
|
"modified": "2015-10-07T05:57:26.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.49']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b446-7808-4b38-ac99-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:26.000Z",
|
|
"modified": "2015-10-07T05:57:26.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.57']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b446-2e04-4f09-94ea-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:26.000Z",
|
|
"modified": "2015-10-07T05:57:26.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.56']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b447-9df8-4be9-8eee-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:27.000Z",
|
|
"modified": "2015-10-07T05:57:27.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.47']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b447-c670-450d-8928-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:27.000Z",
|
|
"modified": "2015-10-07T05:57:27.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.59']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b447-a444-4be6-aefd-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:27.000Z",
|
|
"modified": "2015-10-07T05:57:27.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b448-f088-4995-bc90-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:28.000Z",
|
|
"modified": "2015-10-07T05:57:28.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b448-893c-4e5e-8c1c-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:28.000Z",
|
|
"modified": "2015-10-07T05:57:28.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b449-6310-4648-8c7e-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:29.000Z",
|
|
"modified": "2015-10-07T05:57:29.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.51']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b449-88c4-4048-afaa-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:29.000Z",
|
|
"modified": "2015-10-07T05:57:29.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.35']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b449-1170-4e16-ae74-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:29.000Z",
|
|
"modified": "2015-10-07T05:57:29.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b44a-da80-4d4f-bc72-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:30.000Z",
|
|
"modified": "2015-10-07T05:57:30.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.38']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b44a-2ed8-4ae5-b68f-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:30.000Z",
|
|
"modified": "2015-10-07T05:57:30.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.45']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b44a-435c-41df-9bf7-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:30.000Z",
|
|
"modified": "2015-10-07T05:57:30.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.48']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b44b-1dd0-4ae3-9aa0-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:31.000Z",
|
|
"modified": "2015-10-07T05:57:31.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.53']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b44b-7f00-44e4-8e4f-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:31.000Z",
|
|
"modified": "2015-10-07T05:57:31.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b44c-23a8-45da-a21c-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:31.000Z",
|
|
"modified": "2015-10-07T05:57:31.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b44c-9bb0-4053-82da-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:32.000Z",
|
|
"modified": "2015-10-07T05:57:32.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.41']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b44c-25ec-458c-a38f-039e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:32.000Z",
|
|
"modified": "2015-10-07T05:57:32.000Z",
|
|
"description": "Associated with qianxxxx1@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.36']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b45f-c34c-4d5c-8592-44ab950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:51.000Z",
|
|
"modified": "2015-10-07T05:57:51.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.136']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b460-fe5c-4f97-b743-47ed950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:52.000Z",
|
|
"modified": "2015-10-07T05:57:52.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.130']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b460-3f2c-439f-a98a-44da950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:52.000Z",
|
|
"modified": "2015-10-07T05:57:52.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.157']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b460-dbd4-42d4-91a8-4e25950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:52.000Z",
|
|
"modified": "2015-10-07T05:57:52.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.151']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b461-3964-470d-bf46-495e950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:53.000Z",
|
|
"modified": "2015-10-07T05:57:53.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.131']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b461-cc1c-409b-80d5-48e6950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:53.000Z",
|
|
"modified": "2015-10-07T05:57:53.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.132']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b462-a2f0-4a58-9765-4edb950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:54.000Z",
|
|
"modified": "2015-10-07T05:57:54.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.138']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b462-4b38-4418-8b26-430f950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:54.000Z",
|
|
"modified": "2015-10-07T05:57:54.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.133']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b462-1024-4178-9c08-4595950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:54.000Z",
|
|
"modified": "2015-10-07T05:57:54.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.153']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b463-6a78-4df1-8436-4f2a950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:57:55.000Z",
|
|
"modified": "2015-10-07T05:57:55.000Z",
|
|
"description": "Associated with qianxxxx2@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.215.143']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:57:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b476-dc34-4da6-bf61-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:14.000Z",
