47127 lines
No EOL
1.9 MiB
47127 lines
No EOL
1.9 MiB
{
|
|
"type": "bundle",
|
|
"id": "bundle--563a0656-bfa0-4e80-90df-a033950d210b",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:20.000Z",
|
|
"modified": "2015-12-22T14:01:20.000Z",
|
|
"name": "CthulhuSPRL.be",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--563a0656-bfa0-4e80-90df-a033950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:20.000Z",
|
|
"modified": "2015-12-22T14:01:20.000Z",
|
|
"name": "OSINT Fidelis Threat Advisory #1019 Ratcheting Down on JSocket: A PC and Android Threat by Fidelis Cybersecurity",
|
|
"published": "2015-11-04T13:30:50Z",
|
|
"object_refs": [
|
|
"observed-data--563a066f-5174-427c-a187-c7ff950d210b",
|
|
"url--563a066f-5174-427c-a187-c7ff950d210b",
|
|
"observed-data--563a066f-a008-4c1a-aa7d-c7ff950d210b",
|
|
"url--563a066f-a008-4c1a-aa7d-c7ff950d210b",
|
|
"indicator--563a0729-c730-48c1-8964-a0c9950d210b",
|
|
"indicator--563a0729-33e4-46ef-9f8a-a0c9950d210b",
|
|
"indicator--563a072a-6658-4e10-ad19-a0c9950d210b",
|
|
"indicator--563a072a-4ce8-423b-8ec0-a0c9950d210b",
|
|
"indicator--563a072b-a0b4-4b64-8add-a0c9950d210b",
|
|
"indicator--563a072b-3810-4af0-81ac-a0c9950d210b",
|
|
"indicator--563a072c-4c2c-48ff-854d-a0c9950d210b",
|
|
"indicator--563a072c-a970-4196-bef4-a0c9950d210b",
|
|
"indicator--563a072d-7a20-4405-a52d-a0c9950d210b",
|
|
"indicator--563a072d-dba0-4298-a59d-a0c9950d210b",
|
|
"indicator--563a072e-6820-4d4c-b37b-a0c9950d210b",
|
|
"indicator--563a072e-1030-4cd8-aa35-a0c9950d210b",
|
|
"indicator--563a072f-d01c-4849-8408-a0c9950d210b",
|
|
"indicator--563a072f-8cf4-48ca-922d-a0c9950d210b",
|
|
"indicator--563a0730-a2ac-4f76-9192-a0c9950d210b",
|
|
"indicator--563a0730-e1f0-4f63-a701-a0c9950d210b",
|
|
"indicator--563a0731-f004-4ebb-a99e-a0c9950d210b",
|
|
"indicator--563a0731-fb08-42a1-b582-a0c9950d210b",
|
|
"indicator--563a0732-d9ec-4cb9-8dbf-a0c9950d210b",
|
|
"indicator--563a0732-3e28-4a83-bed7-a0c9950d210b",
|
|
"indicator--563a0733-7378-4f3f-932b-a0c9950d210b",
|
|
"indicator--563a0733-fb38-41c8-91aa-a0c9950d210b",
|
|
"indicator--563a0733-7bd4-4f64-9b8f-a0c9950d210b",
|
|
"indicator--563a0734-2110-4de6-8eda-a0c9950d210b",
|
|
"indicator--563a0734-54a8-464f-8583-a0c9950d210b",
|
|
"indicator--563a0735-c4f0-461e-9f00-a0c9950d210b",
|
|
"indicator--563a0735-d4cc-49ef-8e2d-a0c9950d210b",
|
|
"indicator--563a0736-3cf8-40b7-a0ab-a0c9950d210b",
|
|
"indicator--563a0736-6990-48c0-bf38-a0c9950d210b",
|
|
"indicator--563a0737-f408-46ff-b997-a0c9950d210b",
|
|
"indicator--563a0737-2860-45e0-b5da-a0c9950d210b",
|
|
"indicator--563a0738-6250-4c7d-8ca9-a0c9950d210b",
|
|
"indicator--563a0738-9ebc-43a0-acc1-a0c9950d210b",
|
|
"indicator--563a0738-cdd0-4e64-b44a-a0c9950d210b",
|
|
"indicator--563a0739-6a48-46fe-ab1c-a0c9950d210b",
|
|
"indicator--563a0739-4968-4bbf-a4d4-a0c9950d210b",
|
|
"indicator--563a073a-dcec-45ea-a058-a0c9950d210b",
|
|
"indicator--563a073a-0814-44f8-b1f9-a0c9950d210b",
|
|
"indicator--563a073a-5698-4da7-ab35-a0c9950d210b",
|
|
"indicator--563a073b-0d48-4d7d-80be-a0c9950d210b",
|
|
"indicator--563a073b-385c-4a49-bb41-a0c9950d210b",
|
|
"indicator--563a073c-6294-48d1-b8cf-a0c9950d210b",
|
|
"indicator--563a073c-d02c-46c0-823f-a0c9950d210b",
|
|
"indicator--563a073c-b9fc-4e8f-b943-a0c9950d210b",
|
|
"indicator--563a073d-e340-40c4-a955-a0c9950d210b",
|
|
"indicator--563a073d-c940-4b05-864f-a0c9950d210b",
|
|
"indicator--563a073e-89ac-470b-aaa8-a0c9950d210b",
|
|
"indicator--563a073e-204c-46af-9dc5-a0c9950d210b",
|
|
"indicator--563a073e-a8bc-4aef-ac2f-a0c9950d210b",
|
|
"indicator--563a073f-feb0-4785-9d27-a0c9950d210b",
|
|
"indicator--563a073f-e6a4-429b-8da8-a0c9950d210b",
|
|
"indicator--563a0740-19e0-45d2-b7ce-a0c9950d210b",
|
|
"indicator--563a0740-5634-457e-9576-a0c9950d210b",
|
|
"indicator--563a0740-d19c-4512-8c7d-a0c9950d210b",
|
|
"indicator--563a0741-6778-4584-8335-a0c9950d210b",
|
|
"indicator--563a0741-2e14-4e91-b3ff-a0c9950d210b",
|
|
"indicator--563a0742-584c-4090-becb-a0c9950d210b",
|
|
"indicator--563a0742-af84-4cab-9627-a0c9950d210b",
|
|
"indicator--563a0742-4ba0-4585-a073-a0c9950d210b",
|
|
"indicator--563a0743-7ca4-4c7e-beb0-a0c9950d210b",
|
|
"indicator--563a0743-86c0-4a79-b1d1-a0c9950d210b",
|
|
"indicator--563a0744-dd2c-4741-a15b-a0c9950d210b",
|
|
"indicator--563a0744-0970-46b3-8feb-a0c9950d210b",
|
|
"indicator--563a0744-7a5c-4c47-88f1-a0c9950d210b",
|
|
"indicator--563a0745-c2d8-40ae-89f8-a0c9950d210b",
|
|
"indicator--563a0745-920c-4a68-b203-a0c9950d210b",
|
|
"indicator--563a0745-8cf0-4517-92fa-a0c9950d210b",
|
|
"indicator--563a0746-27ec-4611-af79-a0c9950d210b",
|
|
"indicator--563a0746-2a68-4a1f-92cb-a0c9950d210b",
|
|
"indicator--563a0747-3edc-443b-892c-a0c9950d210b",
|
|
"indicator--563a0747-4cc0-4b9a-afa4-a0c9950d210b",
|
|
"indicator--563a0748-b73c-46da-98a6-a0c9950d210b",
|
|
"indicator--563a0748-0dc8-4eb0-bf29-a0c9950d210b",
|
|
"indicator--563a0748-a8f0-47d4-83f4-a0c9950d210b",
|
|
"indicator--563a0749-0f90-4d40-bc93-a0c9950d210b",
|
|
"indicator--563a0749-5108-4366-9719-a0c9950d210b",
|
|
"indicator--563a074a-e0f0-4d89-8833-a0c9950d210b",
|
|
"indicator--563a074a-a37c-4dc9-b9ef-a0c9950d210b",
|
|
"indicator--563a074a-7010-4067-b8a2-a0c9950d210b",
|
|
"indicator--563a074b-85e4-4e8a-aed5-a0c9950d210b",
|
|
"indicator--563a074b-de6c-46aa-bb8a-a0c9950d210b",
|
|
"indicator--563a074c-2bc4-48fa-91dc-a0c9950d210b",
|
|
"indicator--563a074c-71c4-48a2-bc10-a0c9950d210b",
|
|
"indicator--563a074c-f91c-43b0-9a3e-a0c9950d210b",
|
|
"indicator--563a074d-ee90-4fa3-98ec-a0c9950d210b",
|
|
"indicator--563a074d-e560-4b20-8e20-a0c9950d210b",
|
|
"indicator--563a074e-af9c-4be3-bbfa-a0c9950d210b",
|
|
"indicator--563a074e-f7b4-48c3-b50b-a0c9950d210b",
|
|
"indicator--563a074e-0a48-4dc2-a1be-a0c9950d210b",
|
|
"indicator--563a074f-bad0-4925-b2bb-a0c9950d210b",
|
|
"indicator--563a074f-6d84-4bdb-bc53-a0c9950d210b",
|
|
"indicator--563a0750-a524-4e53-9e83-a0c9950d210b",
|
|
"indicator--563a0750-edf4-40c6-b0fc-a0c9950d210b",
|
|
"indicator--563a0750-d138-467e-b4e4-a0c9950d210b",
|
|
"indicator--563a0751-f624-4903-9845-a0c9950d210b",
|
|
"indicator--563a0751-f318-496f-8f35-a0c9950d210b",
|
|
"indicator--563a0751-6a98-40e3-b030-a0c9950d210b",
|
|
"indicator--563a0752-b39c-4a53-8359-a0c9950d210b",
|
|
"indicator--563a0752-7444-43b1-9864-a0c9950d210b",
|
|
"indicator--563a0753-a3a4-459a-af69-a0c9950d210b",
|
|
"indicator--563a0753-1a40-4270-92e8-a0c9950d210b",
|
|
"indicator--563a0754-0f34-44b3-89d9-a0c9950d210b",
|
|
"indicator--563a0754-9e58-48b2-b4dc-a0c9950d210b",
|
|
"indicator--563a0754-2b5c-4d61-a4dc-a0c9950d210b",
|
|
"indicator--563a0755-c504-4dfd-b5e2-a0c9950d210b",
|
|
"indicator--563a0755-fe84-4e2c-85c8-a0c9950d210b",
|
|
"indicator--563a0755-d03c-481f-8ed0-a0c9950d210b",
|
|
"indicator--563a0756-cce0-4de2-a973-a0c9950d210b",
|
|
"indicator--563a0756-5834-461e-b10e-a0c9950d210b",
|
|
"indicator--563a0757-6738-4eb5-bd11-a0c9950d210b",
|
|
"indicator--563a0757-df9c-4427-8048-a0c9950d210b",
|
|
"indicator--563a0757-f720-4a42-b7da-a0c9950d210b",
|
|
"indicator--563a0758-4acc-44c2-adc0-a0c9950d210b",
|
|
"indicator--563a0758-4a6c-4fdf-b0ec-a0c9950d210b",
|
|
"indicator--563a0759-1818-4f4c-98c7-a0c9950d210b",
|
|
"indicator--563a0759-c4f8-400a-8e57-a0c9950d210b",
|
|
"indicator--563a0759-7174-4583-8f36-a0c9950d210b",
|
|
"indicator--563a075a-dc98-4037-b2cf-a0c9950d210b",
|
|
"indicator--563a075a-820c-4d9c-9c75-a0c9950d210b",
|
|
"indicator--563a075b-461c-4121-abf7-a0c9950d210b",
|
|
"indicator--563a075b-221c-463e-aabc-a0c9950d210b",
|
|
"indicator--563a075b-79cc-43f4-8796-a0c9950d210b",
|
|
"indicator--563a075c-a270-4161-9e78-a0c9950d210b",
|
|
"indicator--563a075c-a918-44bb-9a12-a0c9950d210b",
|
|
"indicator--563a075d-5690-4147-b001-a0c9950d210b",
|
|
"indicator--563a075d-2a14-4565-b3c9-a0c9950d210b",
|
|
"indicator--563a075d-9960-4575-8768-a0c9950d210b",
|
|
"indicator--563a075e-ba94-4600-a05f-a0c9950d210b",
|
|
"indicator--563a075e-f370-4601-bfd0-a0c9950d210b",
|
|
"indicator--563a075f-2958-4513-92c4-a0c9950d210b",
|
|
"indicator--563a075f-415c-4d5e-b02c-a0c9950d210b",
|
|
"indicator--563a075f-3ce4-4bc7-9b23-a0c9950d210b",
|
|
"indicator--563a0760-bd00-4af1-9897-a0c9950d210b",
|
|
"indicator--563a0760-0f78-4604-a808-a0c9950d210b",
|
|
"indicator--563a0761-9844-4114-9c81-a0c9950d210b",
|
|
"indicator--563a0761-0ae8-4257-a1e3-a0c9950d210b",
|
|
"indicator--563a0761-9f20-47b4-98a3-a0c9950d210b",
|
|
"indicator--563a0762-da20-485a-adcf-a0c9950d210b",
|
|
"indicator--563a0762-6940-4369-96af-a0c9950d210b",
|
|
"indicator--563a0762-5e84-4cd0-b02e-a0c9950d210b",
|
|
"indicator--563a0763-3a8c-46e1-a0b8-a0c9950d210b",
|
|
"indicator--563a0763-551c-486f-b1fc-a0c9950d210b",
|
|
"indicator--563a0764-8070-427d-8d2f-a0c9950d210b",
|
|
"indicator--563a0764-a23c-47e1-a3b7-a0c9950d210b",
|
|
"indicator--563a0764-0e58-47e5-afae-a0c9950d210b",
|
|
"indicator--563a0765-228c-47ff-9cd9-a0c9950d210b",
|
|
"indicator--563a0765-67d4-49ff-bc92-a0c9950d210b",
|
|
"indicator--563a0766-4718-4953-8f2d-a0c9950d210b",
|
|
"indicator--563a0766-f868-4169-bd2c-a0c9950d210b",
|
|
"indicator--563a0766-6898-44b3-ba0b-a0c9950d210b",
|
|
"indicator--563a0767-e978-479b-9e87-a0c9950d210b",
|
|
"indicator--563a0767-ba34-43d6-8dda-a0c9950d210b",
|
|
"indicator--563a0768-d4f8-44c4-beae-a0c9950d210b",
|
|
"indicator--563a0768-96a8-458a-b537-a0c9950d210b",
|
|
"indicator--563a0768-50f4-4959-8d66-a0c9950d210b",
|
|
"indicator--563a0769-b338-446e-b837-a0c9950d210b",
|
|
"indicator--563a0769-f29c-49c2-bde2-a0c9950d210b",
|
|
"indicator--563a076a-75b8-423c-91d8-a0c9950d210b",
|
|
"indicator--563a076a-9910-4652-a2e8-a0c9950d210b",
|
|
"indicator--563a076a-bf6c-41bd-89bb-a0c9950d210b",
|
|
"indicator--563a076b-0a00-4644-ac28-a0c9950d210b",
|
|
"indicator--563a076b-dd28-4121-abb8-a0c9950d210b",
|
|
"indicator--563a076c-3d40-49d7-94a7-a0c9950d210b",
|
|
"indicator--563a076c-543c-495a-9e12-a0c9950d210b",
|
|
"indicator--563a076c-8758-48ef-a53d-a0c9950d210b",
|
|
"indicator--563a076d-28e4-4e09-8b4e-a0c9950d210b",
|
|
"indicator--563a076d-8810-459a-aee4-a0c9950d210b",
|
|
"indicator--563a076e-36e0-4641-8a9a-a0c9950d210b",
|
|
"indicator--563a076e-1290-49be-8bd4-a0c9950d210b",
|
|
"indicator--563a076e-93d8-4f71-a734-a0c9950d210b",
|
|
"indicator--563a076f-a0c4-4c89-add9-a0c9950d210b",
|
|
"indicator--563a076f-7d94-4ba8-a6b5-a0c9950d210b",
|
|
"indicator--563a076f-7418-42c4-a6d6-a0c9950d210b",
|
|
"indicator--563a0770-aa30-4d3e-9f71-a0c9950d210b",
|
|
"indicator--563a0770-6c30-45e5-9fd5-a0c9950d210b",
|
|
"indicator--563a0771-41cc-498f-908f-a0c9950d210b",
|
|
"indicator--563a0771-fb30-4df5-bde6-a0c9950d210b",
|
|
"indicator--563a0771-3a68-480a-ac19-a0c9950d210b",
|
|
"indicator--563a0772-d954-41b1-881c-a0c9950d210b",
|
|
"indicator--563a0772-c730-45ac-8488-a0c9950d210b",
|
|
"indicator--563a0773-c57c-447c-9aa2-a0c9950d210b",
|
|
"indicator--563a0773-11b4-4ee5-a031-a0c9950d210b",
|
|
"indicator--563a0773-8760-4af3-9211-a0c9950d210b",
|
|
"indicator--563a0774-9510-4a36-87b9-a0c9950d210b",
|
|
"indicator--563a0774-cdd4-4cfc-8f03-a0c9950d210b",
|
|
"indicator--563a0775-6f5c-4927-89ec-a0c9950d210b",
|
|
"indicator--563a0775-2d10-4c9e-a2c6-a0c9950d210b",
|
|
"indicator--563a0775-f090-43b6-b3db-a0c9950d210b",
|
|
"indicator--563a0776-90d4-47d5-afd0-a0c9950d210b",
|
|
"indicator--563a0776-7744-4952-8029-a0c9950d210b",
|
|
"indicator--563a0777-8c70-4a01-ba86-a0c9950d210b",
|
|
"indicator--563a0777-9884-4626-b96c-a0c9950d210b",
|
|
"indicator--563a0777-12c0-41bf-8fe4-a0c9950d210b",
|
|
"indicator--563a0778-6b48-4af7-b5ce-a0c9950d210b",
|
|
"indicator--563a0778-ff28-4063-8d62-a0c9950d210b",
|
|
"indicator--563a0779-e490-4629-8b07-a0c9950d210b",
|
|
"indicator--563a0779-4abc-4b43-8096-a0c9950d210b",
|
|
"indicator--563a0779-7860-4c9f-825b-a0c9950d210b",
|
|
"indicator--563a077a-3238-4996-a6c0-a0c9950d210b",
|
|
"indicator--563a077a-1aa8-4293-bca1-a0c9950d210b",
|
|
"indicator--563a077a-2a30-447f-8ca3-a0c9950d210b",
|
|
"indicator--563a077b-86a8-4d40-ab07-a0c9950d210b",
|
|
"indicator--563a077b-80bc-40a3-9ca6-a0c9950d210b",
|
|
"indicator--563a077c-6b1c-4cb7-a378-a0c9950d210b",
|
|
"indicator--563a077c-90d4-4bcd-ab5a-a0c9950d210b",
|
|
"indicator--563a077c-1a8c-4337-b78e-a0c9950d210b",
|
|
"indicator--563a077d-38d8-4637-a693-a0c9950d210b",
|
|
"indicator--563a077d-53c4-44f3-abc8-a0c9950d210b",
|
|
"indicator--563a077e-0cc0-4d20-b8d0-a0c9950d210b",
|
|
"indicator--563a077e-2420-4c01-b592-a0c9950d210b",
|
|
"indicator--563a077e-2fb4-43cb-8651-a0c9950d210b",
|
|
"indicator--563a077f-cab8-4c49-805d-a0c9950d210b",
|
|
"indicator--563a077f-8c54-409f-8880-a0c9950d210b",
|
|
"indicator--563a0780-fa94-48d2-ac8c-a0c9950d210b",
|
|
"indicator--563a0780-c8f4-4d11-b78a-a0c9950d210b",
|
|
"indicator--563a0780-bb3c-432e-8147-a0c9950d210b",
|
|
"indicator--563a0781-67b8-4b3f-bcea-a0c9950d210b",
|
|
"indicator--563a0781-ea20-41e7-ba4c-a0c9950d210b",
|
|
"indicator--563a0782-4494-4797-94a1-a0c9950d210b",
|
|
"indicator--563a0782-c1a8-4413-b2bd-a0c9950d210b",
|
|
"indicator--563a0782-a8f8-467f-9776-a0c9950d210b",
|
|
"indicator--563a0783-b408-44ff-a5e5-a0c9950d210b",
|
|
"indicator--563a0783-7dec-4e2b-be59-a0c9950d210b",
|
|
"indicator--563a0784-9544-4347-978e-a0c9950d210b",
|
|
"indicator--563a0784-cfe4-4b40-8c57-a0c9950d210b",
|
|
"indicator--563a0784-c2e4-457c-9bcf-a0c9950d210b",
|
|
"indicator--563a0785-8aa0-41e9-b632-a0c9950d210b",
|
|
"indicator--563a0785-d4fc-4279-aaf1-a0c9950d210b",
|
|
"indicator--563a0786-3d80-4800-8b02-a0c9950d210b",
|
|
"indicator--563a0786-898c-4253-a8b6-a0c9950d210b",
|
|
"indicator--563a0786-3694-4f07-a198-a0c9950d210b",
|
|
"indicator--563a0787-0c58-4748-8b41-a0c9950d210b",
|
|
"indicator--563a0787-7370-45de-8248-a0c9950d210b",
|
|
"indicator--563a0788-b658-4f6e-8287-a0c9950d210b",
|
|
"indicator--563a0788-b750-46f2-8ef4-a0c9950d210b",
|
|
"indicator--563a0788-0a18-48a2-8d9d-a0c9950d210b",
|
|
"indicator--563a0789-21c8-4284-8be5-a0c9950d210b",
|
|
"indicator--563a0789-16f0-4f4a-8fa5-a0c9950d210b",
|
|
"indicator--563a078a-1864-4d16-8e88-a0c9950d210b",
|
|
"indicator--563a078a-53a0-41df-9624-a0c9950d210b",
|
|
"indicator--563a078a-2430-4866-8065-a0c9950d210b",
|
|
"indicator--563a078b-e8f0-4b60-9875-a0c9950d210b",
|
|
"indicator--563a078b-9a50-4fcc-8453-a0c9950d210b",
|
|
"indicator--563a078c-6c38-4fd9-9eda-a0c9950d210b",
|
|
"indicator--563a078c-0004-4a16-88fa-a0c9950d210b",
|
|
"indicator--563a078d-dae8-4f6f-8231-a0c9950d210b",
|
|
"indicator--563a078d-0f40-4f31-bd96-a0c9950d210b",
|
|
"indicator--563a078d-9a24-414b-af48-a0c9950d210b",
|
|
"indicator--563a078e-1c78-4173-9b5c-a0c9950d210b",
|
|
"indicator--563a078e-1168-4ab0-8562-a0c9950d210b",
|
|
"indicator--563a078f-fde0-4df3-a34e-a0c9950d210b",
|
|
"indicator--563a078f-753c-431e-a882-a0c9950d210b",
|
|
"indicator--563a078f-d0a4-44b8-bac3-a0c9950d210b",
|
|
"indicator--563a0790-2fa4-4b80-8877-a0c9950d210b",
|
|
"indicator--563a0790-5b7c-483b-ac3d-a0c9950d210b",
|
|
"indicator--563a0791-0510-4b6d-a209-a0c9950d210b",
|
|
"indicator--563a0791-2020-4a39-b0e5-a0c9950d210b",
|
|
"indicator--563a0791-6568-42bd-b36e-a0c9950d210b",
|
|
"indicator--563a0792-76e0-48f2-ac91-a0c9950d210b",
|
|
"indicator--563a0792-7764-48bb-9805-a0c9950d210b",
|
|
"indicator--563a0793-3fcc-441b-896f-a0c9950d210b",
|
|
"indicator--563a0793-80c8-48ad-87b6-a0c9950d210b",
|
|
"indicator--563a0793-1eb0-42d1-8ed0-a0c9950d210b",
|
|
"indicator--563a0794-d2f0-4379-9e38-a0c9950d210b",
|
|
"indicator--563a0794-09f4-4841-933c-a0c9950d210b",
|
|
"indicator--563a0795-566c-4cbd-a0d8-a0c9950d210b",
|
|
"indicator--563a0795-be64-4445-a244-a0c9950d210b",
|
|
"indicator--563a0795-e9cc-4213-88c5-a0c9950d210b",
|
|
"indicator--563a0796-fa2c-4c7c-9dbd-a0c9950d210b",
|
|
"indicator--563a0796-dddc-48b3-8ccc-a0c9950d210b",
|
|
"indicator--563a0797-5e34-4522-b002-a0c9950d210b",
|
|
"indicator--563a0797-85fc-4acf-a083-a0c9950d210b",
|
|
"indicator--563a0797-e864-42b3-837c-a0c9950d210b",
|
|
"indicator--563a0798-6fe8-4a01-80f2-a0c9950d210b",
|
|
"indicator--563a0798-5ea0-48dd-8f57-a0c9950d210b",
|
|
"indicator--563a0799-0f58-4126-951b-a0c9950d210b",
|
|
"indicator--563a0799-67dc-43c1-a71d-a0c9950d210b",
|
|
"indicator--563a0799-06e0-4f25-86e1-a0c9950d210b",
|
|
"indicator--563a079a-7af8-4dab-9b07-a0c9950d210b",
|
|
"indicator--563a079a-f558-4675-9b63-a0c9950d210b",
|
|
"indicator--563a079a-f1f0-40db-9c2d-a0c9950d210b",
|
|
"indicator--563a079b-c57c-45e8-b172-a0c9950d210b",
|
|
"indicator--563a079b-8310-4cf0-8010-a0c9950d210b",
|
|
"indicator--563a079c-1430-48ac-ac2b-a0c9950d210b",
|
|
"indicator--563a079c-7ec8-4169-b8ba-a0c9950d210b",
|
|
"indicator--563a079c-ac48-4365-acc4-a0c9950d210b",
|
|
"indicator--563a079d-9938-4e81-afd7-a0c9950d210b",
|
|
"indicator--563a079d-386c-42db-a864-a0c9950d210b",
|
|
"indicator--563a079e-b1e0-4aa6-903f-a0c9950d210b",
|
|
"indicator--563a079e-cce0-491f-9e35-a0c9950d210b",
|
|
"indicator--563a079e-ffa4-4024-82f2-a0c9950d210b",
|
|
"indicator--563a079f-f430-4a96-884d-a0c9950d210b",
|
|
"indicator--563a079f-d664-48bb-aafb-a0c9950d210b",
|
|
"indicator--563a07a0-b678-4a6e-b716-a0c9950d210b",
|
|
"indicator--563a07a0-9288-442d-8db9-a0c9950d210b",
|
|
"indicator--563a07a0-b9e0-4e6c-8d77-a0c9950d210b",
|
|
"indicator--563a07a1-9808-4143-bcce-a0c9950d210b",
|
|
"indicator--563a07a1-21c8-4207-a808-a0c9950d210b",
|
|
"indicator--563a07a2-2a50-4cdf-838f-a0c9950d210b",
|
|
"indicator--563a07a2-57bc-45c2-a250-a0c9950d210b",
|
|
"indicator--563a07a2-45ec-4e29-8ac0-a0c9950d210b",
|
|
"indicator--563a07a3-0030-4961-b6b7-a0c9950d210b",
|
|
"indicator--563a07a3-f6c0-4c99-9a27-a0c9950d210b",
|
|
"indicator--563a07a4-94c8-4bbf-9276-a0c9950d210b",
|
|
"indicator--563a07a4-7414-4630-af6e-a0c9950d210b",
|
|
"indicator--563a07a4-0cd4-4b68-aa28-a0c9950d210b",
|
|
"indicator--563a07a5-65a8-4ff9-bb62-a0c9950d210b",
|
|
"indicator--563a07a5-e27c-468a-8874-a0c9950d210b",
|
|
"indicator--563a07a6-1cc0-46b2-b9f0-a0c9950d210b",
|
|
"indicator--563a07a6-4ca8-4ecd-929d-a0c9950d210b",
|
|
"indicator--563a07a6-2adc-4a9a-ba38-a0c9950d210b",
|
|
"indicator--563a07a7-c418-4765-83b7-a0c9950d210b",
|
|
"indicator--563a07a7-49cc-4ec9-b836-a0c9950d210b",
|
|
"indicator--563a07a8-c658-47aa-861c-a0c9950d210b",
|
|
"indicator--563a07a8-d7a4-4ea7-bda1-a0c9950d210b",
|
|
"indicator--563a07a8-85c4-4877-a028-a0c9950d210b",
|
|
"indicator--563a07a9-0904-4df1-b7ff-a0c9950d210b",
|
|
"indicator--563a07a9-35a8-4685-848d-a0c9950d210b",
|
|
"indicator--563a07a9-b834-4a8e-8a53-a0c9950d210b",
|
|
"indicator--563a07aa-e240-4c20-b87d-a0c9950d210b",
|
|
"indicator--563a07aa-3c58-4e56-9a40-a0c9950d210b",
|
|
"indicator--563a07ab-e710-468a-ab66-a0c9950d210b",
|
|
"indicator--563a07ab-c768-44f9-a3b2-a0c9950d210b",
|
|
"indicator--563a07ab-4d1c-4b39-9b66-a0c9950d210b",
|
|
"indicator--563a07ac-d460-4729-9e91-a0c9950d210b",
|
|
"indicator--563a07ac-01cc-44c6-91e2-a0c9950d210b",
|
|
"indicator--563a07ad-e93c-40a4-a6cf-a0c9950d210b",
|
|
"indicator--563a07ad-d634-476c-9f17-a0c9950d210b",
|
|
"indicator--563a07ad-1cb4-4597-974c-a0c9950d210b",
|
|
"indicator--563a07ae-acb4-4cd1-8378-a0c9950d210b",
|
|
"indicator--563a07ae-d030-4740-a68d-a0c9950d210b",
|
|
"indicator--563a07af-42cc-4712-be26-a0c9950d210b",
|
|
"indicator--563a07af-4ab0-43fd-8d16-a0c9950d210b",
|
|
"indicator--563a07af-5dd4-4abf-a46a-a0c9950d210b",
|
|
"indicator--563a07b0-458c-48a5-b1c6-a0c9950d210b",
|
|
"indicator--563a07b0-8314-45ad-8d75-a0c9950d210b",
|
|
"indicator--563a07b1-4f64-4089-8811-a0c9950d210b",
|
|
"indicator--563a07b1-3ca0-4f03-a654-a0c9950d210b",
|
|
"indicator--563a07b1-77a4-4991-bd6f-a0c9950d210b",
|
|
"indicator--563a07b2-7e88-4bd8-a87a-a0c9950d210b",
|
|
"indicator--563a07b2-f920-4556-a6c9-a0c9950d210b",
|
|
"indicator--563a07b3-fd2c-4546-bf95-a0c9950d210b",
|
|
"indicator--563a07b3-5480-4273-ba89-a0c9950d210b",
|
|
"indicator--563a07b3-7454-4b4c-8aac-a0c9950d210b",
|
|
"indicator--563a07b4-6de8-4a35-8fac-a0c9950d210b",
|
|
"indicator--563a07b4-46d0-4a3f-9d8f-a0c9950d210b",
|
|
"indicator--563a07b5-2a48-4e19-8827-a0c9950d210b",
|
|
"indicator--563a07b5-aa94-4a35-af62-a0c9950d210b",
|
|
"indicator--563a07b5-66ec-4cfe-b113-a0c9950d210b",
|
|
"indicator--563a07b6-0dec-472a-aa5e-a0c9950d210b",
|
|
"indicator--563a07b6-5684-4ee3-90df-a0c9950d210b",
|
|
"indicator--563a07b6-8418-4432-82a0-a0c9950d210b",
|
|
"indicator--563a07b7-dbf8-49a9-9770-a0c9950d210b",
|
|
"indicator--563a07b7-5684-4ddf-96b3-a0c9950d210b",
|
|
"indicator--563a07b8-d148-453b-8d10-a0c9950d210b",
|
|
"indicator--563a07b8-c1bc-4c9e-9d92-a0c9950d210b",
|
|
"indicator--563a07b8-5c38-4f61-83f3-a0c9950d210b",
|
|
"indicator--563a07b9-3840-49fc-813b-a0c9950d210b",
|
|
"indicator--563a07b9-5028-4b43-bd6f-a0c9950d210b",
|
|
"indicator--563a07ba-3eb8-40e9-ab27-a0c9950d210b",
|
|
"indicator--563a07ba-0b18-4e13-b0d2-a0c9950d210b",
|
|
"indicator--563a07ba-447c-4650-8b99-a0c9950d210b",
|
|
"indicator--563a07bb-e500-4088-a95c-a0c9950d210b",
|
|
"indicator--563a07bb-2f0c-4015-8c8c-a0c9950d210b",
|
|
"indicator--563a07bc-d400-4d0b-8d1c-a0c9950d210b",
|
|
"indicator--563a07bc-81e0-40c1-8061-a0c9950d210b",
|
|
"indicator--563a07bc-fb10-4b8b-91bb-a0c9950d210b",
|
|
"indicator--563a07bd-d26c-4959-b569-a0c9950d210b",
|
|
"indicator--563a07bd-0628-4866-8ef8-a0c9950d210b",
|
|
"indicator--563a07be-43a8-4306-b283-a0c9950d210b",
|
|
"indicator--563a07be-acd8-41eb-b45d-a0c9950d210b",
|
|
"indicator--563a07be-8d2c-4f64-b36a-a0c9950d210b",
|
|
"indicator--563a07bf-dabc-4384-a843-a0c9950d210b",
|
|
"indicator--563a07bf-1e94-47f4-afb8-a0c9950d210b",
|
|
"indicator--563a07c0-111c-4487-bedb-a0c9950d210b",
|
|
"indicator--563a07c0-5570-4e55-b124-a0c9950d210b",
|
|
"indicator--563a07c0-2150-43a7-a187-a0c9950d210b",
|
|
"indicator--563a07c1-276c-4011-81d7-a0c9950d210b",
|
|
"indicator--563a07c1-c8d4-4c1a-8d15-a0c9950d210b",
|
|
"indicator--563a07c2-35c8-4222-8170-a0c9950d210b",
|
|
"indicator--563a07c2-0e78-4fca-a4aa-a0c9950d210b",
|
|
"indicator--563a07c2-cc68-4dba-870c-a0c9950d210b",
|
|
"indicator--563a07c3-52cc-4a86-97a2-a0c9950d210b",
|
|
"indicator--563a07c3-2b78-47c4-9201-a0c9950d210b",
|
|
"indicator--563a07c4-322c-4dcd-b178-a0c9950d210b",
|
|
"indicator--563a07c4-94b8-44e8-9044-a0c9950d210b",
|
|
"indicator--563a07c4-1a40-4480-a4bc-a0c9950d210b",
|
|
"indicator--563a07c5-f844-4c4c-a8a7-a0c9950d210b",
|
|
"indicator--563a07c5-d1c8-4e12-baf8-a0c9950d210b",
|
|
"indicator--563a07c5-d9c0-4d75-a4a5-a0c9950d210b",
|
|
"indicator--563a07c6-646c-4c68-9f7f-a0c9950d210b",
|
|
"indicator--563a07c6-a04c-497d-af6f-a0c9950d210b",
|
|
"indicator--563a07c7-46f4-4e0b-a2bd-a0c9950d210b",
|
|
"indicator--563a07c7-fcec-45e2-a217-a0c9950d210b",
|
|
"indicator--563a07c7-a734-4f7f-ae1d-a0c9950d210b",
|
|
"indicator--563a07c8-221c-46a9-9d48-a0c9950d210b",
|
|
"indicator--563a07c8-d248-4ba6-910d-a0c9950d210b",
|
|
"indicator--563a07c9-810c-4ec9-9c92-a0c9950d210b",
|
|
"indicator--563a07c9-7128-4360-b8bb-a0c9950d210b",
|
|
"indicator--563a07c9-2e24-482c-9757-a0c9950d210b",
|
|
"indicator--563a07ca-c95c-4a47-b454-a0c9950d210b",
|
|
"indicator--563a07ca-1e9c-4d4c-b6e2-a0c9950d210b",
|
|
"indicator--563a07cb-651c-468a-a0e9-a0c9950d210b",
|
|
"indicator--563a07cb-bc28-4e59-82b0-a0c9950d210b",
|
|
"indicator--563a07cb-5968-4f72-bed0-a0c9950d210b",
|
|
"indicator--563a07cc-72e8-4e2e-b101-a0c9950d210b",
|
|
"indicator--563a07cc-4a40-414a-ab62-a0c9950d210b",
|
|
"indicator--563a07cd-5264-46ba-9c82-a0c9950d210b",
|
|
"indicator--563a07cd-640c-419d-9c13-a0c9950d210b",
|
|
"indicator--563a07cd-78b8-4dc1-9769-a0c9950d210b",
|
|
"indicator--563a07ce-4560-44d6-a3b9-a0c9950d210b",
|
|
"indicator--563a07ce-397c-4555-aa7b-a0c9950d210b",
|
|
"indicator--563a07cf-5f5c-4a06-93f7-a0c9950d210b",
|
|
"indicator--563a07cf-eb94-440e-b44f-a0c9950d210b",
|
|
"indicator--563a07cf-8560-48a4-a54c-a0c9950d210b",
|
|
"indicator--563a07d0-9d74-443d-a68a-a0c9950d210b",
|
|
"indicator--563a07d0-b6c8-4af6-bd11-a0c9950d210b",
|
|
"indicator--563a07d1-2b30-4ed4-a48c-a0c9950d210b",
|
|
"indicator--563a07d1-8288-4caa-b9ca-a0c9950d210b",
|
|
"indicator--563a07d1-2e88-44b6-9dd6-a0c9950d210b",
|
|
"indicator--563a07d2-ea2c-4f72-9bf3-a0c9950d210b",
|
|
"indicator--563a07d2-003c-4c3e-8be5-a0c9950d210b",
|
|
"indicator--563a07d3-2d30-40d4-ae89-a0c9950d210b",
|
|
"indicator--563a07d3-cd88-42a5-9e74-a0c9950d210b",
|
|
"indicator--563a07d3-b7e0-4de5-9442-a0c9950d210b",
|
|
"indicator--563a07d4-a238-4379-b2f1-a0c9950d210b",
|
|
"indicator--563a07d4-de74-4e62-a984-a0c9950d210b",
|
|
"indicator--563a07d5-1644-4e51-a906-a0c9950d210b",
|
|
"indicator--563a07d5-c074-4834-bcbc-a0c9950d210b",
|
|
"indicator--563a07d5-c15c-47c6-a1cf-a0c9950d210b",
|
|
"indicator--563a07d6-7c64-4429-858f-a0c9950d210b",
|
|
"indicator--563a07d6-d594-4348-b0de-a0c9950d210b",
|
|
"indicator--563a07d6-fbc8-4140-b771-a0c9950d210b",
|
|
"indicator--563a07d7-3728-4b7f-a8ac-a0c9950d210b",
|
|
"indicator--563a07d7-219c-49ba-9461-a0c9950d210b",
|
|
"indicator--563a07d8-1dac-406f-ba07-a0c9950d210b",
|
|
"indicator--563a07d8-1d9c-4fae-8f55-a0c9950d210b",
|
|
"indicator--563a07d8-cb70-444a-8e85-a0c9950d210b",
|
|
"indicator--563a07d9-b354-43e8-a67e-a0c9950d210b",
|
|
"indicator--563a07d9-e780-4acc-ab22-a0c9950d210b",
|
|
"indicator--563a07da-e6a8-4486-9cb2-a0c9950d210b",
|
|
"indicator--563a07da-d148-4ece-9a5a-a0c9950d210b",
|
|
"indicator--563a07da-2218-4411-be14-a0c9950d210b",
|
|
"indicator--563a07db-8ffc-4b4c-8db4-a0c9950d210b",
|
|
"indicator--563a07db-34d8-4cb7-b354-a0c9950d210b",
|
|
"indicator--563a07dc-c4e8-419a-a07e-a0c9950d210b",
|
|
"indicator--563a07dc-a14c-4711-b2c2-a0c9950d210b",
|
|
"indicator--563a07dc-6430-40c5-b6b5-a0c9950d210b",
|
|
"indicator--563a07dd-0fac-4f99-89bc-a0c9950d210b",
|
|
"indicator--563a07dd-8834-452e-9ee5-a0c9950d210b",
|
|
"indicator--563a07de-7e84-44e8-8022-a0c9950d210b",
|
|
"indicator--563a07de-1948-4e9a-be82-a0c9950d210b",
|
|
"indicator--563a07de-0e44-412f-8e8d-a0c9950d210b",
|
|
"indicator--563a07df-407c-4b27-8fd5-a0c9950d210b",
|
|
"indicator--563a07df-e390-47e6-9014-a0c9950d210b",
|
|
"indicator--563a07e0-10c0-48b3-8359-a0c9950d210b",
|
|
"indicator--563a07e0-afa4-4bc8-a706-a0c9950d210b",
|
|
"indicator--563a07e0-28f4-40bb-b131-a0c9950d210b",
|
|
"indicator--563a07e1-0f8c-456a-be52-a0c9950d210b",
|
|
"indicator--563a07e1-4c38-41fa-99a8-a0c9950d210b",
|
|
"indicator--563a07e2-6360-4583-af0d-a0c9950d210b",
|
|
"indicator--563a07e2-9d30-41a9-940f-a0c9950d210b",
|
|
"indicator--563a07e2-cbc8-4f2a-9a48-a0c9950d210b",
|
|
"indicator--563a07e3-ec6c-41d5-834e-a0c9950d210b",
|
|
"indicator--563a07e3-2758-482d-8864-a0c9950d210b",
|
|
"indicator--563a07e3-2834-4de3-8ec0-a0c9950d210b",
|
|
"indicator--563a07e4-4860-4ede-80cc-a0c9950d210b",
|
|
"indicator--563a07e4-82e8-4d52-89ea-a0c9950d210b",
|
|
"indicator--563a07e5-a860-46dc-adf5-a0c9950d210b",
|
|
"indicator--563a07e5-fe6c-4de8-8a53-a0c9950d210b",
|
|
"indicator--563a07e5-864c-4f5f-bdc0-a0c9950d210b",
|
|
"indicator--563a07e6-fd28-43f3-8f0a-a0c9950d210b",
|
|
"indicator--563a07e6-d7bc-4bd0-adf7-a0c9950d210b",
|
|
"indicator--563a07e7-1a7c-4707-b254-a0c9950d210b",
|
|
"indicator--563a07e7-c634-45dd-a5ef-a0c9950d210b",
|
|
"indicator--563a07e7-ecb8-4714-9a14-a0c9950d210b",
|
|
"indicator--563a07e8-fdd0-47d0-bf5b-a0c9950d210b",
|
|
"indicator--563a07e8-0a8c-4c42-b825-a0c9950d210b",
|
|
"indicator--563a07e9-ee20-4049-9d30-a0c9950d210b",
|
|
"indicator--563a07e9-7458-43c1-ad0f-a0c9950d210b",
|
|
"indicator--563a07e9-d5b8-4ac3-b422-a0c9950d210b",
|
|
"indicator--563a07ea-0ca0-4647-bb3f-a0c9950d210b",
|
|
"indicator--563a07ea-8a3c-4e1b-a1a3-a0c9950d210b",
|
|
"indicator--563a07eb-9fd0-4017-99c8-a0c9950d210b",
|
|
"indicator--563a07eb-f3e8-402d-bf66-a0c9950d210b",
|
|
"indicator--563a07eb-e6fc-42c7-802d-a0c9950d210b",
|
|
"indicator--563a07ec-8014-44c7-9926-a0c9950d210b",
|
|
"indicator--563a07ec-1298-4784-a474-a0c9950d210b",
|
|
"indicator--563a07ed-9434-4527-b00a-a0c9950d210b",
|
|
"indicator--563a07ed-f7a8-49c3-8c7c-a0c9950d210b",
|
|
"indicator--563a07ed-9f40-4c5f-b4bb-a0c9950d210b",
|
|
"indicator--563a07ee-1fc4-4360-8da8-a0c9950d210b",
|
|
"indicator--563a07ee-3cc0-45bb-886a-a0c9950d210b",
|
|
"indicator--563a07ef-92d4-44bb-a522-a0c9950d210b",
|
|
"indicator--563a07ef-e150-412b-bc06-a0c9950d210b",
|
|
"indicator--563a07ef-cf88-448b-ab4f-a0c9950d210b",
|
|
"indicator--563a07f0-9c94-425b-99bb-a0c9950d210b",
|
|
"indicator--563a07f0-3ea0-4456-9eda-a0c9950d210b",
|
|
"indicator--563a07f1-973c-403b-9472-a0c9950d210b",
|
|
"indicator--563a07f1-dde8-4157-8ef1-a0c9950d210b",
|
|
"indicator--563a07f1-2ccc-4e32-aab9-a0c9950d210b",
|
|
"indicator--563a07f2-b4ac-4280-a475-a0c9950d210b",
|
|
"indicator--563a07f2-49a4-4eba-9584-a0c9950d210b",
|
|
"indicator--563a07f3-a9d0-4e1e-ae47-a0c9950d210b",
|
|
"indicator--563a07f3-3ee8-4d18-9eb0-a0c9950d210b",
|
|
"indicator--563a07f3-24f8-4c00-8b65-a0c9950d210b",
|
|
"indicator--563a07f4-4b68-4d69-875b-a0c9950d210b",
|
|
"indicator--563a07f4-2308-44e8-a2ec-a0c9950d210b",
|
|
"indicator--563a07f4-300c-47e4-b309-a0c9950d210b",
|
|
"indicator--563a07f5-4860-46c1-a1f0-a0c9950d210b",
|
|
"indicator--563a07f5-aa5c-4e15-a8c6-a0c9950d210b",
|
|
"indicator--563a07f6-c158-4982-891b-a0c9950d210b",
|
|
"indicator--563a07f6-da84-4140-ba62-a0c9950d210b",
|
|
"indicator--563a07f6-1834-490d-9016-a0c9950d210b",
|
|
"indicator--563a07f7-1700-4784-a3fa-a0c9950d210b",
|
|
"indicator--563a07f7-bc58-4ff5-8607-a0c9950d210b",
|
|
"indicator--563a07f8-6814-41dd-97bc-a0c9950d210b",
|
|
"indicator--563a07f8-a900-4834-a621-a0c9950d210b",
|
|
"indicator--563a07f8-0e14-484d-ae28-a0c9950d210b",
|
|
"indicator--563a07f9-49e8-4ad8-a3b3-a0c9950d210b",
|
|
"indicator--563a07f9-dfa4-4342-a3ce-a0c9950d210b",
|
|
"indicator--563a07fa-80b4-4659-93c8-a0c9950d210b",
|
|
"indicator--563a07fa-1af0-4f54-8fe3-a0c9950d210b",
|
|
"indicator--563a07fa-3f30-434f-aace-a0c9950d210b",
|
|
"indicator--563a07fb-0c18-4636-a8be-a0c9950d210b",
|
|
"indicator--563a07fb-3db4-4f6c-814f-a0c9950d210b",
|
|
"indicator--563a07fc-95ac-44e5-b5b1-a0c9950d210b",
|
|
"indicator--563a07fc-1114-4923-8dc2-a0c9950d210b",
|
|
"indicator--563a07fc-7520-493e-ad42-a0c9950d210b",
|
|
"indicator--563a07fd-a204-43c4-8285-a0c9950d210b",
|
|
"indicator--563a07fd-95b8-4e3c-8e19-a0c9950d210b",
|
|
"indicator--563a07fe-93bc-4082-afe5-a0c9950d210b",
|
|
"indicator--563a07fe-f428-4976-8417-a0c9950d210b",
|
|
"indicator--563a07fe-4dd4-4f47-bbb7-a0c9950d210b",
|
|
"indicator--563a07ff-d4e8-4fa9-9ebf-a0c9950d210b",
|
|
"indicator--563a07ff-20c8-45c5-876a-a0c9950d210b",
|
|
"indicator--563a0800-c320-4041-acb7-a0c9950d210b",
|
|
"indicator--563a0800-815c-4de1-96ba-a0c9950d210b",
|
|
"indicator--563a0800-6294-4dbf-9b55-a0c9950d210b",
|
|
"indicator--563a0801-0678-4d85-a4e6-a0c9950d210b",
|
|
"indicator--563a0801-a424-4a3a-8590-a0c9950d210b",
|
|
"indicator--563a0802-18c4-4962-8363-a0c9950d210b",
|
|
"indicator--563a0802-05b4-4e50-9edc-a0c9950d210b",
|
|
"indicator--563a0802-3b18-4dc3-97fc-a0c9950d210b",
|
|
"indicator--563a0803-4150-4959-b23b-a0c9950d210b",
|
|
"indicator--563a0803-3bb8-42fc-b47f-a0c9950d210b",
|
|
"indicator--563a0804-1544-4ff1-b814-a0c9950d210b",
|
|
"indicator--563a0804-6c10-467d-9094-a0c9950d210b",
|
|
"indicator--563a0804-eab8-4d24-b4fa-a0c9950d210b",
|
|
"indicator--563a0805-04fc-46a2-8208-a0c9950d210b",
|
|
"indicator--563a0805-0874-4af0-8dfb-a0c9950d210b",
|
|
"indicator--563a0806-0300-4cd7-80fe-a0c9950d210b",
|
|
"indicator--563a0806-5aac-4502-bc9c-a0c9950d210b",
|
|
"indicator--563a0806-81e4-48b1-8708-a0c9950d210b",
|
|
"indicator--563a0807-8330-49c9-b2e7-a0c9950d210b",
|
|
"indicator--563a0807-84f0-4305-a5c7-a0c9950d210b",
|
|
"indicator--563a0807-6620-489a-9c25-a0c9950d210b",
|
|
"indicator--563a0808-d99c-4e25-ac53-a0c9950d210b",
|
|
"indicator--563a0808-83c0-4a16-b952-a0c9950d210b",
|
|
"indicator--563a0809-2958-4e5e-a73b-a0c9950d210b",
|
|
"indicator--563a0809-0390-4af1-a15f-a0c9950d210b",
|
|
"indicator--563a0809-faa0-4028-bba6-a0c9950d210b",
|
|
"indicator--563a080a-9ff8-4204-b934-a0c9950d210b",
|
|
"indicator--563a080a-a988-4051-b9b7-a0c9950d210b",
|
|
"indicator--563a080b-c128-4d0e-82e8-a0c9950d210b",
|
|
"indicator--563a080b-6ab4-46cb-be62-a0c9950d210b",
|
|
"indicator--563a080b-87e0-4e0a-a628-a0c9950d210b",
|
|
"indicator--563a080c-806c-467d-9f4e-a0c9950d210b",
|
|
"indicator--563a080c-fa18-429a-87c6-a0c9950d210b",
|
|
"indicator--567957b2-7af0-40ba-844c-4f2f950d210f",
|
|
"indicator--567957b2-f3ec-40f7-947a-4681950d210f",
|
|
"indicator--567957b3-4af0-4e4b-a960-4bff950d210f",
|
|
"indicator--567957b3-d284-4347-af50-4915950d210f",
|
|
"indicator--567957b3-9da0-4632-9098-496d950d210f",
|
|
"indicator--567957b4-e91c-4a19-a00b-45c4950d210f",
|
|
"indicator--567957b4-f188-4aab-bcea-4e65950d210f",
|
|
"indicator--567957b4-442c-40f5-b777-4374950d210f",
|
|
"indicator--567957b4-76fc-474e-80e2-4869950d210f",
|
|
"indicator--567957b5-3b14-4960-b756-4eed950d210f",
|
|
"indicator--567957b5-a844-49b3-90a4-4da4950d210f",
|
|
"indicator--567957b5-0468-4f14-9344-4184950d210f",
|
|
"indicator--567957b6-d1a0-459a-8f2e-4ab8950d210f",
|
|
"indicator--567957b6-2354-4831-b6ef-4fe3950d210f",
|
|
"indicator--567957b6-9a88-4d34-a8e4-47c2950d210f",
|
|
"indicator--567957b6-4068-4aeb-a9a3-4b48950d210f",
|
|
"indicator--567957b6-285c-45e9-b766-4942950d210f",
|
|
"indicator--567957b7-4f7c-4f7a-9931-4c4d950d210f",
|
|
"indicator--567957b7-cc58-424e-a297-4488950d210f",
|
|
"indicator--567957b7-2828-4f88-af6f-4365950d210f",
|
|
"indicator--567957b7-c1c8-4e43-a9b9-4b87950d210f",
|
|
"indicator--567957b8-c68c-4b57-8aec-49f6950d210f",
|
|
"indicator--567957b8-4fd4-45bc-88f1-4a5a950d210f",
|
|
"indicator--567957b8-0b64-4ef1-bd23-4e3b950d210f",
|
|
"indicator--567957b9-c69c-440d-a52c-4912950d210f",
|
|
"indicator--567957b9-d89c-425f-ad55-49b0950d210f",
|
|
"indicator--567957b9-9534-40d0-8df6-46f9950d210f",
|
|
"indicator--567957ba-0cf4-4d1d-bcff-471e950d210f",
|
|
"indicator--567957ba-7cd8-4842-ac47-43eb950d210f",
|
|
"indicator--567957ba-5e68-49df-9987-4bb9950d210f",
|
|
"indicator--567957ba-f748-4bac-bcbc-4f7a950d210f",
|
|
"indicator--567957bb-c660-4a5b-9ff8-4ec0950d210f",
|
|
"indicator--567957bb-ea3c-4d4e-9105-48cb950d210f",
|
|
"indicator--567957bb-7308-4952-939c-43bb950d210f",
|
|
"indicator--567957bc-3b28-4a6c-bbf3-4876950d210f",
|
|
"indicator--567957bc-16c4-41a7-b08c-48ba950d210f",
|
|
"indicator--567957bc-e088-4ea9-b419-49f3950d210f",
|
|
"indicator--567957bc-6b04-4f58-bad9-4e9c950d210f",
|
|
"indicator--567957bd-61b4-48db-b093-49bd950d210f",
|
|
"indicator--567957bd-b3f4-4211-9f4b-44fb950d210f",
|
|
"indicator--567957bd-226c-403b-ae4a-4699950d210f",
|
|
"indicator--567957be-4ab8-46d5-a376-4dae950d210f",
|
|
"indicator--567957be-5f2c-44a9-8e9b-41e9950d210f",
|
|
"indicator--567957be-38fc-4ade-b56f-49cf950d210f",
|
|
"indicator--567957be-a930-4aea-aac8-40cf950d210f",
|
|
"indicator--567957bf-49d8-40d4-b9fd-4cd1950d210f",
|
|
"indicator--567957bf-88e8-4521-82df-4dcc950d210f",
|
|
"indicator--567957bf-be34-4f67-b68c-4c7d950d210f",
|
|
"indicator--567957c0-5210-42ac-87fd-4701950d210f",
|
|
"indicator--567957c0-5754-416d-8a73-4b68950d210f",
|
|
"indicator--567957c0-f3c0-4090-bc47-4043950d210f",
|
|
"indicator--567957c0-c140-4d06-9ab3-4f76950d210f",
|
|
"indicator--567957c1-40fc-4343-8e5e-4aa8950d210f",
|
|
"indicator--567957c1-f3d0-40c9-abcb-4b7e950d210f",
|
|
"indicator--567957c1-9b40-4f5c-a8bc-43cf950d210f",
|
|
"indicator--567957c1-4ff4-422c-a994-46ec950d210f",
|
|
"indicator--567957c2-3eb8-4832-9de1-494d950d210f",
|
|
"indicator--567957c2-b6b8-4ef1-b1ba-4e19950d210f",
|
|
"indicator--567957c2-96f0-416f-96dc-4913950d210f",
|
|
"indicator--567957c2-7230-44fd-9d69-4531950d210f",
|
|
"indicator--567957c2-7928-4f12-b0cc-4898950d210f",
|
|
"indicator--567957c3-b104-4d9d-af76-44f3950d210f",
|
|
"indicator--567957c3-5b14-4ccd-9997-4bc0950d210f",
|
|
"indicator--567957c3-bd08-429b-994b-4484950d210f",
|
|
"indicator--567957c3-b2d4-4b0f-a9b0-415a950d210f",
|
|
"indicator--567957c4-299c-4508-9ee1-44c2950d210f",
|
|
"indicator--567957c4-6eb0-4183-aebf-47a9950d210f",
|
|
"indicator--567957c4-4194-4c2d-9c19-4de0950d210f",
|
|
"indicator--567957c4-702c-48d0-ba7d-45fc950d210f",
|
|
"indicator--567957c5-6f24-455b-8027-4053950d210f",
|
|
"indicator--567957c5-3cd4-468c-9df5-482c950d210f",
|
|
"indicator--567957c5-3274-4a6b-a655-452f950d210f",
|
|
"indicator--567957c5-5f28-4743-8a82-4c7e950d210f",
|
|
"indicator--567957c5-79f8-4611-96b5-4bb3950d210f",
|
|
"indicator--567957c6-00a8-406f-8184-4a4d950d210f",
|
|
"indicator--567957c6-3164-4960-94ab-4dda950d210f",
|
|
"indicator--567957c6-02e8-407f-b048-437c950d210f",
|
|
"indicator--567957c6-64c8-4f67-bbe5-4edc950d210f",
|
|
"indicator--567957c7-5714-4bf7-a2a1-4e6a950d210f",
|
|
"indicator--567957c7-e7d0-48ee-8174-4726950d210f",
|
|
"indicator--567957c7-5798-48e7-aa27-4e8e950d210f",
|
|
"indicator--567957c7-e190-40cc-87eb-49fd950d210f",
|
|
"indicator--567957c8-66b8-44c2-a504-450d950d210f",
|
|
"indicator--567957c8-279c-40af-85a4-4aa0950d210f",
|
|
"indicator--567957c8-da24-4986-abac-4b84950d210f",
|
|
"indicator--567957c9-7de0-4f66-86a5-43db950d210f",
|
|
"indicator--567957c9-55bc-496f-a499-4c6b950d210f",
|
|
"indicator--567957c9-c0d8-450e-871e-45db950d210f",
|
|
"indicator--567957ca-4cac-42fe-aba4-453c950d210f",
|
|
"indicator--567957ca-fd54-4b47-8787-4223950d210f",
|
|
"indicator--567957ca-635c-4c86-b694-435d950d210f",
|
|
"indicator--567957ca-5a14-4d47-93d5-42d5950d210f",
|
|
"indicator--567957cb-da20-41ab-a175-4e1f950d210f",
|
|
"indicator--567957cb-6584-48fa-9515-4297950d210f",
|
|
"indicator--567957cb-6a3c-461d-bc09-41d7950d210f",
|
|
"indicator--567957cc-3cb4-4756-bd40-4497950d210f",
|
|
"indicator--567957cc-f404-4892-81e5-4e47950d210f",
|
|
"indicator--567957cc-6048-40f0-ada0-493a950d210f",
|
|
"indicator--567957cc-7f04-4624-8cac-4b5b950d210f",
|
|
"indicator--567957cd-2f68-4a3b-94d4-4624950d210f",
|
|
"indicator--567957cd-7ad4-4a14-8cc6-4a0a950d210f",
|
|
"indicator--567957cd-a4a8-467c-95d7-4067950d210f",
|
|
"indicator--567957ce-3f2c-4cbc-9316-48e3950d210f",
|
|
"indicator--567957ce-b2b8-406b-aba1-4a0c950d210f",
|
|
"indicator--567957ce-fd2c-45f8-8362-42e0950d210f",
|
|
"indicator--567957ce-4948-4623-aeb4-49ef950d210f",
|
|
"indicator--567957cf-6430-4e08-a879-433a950d210f",
|
|
"indicator--567957cf-50b0-4fcd-92ff-4d8c950d210f",
|
|
"indicator--567957cf-8580-40e9-a669-4b60950d210f",
|
|
"indicator--567957d0-5154-45b4-9a39-4908950d210f",
|
|
"indicator--567957d0-ff30-48cf-aaa1-4684950d210f",
|
|
"indicator--567957d0-81c4-4604-9bc4-45c4950d210f",
|
|
"indicator--567957d1-7998-4029-bcd2-4668950d210f",
|
|
"indicator--567957d1-17d4-4f85-8da2-48a2950d210f",
|
|
"indicator--567957d1-a144-4abd-ad8f-4e2d950d210f",
|
|
"indicator--567957d1-23e8-489e-a21b-4a17950d210f",
|
|
"indicator--567957d2-4330-4211-9402-4283950d210f",
|
|
"indicator--567957d2-6dd8-4894-9b29-4938950d210f",
|
|
"indicator--567957d2-3460-494d-9834-4665950d210f",
|
|
"indicator--567957d3-b5fc-4e36-b18d-4425950d210f",
|
|
"indicator--567957d3-a9c4-4b6b-be23-4338950d210f",
|
|
"indicator--567957d3-7930-4828-9533-4c82950d210f",
|
|
"indicator--567957d3-7a10-4c6b-a453-4239950d210f",
|
|
"indicator--567957d4-d4b8-481d-8368-4394950d210f",
|
|
"indicator--567957d4-ecc0-494b-bc54-4f10950d210f",
|
|
"indicator--567957d4-dda8-494c-9f5f-4f0f950d210f",
|
|
"indicator--567957d5-97ac-4f49-a2fb-4b3c950d210f",
|
|
"indicator--567957d5-1558-4f42-9d51-4f07950d210f",
|
|
"indicator--567957d5-44b4-4dd6-bec7-4054950d210f",
|
|
"indicator--567957d6-a800-4cd1-b086-488b950d210f",
|
|
"indicator--567957d6-6e5c-4774-8d20-4aaf950d210f",
|
|
"indicator--567957d6-50cc-4de3-8fd2-4d1a950d210f",
|
|
"indicator--567957d6-b6d4-4888-b60f-4a8e950d210f",
|
|
"indicator--567957d7-656c-4b43-9cee-4715950d210f",
|
|
"indicator--567957d7-d054-4272-9ebf-4d7c950d210f",
|
|
"indicator--567957d7-fc38-4214-adf3-438e950d210f",
|
|
"indicator--567957d8-52c8-4a48-a29f-4e5e950d210f",
|
|
"indicator--567957d8-04b0-4b42-95d2-421d950d210f",
|
|
"indicator--567957d8-700c-4781-91bb-4295950d210f",
|
|
"indicator--567957d8-0614-4f2b-9379-4f8a950d210f",
|
|
"indicator--567957d9-74e8-49c8-9f39-4ccd950d210f",
|
|
"indicator--567957d9-4428-4b38-82ab-4d08950d210f",
|
|
"indicator--567957d9-ba28-4974-a715-4cee950d210f",
|
|
"indicator--567957da-9dac-4e12-ac2b-4262950d210f",
|
|
"indicator--567957da-7ad8-41a1-97c3-4239950d210f",
|
|
"indicator--567957da-aa80-4407-91e4-45d9950d210f",
|
|
"indicator--567957db-71b8-448c-b840-4151950d210f",
|
|
"indicator--567957db-6b3c-4bc8-a778-4c1f950d210f",
|
|
"indicator--567957db-52d4-4c6d-9f05-4fa0950d210f",
|
|
"indicator--567957db-fefc-4244-bd4d-4a63950d210f",
|
|
"indicator--567957dc-c0d0-4781-9bac-44c1950d210f",
|
|
"indicator--567957dc-c588-4b13-b7f0-49ee950d210f",
|
|
"indicator--567957dc-244c-4468-9b4d-4b6d950d210f",
|
|
"indicator--567957dd-4b60-479b-b463-4cdc950d210f",
|
|
"indicator--567957dd-8304-42d5-b29e-4ece950d210f",
|
|
"indicator--567957dd-e200-410c-b5cf-41eb950d210f",
|
|
"indicator--567957dd-a140-468f-b7ca-4ead950d210f",
|
|
"indicator--567957dd-2154-4273-a0ad-4063950d210f",
|
|
"indicator--567957de-e210-4e7a-94f9-4439950d210f",
|
|
"indicator--567957de-c5b0-44b8-a14f-47e6950d210f",
|
|
"indicator--567957de-faf4-4faf-9f99-413a950d210f",
|
|
"indicator--567957de-b034-40f2-a93d-42c0950d210f",
|
|
"indicator--567957df-df60-4924-b8e9-45dc950d210f",
|
|
"indicator--567957df-bb14-482d-9915-490d950d210f",
|
|
"indicator--567957df-9acc-4268-8d27-4cf6950d210f",
|
|
"indicator--567957e0-7edc-4d76-860a-4aa7950d210f",
|
|
"indicator--567957e0-3a40-44de-af70-4f91950d210f",
|
|
"indicator--567957e0-e890-40b6-867b-4a8b950d210f",
|
|
"indicator--567957e0-1584-46e0-87bf-4a20950d210f",
|
|
"indicator--567957e1-78c4-4f6c-9e12-4ff4950d210f",
|
|
"indicator--567957e1-5858-4b76-970d-4737950d210f",
|
|
"indicator--567957e1-f744-47a1-ada6-4b19950d210f",
|
|
"indicator--567957e2-80cc-4119-ac4b-464f950d210f",
|
|
"indicator--567957e2-59e0-4499-89cb-444f950d210f",
|
|
"indicator--567957e2-4c00-46c8-9859-4bda950d210f",
|
|
"indicator--567957e2-d884-432c-8736-47f1950d210f",
|
|
"indicator--567957e3-0260-48e1-a747-4b2a950d210f",
|
|
"indicator--567957e3-bf04-494d-8a98-46c5950d210f",
|
|
"indicator--567957e3-f9dc-4884-b881-4c3e950d210f",
|
|
"indicator--567957e3-fd68-4c7a-9b20-4e1f950d210f",
|
|
"indicator--567957e4-fb88-4bc9-90e3-4ddf950d210f",
|
|
"indicator--567957e4-29f0-41a2-a11b-4a51950d210f",
|
|
"indicator--567957e4-d6bc-4fee-85cc-4e92950d210f",
|
|
"indicator--567957e4-3458-4186-846a-4ccf950d210f",
|
|
"indicator--567957e5-2a18-48c7-bfde-4a35950d210f",
|
|
"indicator--567957e5-8f28-42fe-9f15-4e75950d210f",
|
|
"indicator--567957e5-3244-407e-b1bb-40dd950d210f",
|
|
"indicator--567957e6-8ab8-47d7-9c6a-4373950d210f",
|
|
"indicator--567957e6-83b8-4ee4-a4de-479e950d210f",
|
|
"indicator--567957e6-ae3c-40e6-bc98-4177950d210f",
|
|
"indicator--567957e6-8904-4f2e-b5ad-4f24950d210f",
|
|
"indicator--567957e7-96b8-4a5f-92f5-4161950d210f",
|
|
"indicator--567957e7-9c84-459e-9b8f-4924950d210f",
|
|
"indicator--567957e7-c8a4-4628-8ec1-4358950d210f",
|
|
"indicator--567957e8-97e0-40b6-8da8-4b38950d210f",
|
|
"indicator--567957e8-4848-49f6-b6ce-4b96950d210f",
|
|
"indicator--567957e8-51ec-4450-8bfe-48ac950d210f",
|
|
"indicator--567957e8-0fc4-4595-8e95-4827950d210f",
|
|
"indicator--567957e9-9ec0-45a9-bf2a-4ba6950d210f",
|
|
"indicator--567957e9-7abc-4a3a-824f-4e9c950d210f",
|
|
"indicator--567957e9-c014-4b30-874d-42cf950d210f",
|
|
"indicator--567957e9-27c8-4fe5-b41b-4116950d210f",
|
|
"indicator--567957ea-4cac-47df-8384-465e950d210f",
|
|
"indicator--567957ea-ed74-4bf9-89bf-4f83950d210f",
|
|
"indicator--567957ea-9e04-48b0-85bf-4eec950d210f",
|
|
"indicator--567957eb-f890-4b7e-9604-4ebd950d210f",
|
|
"indicator--567957eb-99c8-4685-8183-4490950d210f",
|
|
"indicator--567957eb-7008-473f-abca-46f8950d210f",
|
|
"indicator--567957ec-4878-4141-8f91-4dab950d210f",
|
|
"indicator--567957ec-d7cc-4641-b46e-4573950d210f",
|
|
"indicator--567957ec-ca18-4f3a-a25b-495d950d210f",
|
|
"indicator--567957ec-07ec-403b-a2c6-47fa950d210f",
|
|
"indicator--567957ed-a714-4b13-89f8-4509950d210f",
|
|
"indicator--567957ed-c8b0-48d7-a8c4-4cc4950d210f",
|
|
"indicator--567957ed-1650-4170-95e7-487b950d210f",
|
|
"indicator--567957ed-1768-470f-9a16-4de3950d210f",
|
|
"indicator--567957ee-ecc4-4153-8083-47d7950d210f",
|
|
"indicator--567957ee-8dec-4cce-822d-48ad950d210f",
|
|
"indicator--567957ee-904c-4492-91ac-4dbd950d210f",
|
|
"indicator--567957ee-9d60-42d2-a857-4297950d210f",
|
|
"indicator--567957ef-4e60-4590-8890-416d950d210f",
|
|
"indicator--567957ef-d584-4d72-a436-49a6950d210f",
|
|
"indicator--567957ef-56b8-409a-94f9-4e38950d210f",
|
|
"indicator--567957ef-2330-42c3-b537-4e95950d210f",
|
|
"indicator--567957f0-5d2c-4f05-a451-4822950d210f",
|
|
"indicator--567957f0-ee60-4961-ab03-40c3950d210f",
|
|
"indicator--567957f0-c078-4ae4-8c87-4cf7950d210f",
|
|
"indicator--567957f0-52fc-43bb-9249-457c950d210f",
|
|
"indicator--567957f1-6c2c-4e0f-94fa-4baa950d210f",
|
|
"indicator--567957f1-847c-4254-ab39-4a39950d210f",
|
|
"indicator--567957f1-d2f0-449b-9a9d-46cf950d210f",
|
|
"indicator--567957f2-6e3c-4dde-b912-4a33950d210f",
|
|
"indicator--567957f2-4b70-4dd4-b2f4-40a0950d210f",
|
|
"indicator--567957f2-42b8-4d0c-85e7-43cf950d210f",
|
|
"indicator--567957f2-09b4-40ef-84fa-476b950d210f",
|
|
"indicator--567957f2-5af8-4b7b-be47-4735950d210f",
|
|
"indicator--567957f3-1580-4ce1-b0cb-4c85950d210f",
|
|
"indicator--567957f3-8184-473a-9321-483d950d210f",
|
|
"indicator--567957f3-c3f8-4512-af10-4cb9950d210f",
|
|
"indicator--567957f3-49b0-4c28-b4a3-4fc2950d210f",
|
|
"indicator--567957f4-2c34-4aee-af98-42f3950d210f",
|
|
"indicator--567957f4-9994-4ec2-ae9e-4759950d210f",
|
|
"indicator--567957f4-5168-4359-b04c-4d0c950d210f",
|
|
"indicator--567957f4-fa9c-44a4-aef2-4201950d210f",
|
|
"indicator--567957f5-e648-41ea-a639-4085950d210f",
|
|
"indicator--567957f5-22ac-4157-920e-4476950d210f",
|
|
"indicator--567957f5-e6a8-4685-ad7e-447d950d210f",
|
|
"indicator--567957f5-a1f4-4e4e-b8e5-4796950d210f",
|
|
"indicator--567957f6-d098-4be0-abc2-4de1950d210f",
|
|
"indicator--567957f6-c72c-4731-88aa-479f950d210f",
|
|
"indicator--567957f6-26e0-4f7e-9bf2-401d950d210f",
|
|
"indicator--567957f6-eb7c-4cb3-b64e-44b5950d210f",
|
|
"indicator--567957f6-3bc8-4b04-8c3c-4db6950d210f",
|
|
"indicator--567957f7-f8d8-430c-aff7-4b35950d210f",
|
|
"indicator--567957f7-bc04-4cc7-ae89-4725950d210f",
|
|
"indicator--567957f7-68dc-4a2a-8ff2-4746950d210f",
|
|
"indicator--567957f7-b1a0-4237-ae90-420b950d210f",
|
|
"indicator--567957f8-ced0-4a8e-8814-4ab3950d210f",
|
|
"indicator--567957f8-c150-429d-9e68-4419950d210f",
|
|
"indicator--567957f8-5cc0-4bb7-a28d-47f9950d210f",
|
|
"indicator--567957f8-b5a4-473c-9768-4f28950d210f",
|
|
"indicator--567957f9-a158-40bf-bfc0-4d96950d210f",
|
|
"indicator--567957f9-40b8-445d-9faa-47d9950d210f",
|
|
"indicator--567957f9-5120-4f32-bd1c-43ba950d210f",
|
|
"indicator--567957f9-ec14-4f3f-acf3-42aa950d210f",
|
|
"indicator--567957f9-fda8-4380-9ead-4843950d210f",
|
|
"indicator--567957fa-31c8-47c1-983f-4708950d210f",
|
|
"indicator--567957fa-b328-4834-b10e-4d70950d210f",
|
|
"indicator--567957fa-6a08-4d9c-9b0f-46e6950d210f",
|
|
"indicator--567957fb-97e8-4b68-8dce-464a950d210f",
|
|
"indicator--567957fb-f574-48b7-8c0e-4154950d210f",
|
|
"indicator--567957fb-549c-4353-a4a3-4156950d210f",
|
|
"indicator--567957fb-bee4-4142-8051-4d0b950d210f",
|
|
"indicator--567957fc-1bcc-48d8-8eb0-4886950d210f",
|
|
"indicator--567957fc-5710-4d96-ace1-4c30950d210f",
|
|
"indicator--567957fc-5bc0-4a7e-9217-4044950d210f",
|
|
"indicator--567957fd-68e4-4b2f-bfed-4756950d210f",
|
|
"indicator--567957fd-7508-41a6-a2d2-438c950d210f",
|
|
"indicator--567957fd-3230-49c4-adea-45ed950d210f",
|
|
"indicator--567957fd-f5f8-4a3f-8faa-4815950d210f",
|
|
"indicator--567957fe-d8d8-49e3-b4e0-4583950d210f",
|
|
"indicator--567957fe-e0cc-4995-a679-4545950d210f",
|
|
"indicator--567957fe-4824-4815-b242-4224950d210f",
|
|
"indicator--567957ff-5d0c-4592-937c-48ab950d210f",
|
|
"indicator--567957ff-c8d0-4b46-b628-47df950d210f",
|
|
"indicator--567957ff-80e0-4555-8a7e-4b14950d210f",
|
|
"indicator--56795800-8d8c-412a-aa15-4096950d210f",
|
|
"indicator--56795800-d104-4a00-ad02-47c1950d210f",
|
|
"indicator--56795800-1eb0-4b06-b745-4e85950d210f",
|
|
"indicator--56795800-aa90-4b50-8444-43e7950d210f",
|
|
"indicator--56795801-8474-48c5-9a26-4fdb950d210f",
|
|
"indicator--56795801-b8c4-45f8-a144-47f4950d210f",
|
|
"indicator--56795801-b674-4288-bfb6-4b40950d210f",
|
|
"indicator--56795802-79c4-43e7-9d97-430a950d210f",
|
|
"indicator--56795802-1520-48a7-b209-4f49950d210f",
|
|
"indicator--56795802-8a7c-4b97-9559-4f37950d210f",
|
|
"indicator--56795802-db0c-4b50-b0aa-4a54950d210f",
|
|
"indicator--56795803-f920-4303-b655-4fea950d210f",
|
|
"indicator--56795803-f2a8-4c49-82e6-4ad0950d210f",
|
|
"indicator--56795803-6854-4e3c-b2f4-4db8950d210f",
|
|
"indicator--56795804-16bc-4b8b-8743-4e22950d210f",
|
|
"indicator--56795804-ea3c-4e86-9846-46b7950d210f",
|
|
"indicator--56795804-81d4-4740-bdf3-481c950d210f",
|
|
"indicator--56795805-9c54-41bb-9952-4590950d210f",
|
|
"indicator--56795805-7b68-4e4b-9654-468c950d210f",
|
|
"indicator--56795805-ac84-46ab-a972-430e950d210f",
|
|
"indicator--56795805-a7e8-4f99-b852-4ef6950d210f",
|
|
"indicator--56795806-2bdc-4636-bda8-4b87950d210f",
|
|
"indicator--56795806-2778-4c3c-b287-4b33950d210f",
|
|
"indicator--56795806-29b8-4854-a7f1-4b96950d210f",
|
|
"indicator--56795807-e0b4-4745-b228-4b86950d210f",
|
|
"indicator--56795807-a260-43f8-93c3-4f03950d210f",
|
|
"indicator--56795807-29ec-4058-a56c-4adc950d210f",
|
|
"indicator--56795807-01f8-4b6d-8b10-4a5a950d210f",
|
|
"indicator--56795808-bc14-4763-ad4e-4fd0950d210f",
|
|
"indicator--56795808-530c-4d71-bb38-44a1950d210f",
|
|
"indicator--56795808-ec34-434e-9cee-48bc950d210f",
|
|
"indicator--56795809-9d78-43d7-a9ce-4b5a950d210f",
|
|
"indicator--56795809-e19c-4e58-be18-49a5950d210f",
|
|
"indicator--56795809-1e94-40e8-8f1b-4369950d210f",
|
|
"indicator--5679580a-8518-4357-8c29-4f8e950d210f",
|
|
"indicator--5679580a-eafc-4356-9dbf-44a3950d210f",
|
|
"indicator--5679580a-357c-456a-b8e2-4ebd950d210f",
|
|
"indicator--5679580a-5dd0-4419-88a2-4755950d210f",
|
|
"indicator--5679580b-4ca0-4cee-99a2-49d2950d210f",
|
|
"indicator--5679580b-a258-456d-b1eb-4e43950d210f",
|
|
"indicator--5679580b-ec10-4258-a44c-44cf950d210f",
|
|
"indicator--5679580c-f070-486d-a861-49e2950d210f",
|
|
"indicator--5679580c-1318-45ac-bc27-4ac5950d210f",
|
|
"indicator--5679580c-ffbc-4d15-95cb-4534950d210f",
|
|
"indicator--5679580c-d6d4-4607-af6b-47a9950d210f",
|
|
"indicator--5679580d-89cc-4fb7-9079-4d85950d210f",
|
|
"indicator--5679580d-2c70-43c8-be46-420c950d210f",
|
|
"indicator--5679580d-105c-4871-8d68-4bf1950d210f",
|
|
"indicator--5679580e-a260-4b27-aee9-4c61950d210f",
|
|
"indicator--5679580e-19cc-4c70-8f3f-4e94950d210f",
|
|
"indicator--5679580e-c6ec-4477-b48c-4e50950d210f",
|
|
"indicator--5679580f-1330-40b2-bdad-4f00950d210f",
|
|
"indicator--5679580f-7d00-4015-a677-4f20950d210f",
|
|
"indicator--5679580f-b1f4-472a-a3e2-4e8e950d210f",
|
|
"indicator--5679580f-6954-425b-b34f-4c43950d210f",
|
|
"indicator--56795810-c7e4-4129-91d6-4490950d210f",
|
|
"indicator--56795810-3b04-432d-9c24-4290950d210f",
|
|
"indicator--56795810-6bd0-4122-b1f4-433f950d210f",
|
|
"indicator--56795810-e5ac-44b3-9c2f-4e57950d210f",
|
|
"indicator--56795811-b300-4dcd-b469-4b8c950d210f",
|
|
"indicator--56795811-b8c8-42b8-b550-48ca950d210f",
|
|
"indicator--56795811-d3e8-49f4-a0ad-4d6d950d210f",
|
|
"indicator--56795812-4f18-442e-9366-45e1950d210f",
|
|
"indicator--56795812-03f8-4eea-ab27-440a950d210f",
|
|
"indicator--56795812-9e28-44f1-aa69-42b6950d210f",
|
|
"indicator--56795813-8e14-430b-a8a7-48b8950d210f",
|
|
"indicator--56795813-b070-4fe9-a5c3-4ab9950d210f",
|
|
"indicator--56795813-e05c-49e9-b06e-4a85950d210f",
|
|
"indicator--56795814-0c6c-4dfd-8d16-4872950d210f",
|
|
"indicator--56795814-c3cc-48c4-affc-4a5b950d210f",
|
|
"indicator--56795814-bf88-4349-b7c7-4ff3950d210f",
|
|
"indicator--56795815-067c-4ebc-98c2-4d75950d210f",
|
|
"indicator--56795815-32c4-4450-952b-4d15950d210f",
|
|
"indicator--56795815-3100-4728-b9d3-4b8f950d210f",
|
|
"indicator--56795815-3a04-4414-a283-48b3950d210f",
|
|
"indicator--56795815-f50c-445f-9600-4f13950d210f",
|
|
"indicator--56795816-5a64-419d-b34a-4089950d210f",
|
|
"indicator--56795816-ea60-45fa-8108-4e6e950d210f",
|
|
"indicator--56795816-1d40-4001-9f93-420e950d210f",
|
|
"indicator--56795817-f280-48b9-92e3-4f3b950d210f",
|
|
"indicator--56795817-692c-45fe-839e-41e5950d210f",
|
|
"indicator--56795817-9b98-4619-892b-450a950d210f",
|
|
"indicator--56795817-4300-454d-872c-40a9950d210f",
|
|
"indicator--56795818-95e0-4742-964b-4b92950d210f",
|
|
"indicator--56795818-edf0-4ab6-a51e-4965950d210f",
|
|
"indicator--56795818-7f08-41eb-a5dd-4ae9950d210f",
|
|
"indicator--56795819-d734-4aac-a629-4a46950d210f",
|
|
"indicator--56795819-7b8c-4a59-94a6-4c6f950d210f",
|
|
"indicator--56795819-1494-42d1-85a0-48a3950d210f",
|
|
"indicator--5679581a-3b10-4f8a-a216-4609950d210f",
|
|
"indicator--5679581a-ab18-42ce-adda-4cb3950d210f",
|
|
"indicator--5679581a-4b6c-4b2f-b4fb-4c71950d210f",
|
|
"indicator--5679581a-b9c0-4634-b877-458a950d210f",
|
|
"indicator--5679581b-5c20-418f-8ae1-423d950d210f",
|
|
"indicator--5679581b-9a6c-4250-8f3d-4eb5950d210f",
|
|
"indicator--5679581b-d9cc-43a7-86fd-4308950d210f",
|
|
"indicator--5679581c-1728-41c2-a706-4fbf950d210f",
|
|
"indicator--5679581c-b358-4b33-9dd4-4aea950d210f",
|
|
"indicator--5679581c-2700-477a-93ff-437e950d210f",
|
|
"indicator--5679581c-dd40-4437-bc35-49d4950d210f",
|
|
"indicator--5679581d-c268-4bc5-ba36-40f1950d210f",
|
|
"indicator--5679581d-d3a0-4a96-89b5-4fff950d210f",
|
|
"indicator--5679581d-95b0-4066-8fda-460d950d210f",
|
|
"indicator--5679581e-d700-4a01-91fd-4f34950d210f",
|
|
"indicator--5679581e-7154-420b-8206-49e7950d210f",
|
|
"indicator--5679581e-9078-4585-8456-4c44950d210f",
|
|
"indicator--5679581f-9148-41f7-839f-4fbf950d210f",
|
|
"indicator--5679581f-f278-4fd3-8058-4b95950d210f",
|
|
"indicator--5679581f-aff4-483d-86d2-469b950d210f",
|
|
"indicator--5679581f-8cfc-4379-888c-43aa950d210f",
|
|
"indicator--56795820-821c-41c8-af36-4953950d210f",
|
|
"indicator--56795820-2878-4b8b-8e8f-4657950d210f",
|
|
"indicator--56795820-249c-425b-9130-4c12950d210f",
|
|
"indicator--56795821-96c4-47af-940e-497f950d210f",
|
|
"indicator--56795821-1e68-40b6-9a89-4a2a950d210f",
|
|
"indicator--56795821-b9bc-4ad5-bcb9-40c5950d210f",
|
|
"indicator--56795821-2d88-40ef-b8fe-4c1e950d210f",
|
|
"indicator--56795822-1770-4c2c-ac88-4c5c950d210f",
|
|
"indicator--56795822-0ba8-45a0-babc-498b950d210f",
|
|
"indicator--56795822-dc48-4602-8110-488e950d210f",
|
|
"indicator--56795823-a9ec-495b-aed1-4b5c950d210f",
|
|
"indicator--56795823-0290-4771-8aa9-4126950d210f",
|
|
"indicator--56795823-6f40-40b1-8df0-4792950d210f",
|
|
"indicator--56795824-7930-43bf-9ca4-40d3950d210f",
|
|
"indicator--56795824-8c44-4b58-9653-4fc7950d210f",
|
|
"indicator--56795824-f318-4420-9362-4a76950d210f",
|
|
"indicator--56795824-9c70-424a-9087-4b43950d210f",
|
|
"indicator--56795825-2a60-458e-9abe-42fa950d210f",
|
|
"indicator--56795825-9210-4882-af17-4151950d210f",
|
|
"indicator--56795825-5f10-4338-a1bc-4460950d210f",
|
|
"indicator--56795826-03bc-4df4-988d-48cf950d210f",
|
|
"indicator--56795826-f2f0-4e06-8911-4306950d210f",
|
|
"indicator--56795826-2de0-4fa6-bc3c-4c20950d210f",
|
|
"indicator--56795826-e630-41f4-881c-463b950d210f",
|
|
"indicator--56795827-9af8-4881-8d75-4d46950d210f",
|
|
"indicator--56795827-4744-4dc4-89f2-42c9950d210f",
|
|
"indicator--56795827-a238-41ed-9f44-48fc950d210f",
|
|
"indicator--56795828-ec90-4659-ae89-481d950d210f",
|
|
"indicator--56795828-62ec-4136-bb88-48ec950d210f",
|
|
"indicator--56795829-3db0-4307-b7d6-47b1950d210f",
|
|
"indicator--56795829-106c-4f06-bb9b-445d950d210f",
|
|
"indicator--56795829-623c-4b1a-8153-4021950d210f",
|
|
"indicator--5679582a-5d70-44f9-9c65-432e950d210f",
|
|
"indicator--5679582a-5f40-4713-8dbc-4c5a950d210f",
|
|
"indicator--5679582a-10c4-488b-ad0b-4890950d210f",
|
|
"indicator--5679582b-cae8-4031-834b-4962950d210f",
|
|
"indicator--5679582b-f7ec-4283-8266-47f3950d210f",
|
|
"indicator--5679582b-5dd4-470c-9636-4fbb950d210f",
|
|
"indicator--5679582b-9490-46b3-a66e-4696950d210f",
|
|
"indicator--5679582c-4ca0-4104-94c8-40c3950d210f",
|
|
"indicator--5679582c-55fc-4b5f-9926-428c950d210f",
|
|
"indicator--5679582c-e560-4955-8b7b-4cd0950d210f",
|
|
"indicator--5679582c-70dc-4916-ad70-41fc950d210f",
|
|
"indicator--5679582d-b73c-4d65-b0ef-474d950d210f",
|
|
"indicator--5679582d-da68-45bb-bc78-4c0f950d210f",
|
|
"indicator--5679582d-a9f0-44b9-84c4-48ec950d210f",
|
|
"indicator--5679582d-0ce8-4fae-a166-4a89950d210f",
|
|
"indicator--5679582e-0e20-42a0-9138-43d0950d210f",
|
|
"indicator--5679582e-fbb4-43e1-963d-467b950d210f",
|
|
"indicator--5679582e-8c44-4f7f-aa80-40b1950d210f",
|
|
"indicator--5679582e-b0a0-40f2-9180-45ad950d210f",
|
|
"indicator--5679582f-dd20-4246-ab55-42c7950d210f",
|
|
"indicator--5679582f-3ac4-4293-9e10-4d29950d210f",
|
|
"indicator--5679582f-eb38-49a3-a691-4487950d210f",
|
|
"indicator--56795830-7f8c-4202-8d47-45a8950d210f",
|
|
"indicator--56795830-b194-4536-9c9e-43aa950d210f",
|
|
"indicator--56795830-56b4-4b3b-9363-4bdc950d210f",
|
|
"indicator--56795831-70e0-4d57-9a20-491a950d210f",
|
|
"indicator--56795831-56bc-47d6-a862-4c00950d210f",
|
|
"indicator--56795831-1744-4186-982b-483d950d210f",
|
|
"indicator--56795831-2bd4-417b-8641-45e0950d210f",
|
|
"indicator--56795832-87c4-405c-a450-47d2950d210f",
|
|
"indicator--56795832-d1e0-4390-9f6b-417a950d210f",
|
|
"indicator--56795832-d724-4ce4-b9a0-4b8a950d210f",
|
|
"indicator--56795833-4d48-47b4-8eab-42ed950d210f",
|
|
"indicator--56795833-3c50-4a9c-a538-4006950d210f",
|
|
"indicator--56795833-a748-4551-9da6-43bc950d210f",
|
|
"indicator--56795834-9a18-447f-b389-4a49950d210f",
|
|
"indicator--56795834-6e60-47a8-8b67-424e950d210f",
|
|
"indicator--56795834-a928-49bd-b44a-42ca950d210f",
|
|
"indicator--56795834-7900-4c21-beaf-47f9950d210f",
|
|
"indicator--56795835-eedc-4ec3-a760-491b950d210f",
|
|
"indicator--56795835-5b34-4382-b437-411a950d210f",
|
|
"indicator--56795835-9b70-4efd-ad64-4231950d210f",
|
|
"indicator--56795836-c530-4264-bd73-4303950d210f",
|
|
"indicator--56795836-3dc0-4ae8-9ae9-4003950d210f",
|
|
"indicator--56795836-365c-4fa8-9a8d-47a2950d210f",
|
|
"indicator--56795836-5acc-431e-aa1b-4010950d210f",
|
|
"indicator--56795837-89a4-46ee-91e7-4e93950d210f",
|
|
"indicator--56795837-6a88-4065-9786-4948950d210f",
|
|
"indicator--56795837-6644-41bf-9c7f-4a78950d210f",
|
|
"indicator--56795838-f410-4e56-9b17-408f950d210f",
|
|
"indicator--56795838-2b50-4940-8b4f-4d5a950d210f",
|
|
"indicator--56795838-c5f4-4e8a-9b63-48ec950d210f",
|
|
"indicator--56795839-1b30-412c-b6c3-46d3950d210f",
|
|
"indicator--56795839-df74-47dc-a598-4782950d210f",
|
|
"indicator--56795839-6d00-4c65-a633-40fb950d210f",
|
|
"indicator--56795839-8350-4bef-9a28-4688950d210f",
|
|
"indicator--5679583a-50d0-40b8-8c9a-4a86950d210f",
|
|
"indicator--5679583a-c0c0-4d01-8a60-4e0d950d210f",
|
|
"indicator--5679583a-83dc-4b7e-9d36-4f77950d210f",
|
|
"indicator--5679583b-7788-44bf-a13c-447e950d210f",
|
|
"indicator--5679583b-08a0-44d5-9217-4155950d210f",
|
|
"indicator--5679583b-f92c-4083-a33d-42a0950d210f",
|
|
"indicator--5679583b-50c4-4908-8716-4108950d210f",
|
|
"indicator--5679583c-8020-4008-ab38-4772950d210f",
|
|
"indicator--5679583c-0dec-49f2-813d-4a61950d210f",
|
|
"indicator--5679583c-df4c-4937-93a2-4a05950d210f",
|
|
"indicator--5679583d-cca8-4979-82a1-4adc950d210f",
|
|
"indicator--5679583d-8d90-4669-9d46-4386950d210f",
|
|
"indicator--5679583d-ab2c-45c4-8dda-4c0b950d210f",
|
|
"indicator--5679583e-97d8-41ac-978c-44a8950d210f",
|
|
"indicator--5679583e-ed6c-47e2-8b8c-48d1950d210f",
|
|
"indicator--5679583e-2550-41fb-90c0-4ba2950d210f",
|
|
"indicator--5679583e-1404-4731-ac2b-40de950d210f",
|
|
"indicator--5679583f-2ce0-462d-ae31-4f45950d210f",
|
|
"indicator--5679583f-4c58-43fe-8a3f-4c50950d210f",
|
|
"indicator--5679583f-2cb0-4864-bea8-45a5950d210f",
|
|
"indicator--56795840-520c-494e-919f-42b5950d210f",
|
|
"indicator--56795840-b5b0-4f17-9b78-4cf0950d210f",
|
|
"indicator--56795840-bfbc-4c86-be61-4cb5950d210f",
|
|
"indicator--56795840-f8f4-440b-b9d3-411a950d210f",
|
|
"indicator--56795841-2350-463e-9e5c-428b950d210f",
|
|
"indicator--56795841-1c7c-4ca8-828d-452e950d210f",
|
|
"indicator--56795841-69c4-4b49-9827-42d2950d210f",
|
|
"indicator--56795842-06f8-4c55-ac49-4b73950d210f",
|
|
"indicator--56795842-85b4-4e21-b4f0-476e950d210f",
|
|
"indicator--56795842-c178-4727-9b54-4609950d210f",
|
|
"indicator--56795843-b734-4c74-aa2f-4eb6950d210f",
|
|
"indicator--56795843-8d4c-4e9c-8d04-4934950d210f",
|
|
"indicator--56795843-8ecc-41d7-ab66-42d2950d210f",
|
|
"indicator--56795843-3be0-48e4-a5f2-4c0d950d210f",
|
|
"indicator--56795844-3d48-45f0-ad8a-4528950d210f",
|
|
"indicator--56795844-8268-453c-99a3-47b4950d210f",
|
|
"indicator--56795844-0bc8-4dac-92bb-43ea950d210f",
|
|
"indicator--56795845-4474-4ee6-a9a5-4873950d210f",
|
|
"indicator--56795845-cb28-4a2a-8690-43b6950d210f",
|
|
"indicator--56795845-64a0-46bb-8e10-481f950d210f",
|
|
"indicator--56795845-11c8-45dd-8da3-4675950d210f",
|
|
"indicator--56795846-87d4-45de-9849-4dae950d210f",
|
|
"indicator--56795846-ae24-4cfa-89bb-4261950d210f",
|
|
"indicator--56795846-1bdc-4c89-8922-47f6950d210f",
|
|
"indicator--56795847-47dc-4236-b6ca-4479950d210f",
|
|
"indicator--56795847-78dc-41d6-83c7-4331950d210f",
|
|
"indicator--56795847-77e4-45a6-ab27-4195950d210f",
|
|
"indicator--56795848-ac68-49d6-bb0e-47ed950d210f",
|
|
"indicator--56795848-4a24-497f-8130-4f9f950d210f",
|
|
"indicator--56795848-4324-4d59-96bb-4965950d210f",
|
|
"indicator--56795848-6c98-44ee-aa9d-42f0950d210f",
|
|
"indicator--56795849-efe0-4d22-9086-4670950d210f",
|
|
"indicator--56795849-a060-4759-a319-407a950d210f",
|
|
"indicator--56795849-72b8-479b-af37-4c3b950d210f",
|
|
"indicator--5679584a-0e6c-47ec-bbe1-4584950d210f",
|
|
"indicator--5679584a-9320-4ae2-9b95-4b94950d210f",
|
|
"indicator--5679584a-4d64-4c44-8bd3-4c25950d210f",
|
|
"indicator--5679584a-120c-4e46-bba3-4572950d210f",
|
|
"indicator--5679584b-15a8-471e-b32d-44ba950d210f",
|
|
"indicator--5679584b-62dc-442c-8d2d-4541950d210f",
|
|
"indicator--5679584b-350c-46ec-ac30-4788950d210f",
|
|
"indicator--5679584c-a158-4589-970f-4aa2950d210f",
|
|
"indicator--5679584c-42c0-4dc8-b96f-4890950d210f",
|
|
"indicator--5679584c-64c4-4b77-b525-4d9a950d210f",
|
|
"indicator--5679584d-94f4-45b8-b9fc-429b950d210f",
|
|
"indicator--5679584d-8c4c-4134-b0d2-4e3b950d210f",
|
|
"indicator--5679584d-feec-4b8b-943e-4851950d210f",
|
|
"indicator--5679584d-d888-46cc-a192-44ae950d210f",
|
|
"indicator--5679584e-3274-44a8-a060-4e56950d210f",
|
|
"indicator--5679584e-1e7c-473c-8de4-4e56950d210f",
|
|
"indicator--5679584e-3508-4ef0-ba70-4f23950d210f",
|
|
"indicator--5679584f-e8cc-4360-8413-4bc3950d210f",
|
|
"indicator--5679584f-a3ec-4be6-bb33-4c4d950d210f",
|
|
"indicator--5679584f-1a88-4295-9adb-463c950d210f",
|
|
"indicator--5679584f-43f8-4ec6-b234-4d5b950d210f",
|
|
"indicator--56795850-7c5c-4ffd-8882-4709950d210f",
|
|
"indicator--56795850-b2b4-4976-9cd3-4227950d210f",
|
|
"indicator--56795850-4c1c-4e8e-8c9b-4af1950d210f",
|
|
"indicator--56795850-0678-4ee3-8a07-4c86950d210f",
|
|
"indicator--56795851-2e74-4a51-b235-4fd1950d210f",
|
|
"indicator--56795851-6e50-4583-92b1-464c950d210f",
|
|
"indicator--56795851-dc80-4c89-a099-4521950d210f",
|
|
"indicator--56795852-8bc8-435d-83bc-4721950d210f",
|
|
"indicator--56795852-7978-4ce2-b0d7-417c950d210f",
|
|
"indicator--56795852-411c-4aed-8854-406d950d210f",
|
|
"indicator--56795852-80c8-48a3-9ad9-4959950d210f",
|
|
"indicator--56795853-2010-488a-93fe-4dc4950d210f",
|
|
"indicator--56795853-f9ac-4d37-96ac-438e950d210f",
|
|
"indicator--56795853-7d98-43bc-ac2f-4763950d210f",
|
|
"indicator--56795854-f970-4c21-ae2b-4939950d210f",
|
|
"indicator--56795854-81e8-47a4-8a0e-45f8950d210f",
|
|
"indicator--56795854-6610-421d-83da-4240950d210f",
|
|
"indicator--56795855-6e10-4669-a9b1-4621950d210f",
|
|
"indicator--56795855-3ac8-43af-9133-4305950d210f",
|
|
"indicator--56795855-2038-4afe-b3cb-49eb950d210f",
|
|
"indicator--56795855-f1f4-4be6-ac9c-4e05950d210f",
|
|
"indicator--56795856-2998-4ddc-9c1c-4827950d210f",
|
|
"indicator--56795856-2274-4dea-a96d-4c84950d210f",
|
|
"indicator--56795856-e1a8-41ba-acd4-4a3c950d210f",
|
|
"indicator--56795857-c0b4-4a71-9107-4473950d210f",
|
|
"indicator--56795857-2c84-411a-9b34-4078950d210f",
|
|
"indicator--56795857-e258-49a0-8006-4f49950d210f",
|
|
"indicator--56795857-ff00-4ad7-8550-426b950d210f",
|
|
"indicator--56795858-fae8-4aa0-b92a-4466950d210f",
|
|
"indicator--56795858-f580-4070-bc38-48ed950d210f",
|
|
"indicator--56795858-39e4-4e8d-953b-4257950d210f",
|
|
"indicator--56795859-3e9c-4e76-91a0-4716950d210f",
|
|
"indicator--56795859-8970-446e-8216-4cbc950d210f",
|
|
"indicator--56795859-70f8-4fca-9e85-4de8950d210f",
|
|
"indicator--5679585a-ce9c-4bd0-b225-413b950d210f",
|
|
"indicator--5679585a-6c9c-456b-b655-4e79950d210f",
|
|
"indicator--5679585a-b4a0-4e65-85e9-4fb3950d210f",
|
|
"indicator--5679585a-e3ec-47e8-b23f-4474950d210f",
|
|
"indicator--5679585b-86ac-43bb-ae99-4363950d210f",
|
|
"indicator--5679585b-54e0-4bb2-9db7-4e00950d210f",
|
|
"indicator--5679585b-4510-413f-9758-4897950d210f",
|
|
"indicator--5679585c-8b48-4eac-b7c8-4761950d210f",
|
|
"indicator--5679585c-d080-42df-adc5-4a6e950d210f",
|
|
"indicator--5679585c-afec-4914-a4ef-42cf950d210f",
|
|
"indicator--5679585c-894c-402e-a61f-4b00950d210f",
|
|
"indicator--5679585d-1dc4-43d6-b3e1-4578950d210f",
|
|
"indicator--5679585d-f378-48dc-b91a-4ee5950d210f",
|
|
"indicator--5679585d-c41c-4500-8d22-4fba950d210f",
|
|
"indicator--5679585e-2b58-4fb0-9a41-4b8e950d210f",
|
|
"indicator--5679585e-e828-475c-b8ed-48fc950d210f",
|
|
"indicator--5679585e-631c-4ea2-b967-4929950d210f",
|
|
"indicator--5679585e-987c-4876-b04b-4947950d210f",
|
|
"indicator--5679585f-30b8-4351-88d9-4417950d210f",
|
|
"indicator--5679585f-8994-4756-8a5b-4285950d210f",
|
|
"indicator--5679585f-8720-4e75-b999-4947950d210f",
|
|
"indicator--56795860-3d70-4a83-8835-422f950d210f",
|
|
"indicator--56795860-9f48-4424-a8ff-435c950d210f",
|
|
"indicator--56795860-286c-455f-b53a-401c950d210f",
|
|
"indicator--56795860-71c8-4014-b30b-4e63950d210f",
|
|
"indicator--56795861-5be0-4d9c-8eb9-4891950d210f",
|
|
"indicator--56795861-e1d4-4ded-8453-4daf950d210f",
|
|
"indicator--56795861-27f4-4239-b8d8-401c950d210f",
|
|
"indicator--56795862-d594-4ee4-ba02-4df5950d210f",
|
|
"indicator--56795862-ae04-48ba-b94a-460d950d210f",
|
|
"indicator--56795862-a2b0-4d91-af7d-476f950d210f",
|
|
"indicator--56795862-4164-49d5-8d6a-47d2950d210f",
|
|
"indicator--56795863-f9f0-41f0-b22d-4ae5950d210f",
|
|
"indicator--56795863-bdc8-4970-b90c-4785950d210f",
|
|
"indicator--56795863-bd94-4207-a233-4236950d210f",
|
|
"indicator--56795864-b848-4949-a773-4a4d950d210f",
|
|
"indicator--56795864-45b0-44f6-a160-4068950d210f",
|
|
"indicator--56795864-afd8-4365-90ef-4aa9950d210f",
|
|
"indicator--56795865-2ea0-491d-a942-4055950d210f",
|
|
"indicator--56795865-9c98-427b-bc17-4292950d210f",
|
|
"indicator--56795865-7a78-4282-9ab8-4c98950d210f",
|
|
"indicator--56795865-4c18-4362-8fbe-4ffb950d210f",
|
|
"indicator--56795866-d900-4e6c-8cf2-43e7950d210f",
|
|
"indicator--56795866-7594-438e-b76e-4631950d210f",
|
|
"indicator--56795866-63e4-4856-9a07-4091950d210f",
|
|
"indicator--56795867-c7ec-4215-8f68-4372950d210f",
|
|
"indicator--56795867-0384-4918-8531-43b7950d210f",
|
|
"indicator--56795867-4778-432f-9648-4332950d210f",
|
|
"indicator--56795867-6834-4574-b5b3-47b7950d210f",
|
|
"indicator--56795868-a50c-41f4-8c49-4cec950d210f",
|
|
"indicator--56795868-a898-4bbb-9021-4265950d210f",
|
|
"indicator--56795868-1654-45d9-9c23-4739950d210f",
|
|
"indicator--56795868-7554-4e01-a17a-4141950d210f",
|
|
"indicator--56795868-8a68-4afe-a189-4743950d210f",
|
|
"indicator--56795869-7730-4fde-a5d2-434d950d210f",
|
|
"indicator--56795869-6ed0-4bb7-83ba-45fb950d210f",
|
|
"indicator--56795869-f258-4ef1-961f-451b950d210f",
|
|
"indicator--5679586a-4298-4d11-8fa9-4c5c950d210f",
|
|
"indicator--5679586a-9ef8-49e2-b530-48ee950d210f",
|
|
"indicator--5679586a-47c0-4891-9c0f-4153950d210f",
|
|
"indicator--5679586a-ca1c-4041-9d63-40a8950d210f",
|
|
"indicator--5679586b-e928-41a6-9dc1-4fe4950d210f",
|
|
"indicator--5679586b-60b8-4914-9e9c-432f950d210f",
|
|
"indicator--5679586b-1fc4-42b1-9838-43cc950d210f",
|
|
"indicator--5679586c-c40c-4fb1-bb70-459f950d210f",
|
|
"indicator--5679586c-8a0c-4ae1-ad86-4df2950d210f",
|
|
"indicator--5679586c-d7c4-4cc3-aec5-47d0950d210f",
|
|
"indicator--5679586c-ad20-4082-a129-46d4950d210f",
|
|
"indicator--5679586d-3604-46d1-99b9-4024950d210f",
|
|
"indicator--5679586d-6dc4-4c79-8b2a-4739950d210f",
|
|
"indicator--5679586d-4850-41da-b579-4c5a950d210f",
|
|
"indicator--5679586e-10bc-466a-b857-4581950d210f",
|
|
"indicator--5679586e-3fe0-48be-8c4a-4d7f950d210f",
|
|
"indicator--5679586e-02a8-4263-99d4-43d2950d210f",
|
|
"indicator--5679586f-d744-4942-ae43-4900950d210f",
|
|
"indicator--5679586f-f484-4cf5-9a4b-4741950d210f",
|
|
"indicator--5679586f-b884-495c-a4f9-4014950d210f",
|
|
"indicator--5679586f-c700-4cf3-913f-45fe950d210f",
|
|
"indicator--56795870-5e00-4f41-bbbe-4326950d210f",
|
|
"indicator--56795870-ea40-456a-96f2-4d0e950d210f",
|
|
"indicator--56795870-9974-454b-9328-411e950d210f",
|
|
"indicator--56795870-322c-4596-930d-4d35950d210f",
|
|
"indicator--56795871-e26c-43cb-9cc5-4c2c950d210f",
|
|
"indicator--56795871-7a8c-48b9-8b1e-4f7f950d210f",
|
|
"indicator--56795871-4230-49ef-adfc-4477950d210f",
|
|
"indicator--56795872-e1ac-4810-8e9f-4930950d210f",
|
|
"indicator--56795872-5968-4299-ba2d-49f5950d210f",
|
|
"indicator--56795872-4c68-486e-b205-47b3950d210f",
|
|
"indicator--56795873-fa6c-452a-9a76-4633950d210f",
|
|
"indicator--56795873-d364-4e09-8946-4db7950d210f",
|
|
"indicator--56795873-26a0-4500-919d-4d67950d210f",
|
|
"indicator--56795873-07c4-4817-ab18-44db950d210f",
|
|
"indicator--56795874-8b0c-4dbd-bcb9-4d9c950d210f",
|
|
"indicator--56795874-b04c-449d-8ead-4113950d210f",
|
|
"indicator--56795874-6eb0-47d0-b2d0-48fd950d210f",
|
|
"indicator--56795875-3fc0-4d7d-bc07-4514950d210f",
|
|
"indicator--56795875-8cd0-4270-b4be-4cc1950d210f",
|
|
"indicator--56795875-e354-4212-99a7-4e9a950d210f",
|
|
"indicator--56795875-05fc-4925-b04f-49e4950d210f",
|
|
"indicator--56795876-1504-49bb-8e2b-4596950d210f",
|
|
"indicator--56795876-0954-4e70-9e32-4841950d210f",
|
|
"indicator--56795876-a1d8-482d-acb0-43f6950d210f",
|
|
"indicator--56795877-ad7c-4e20-a0ac-4bc0950d210f",
|
|
"indicator--56795877-031c-4e39-8820-436c950d210f",
|
|
"indicator--56795877-36f4-4997-8517-4b52950d210f",
|
|
"indicator--56795877-a690-4a54-8cb6-4c8a950d210f",
|
|
"indicator--56795878-3c38-4099-bda5-4d5e950d210f",
|
|
"indicator--56795878-6600-48e3-ac3d-4f10950d210f",
|
|
"indicator--56795878-b480-4e9f-9740-40bb950d210f",
|
|
"indicator--56795879-7038-49f2-a56c-45e3950d210f",
|
|
"indicator--56795879-71bc-4cd1-b847-4c6a950d210f",
|
|
"indicator--56795879-9e3c-4ca9-ab6b-416d950d210f",
|
|
"indicator--5679587a-0078-4162-a9ff-4a45950d210f",
|
|
"indicator--5679587a-7488-49ec-8d48-438e950d210f",
|
|
"indicator--5679587a-3f0c-499f-9ebd-4602950d210f",
|
|
"indicator--5679587a-92d4-4522-ba52-418e950d210f",
|
|
"indicator--5679587b-7448-4ceb-a540-4b84950d210f",
|
|
"indicator--5679587b-45f0-4539-8241-4705950d210f",
|
|
"indicator--5679587b-5150-45b6-9662-4b4d950d210f",
|
|
"indicator--5679587c-35dc-4f9d-a12a-47a4950d210f",
|
|
"indicator--5679587c-c968-42cf-92ce-4375950d210f",
|
|
"indicator--5679587c-164c-4024-83d5-464e950d210f",
|
|
"indicator--5679587c-08dc-4cfc-be3f-4308950d210f",
|
|
"indicator--5679587d-74d0-475e-8ad3-44d8950d210f",
|
|
"indicator--5679587d-bb3c-46e3-8d9d-48c5950d210f",
|
|
"indicator--5679587d-a4d4-452c-88c1-46c5950d210f",
|
|
"indicator--5679587e-8314-4e33-be60-4315950d210f",
|
|
"indicator--5679587e-ace4-4631-b4b8-4d16950d210f",
|
|
"indicator--5679587e-3430-4ba0-9d7a-4aba950d210f",
|
|
"indicator--5679587f-db68-4fed-8914-437e950d210f",
|
|
"indicator--5679587f-24a4-4e7d-bc46-4e8c950d210f",
|
|
"indicator--5679587f-bf10-4899-842d-4142950d210f",
|
|
"indicator--5679587f-d3a8-4116-b09a-434a950d210f",
|
|
"indicator--56795880-4a18-4503-9ec4-417d950d210f",
|
|
"indicator--56795880-0dd4-4087-a599-474d950d210f",
|
|
"indicator--56795880-0a20-4f5d-8e92-4c63950d210f",
|
|
"indicator--56795881-3318-4b5e-ab4b-463a950d210f",
|
|
"indicator--56795881-bb20-46d8-b3b2-4c5e950d210f",
|
|
"indicator--56795881-23c4-4379-92a7-4e4a950d210f",
|
|
"indicator--56795881-20d4-49d5-969d-49f0950d210f",
|
|
"indicator--56795882-a8b8-4753-ab87-419f950d210f",
|
|
"indicator--56795882-3840-4e8c-9e4a-4f93950d210f",
|
|
"indicator--56795882-0e80-4bd2-a164-45c7950d210f",
|
|
"indicator--56795883-6688-41d0-b030-4959950d210f",
|
|
"indicator--56795883-50e8-49da-9b57-489e950d210f",
|
|
"indicator--56795883-ff34-4389-9518-4a87950d210f",
|
|
"indicator--56795884-bae8-4b48-bdf6-40ce950d210f",
|
|
"indicator--56795884-f290-4845-b3fa-4e54950d210f",
|
|
"indicator--56795884-d8a8-434b-985a-4971950d210f",
|
|
"indicator--56795884-0198-40eb-9a5b-444c950d210f",
|
|
"indicator--56795885-636c-470b-952a-461d950d210f",
|
|
"indicator--56795885-3560-40bb-ac44-4f68950d210f",
|
|
"indicator--56795885-429c-40d1-97e6-4745950d210f",
|
|
"indicator--56795886-9e84-4d7b-83ee-4761950d210f",
|
|
"indicator--56795886-c348-403f-a410-4146950d210f",
|
|
"indicator--56795886-cad8-462f-a71f-4316950d210f",
|
|
"indicator--56795886-09a0-4a65-b829-4804950d210f",
|
|
"indicator--56795887-fd3c-40ae-b9ca-4bfe950d210f",
|
|
"indicator--56795887-b4b8-42da-a9de-4d77950d210f",
|
|
"indicator--56795887-8848-4598-9793-4451950d210f",
|
|
"indicator--56795888-5fd8-4e0a-b5f1-4dba950d210f",
|
|
"indicator--56795888-0148-4685-968c-4fbb950d210f",
|
|
"indicator--56795888-2378-477d-a908-4660950d210f",
|
|
"indicator--56795889-66b4-44ec-b304-4d05950d210f",
|
|
"indicator--56795889-9258-4ee0-931b-45a1950d210f",
|
|
"indicator--56795889-5578-41c4-9d75-4b4d950d210f",
|
|
"indicator--56795889-3974-4bac-826a-413a950d210f",
|
|
"indicator--5679588a-15b8-4bda-a81d-494d950d210f",
|
|
"indicator--5679588a-6ebc-44c1-8953-4802950d210f",
|
|
"indicator--5679588a-9f5c-4261-9597-4cf6950d210f",
|
|
"indicator--5679588b-3dbc-4de0-80df-42b2950d210f",
|
|
"indicator--5679588b-9520-492a-9119-4fb9950d210f",
|
|
"indicator--5679588b-5134-444a-922a-4ea0950d210f",
|
|
"indicator--5679588b-4fc0-47a9-ac34-4243950d210f",
|
|
"indicator--5679588c-dba0-4769-89d6-44c6950d210f",
|
|
"indicator--5679588c-58ac-4cec-bfb4-44df950d210f",
|
|
"indicator--5679588c-5a78-4b6a-ae56-4ee2950d210f",
|
|
"indicator--5679588d-30dc-4bfc-ba00-462c950d210f",
|
|
"indicator--5679588d-ad40-4f98-b9c6-4e14950d210f",
|
|
"indicator--5679588d-c3dc-4a51-b8e5-4de6950d210f",
|
|
"indicator--5679588d-1608-4409-8fcd-4080950d210f",
|
|
"indicator--5679588e-4a24-4a63-826f-4318950d210f",
|
|
"indicator--5679588e-028c-43dd-96d2-4d59950d210f",
|
|
"indicator--5679588e-f680-40ee-9fdb-4f07950d210f",
|
|
"indicator--5679588e-4884-4000-9c60-47f0950d210f",
|
|
"indicator--5679588f-391c-49db-ad4f-4ed0950d210f",
|
|
"indicator--5679588f-eef8-4179-bdc7-4e49950d210f",
|
|
"indicator--5679588f-74e4-44d9-a576-4d4e950d210f",
|
|
"indicator--5679588f-0750-47e7-bd91-4476950d210f",
|
|
"indicator--56795890-3d14-4db3-8248-4166950d210f",
|
|
"indicator--56795890-3778-4a02-a95a-4540950d210f",
|
|
"indicator--56795890-d844-4b8d-9296-4dd3950d210f",
|