|
|
"modified": "2015-10-07T05:58:14.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.148']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b477-fe84-4c03-9e08-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:15.000Z",
|
|
"modified": "2015-10-07T05:58:15.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.133']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b477-7a44-432c-a364-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:15.000Z",
|
|
"modified": "2015-10-07T05:58:15.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.157']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b477-946c-40c7-a02b-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:15.000Z",
|
|
"modified": "2015-10-07T05:58:15.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.144']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b478-5280-4a91-b7b2-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:16.000Z",
|
|
"modified": "2015-10-07T05:58:16.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.146']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b478-e274-4b54-afbc-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:16.000Z",
|
|
"modified": "2015-10-07T05:58:16.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.141']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b479-9b74-4b83-8269-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:17.000Z",
|
|
"modified": "2015-10-07T05:58:17.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.153']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b479-78c4-40a7-9d21-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:17.000Z",
|
|
"modified": "2015-10-07T05:58:17.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.142']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b479-3528-45b2-b9c5-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:17.000Z",
|
|
"modified": "2015-10-07T05:58:17.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.130']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47a-0b50-4ecf-9077-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:18.000Z",
|
|
"modified": "2015-10-07T05:58:18.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.156']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47a-c3d0-415c-b5f0-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:18.000Z",
|
|
"modified": "2015-10-07T05:58:18.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.138']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47a-dd2c-46b7-94b8-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:18.000Z",
|
|
"modified": "2015-10-07T05:58:18.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.154']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47b-0834-4f89-b5b9-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:19.000Z",
|
|
"modified": "2015-10-07T05:58:19.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.151']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47b-2954-4681-9bbd-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:19.000Z",
|
|
"modified": "2015-10-07T05:58:19.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.134']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47c-dc0c-488e-b86a-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:20.000Z",
|
|
"modified": "2015-10-07T05:58:20.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.145']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47c-62a8-463e-94f8-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:20.000Z",
|
|
"modified": "2015-10-07T05:58:20.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.137']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47c-0bec-429b-ac6e-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:20.000Z",
|
|
"modified": "2015-10-07T05:58:20.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.150']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47d-2878-4966-a8bf-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:21.000Z",
|
|
"modified": "2015-10-07T05:58:21.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.152']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47d-f7f4-46e4-b03a-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:21.000Z",
|
|
"modified": "2015-10-07T05:58:21.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.147']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b47d-c6f0-4b7a-99b7-742d950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:21.000Z",
|
|
"modified": "2015-10-07T05:58:21.000Z",
|
|
"description": "Associated with qianxxxx3@gmail.com",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.143']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b491-46a8-4862-8ccd-4818950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:41.000Z",
|
|
"modified": "2015-10-07T05:58:41.000Z",
|
|
"description": "Associated with LIU YUMING",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.55']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b492-ffcc-4108-a7a9-4f6b950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:42.000Z",
|
|
"modified": "2015-10-07T05:58:42.000Z",
|
|
"description": "Associated with LIU YUMING",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.209.61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5614b492-3b64-4836-b6c3-45d0950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T05:58:42.000Z",
|
|
"modified": "2015-10-07T05:58:42.000Z",
|
|
"description": "Associated with LIU YUMING",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.2.212.131']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-10-07T05:58:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5614b4ed-593c-4e27-a9bd-6aac950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-10-07T06:00:33.000Z",
|
|
"modified": "2015-10-07T06:00:33.000Z",
|
|
"labels": [
|
|
"misp:type=\"comment\"",
|
|
"misp:category=\"Network activity\""
|
|
],
|
|
"x_misp_category": "Network activity",
|
|
"x_misp_type": "comment",
|
|
"x_misp_value": "NetBlocks with high levels of suspicious activity\r\nPT-82-4 (NET-142-4-96-0-1) 142.4.96.0 - 142.4.127.255\r\nPT-82V601 (NET6-2605-7280-1) 2605:7280:: -\r\n2605:7280:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF\r\nPT-82-8 (NET-137-175-0-0-1) 137.175.0.0 - 137.175.127.255\r\nPT-82-2 (NET-199-180-100-0-1) 199.180.100.0 - 199.180.103.255\r\nPT-82-1 (NET-199-188-104-0-1) 199.188.104.0 - 199.188.111.255\r\nPT-82-3 (NET-142-0-128-0-1) 142.0.128.0 - 142.0.143.255\r\nPT-82-5 (NET-192-74-224-0-1) 192.74.224.0 - 192.74.255.255\r\nPT-82-6 (NET-198-200-32-0-1) 198.200.32.0 - 198.200.63.255"
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |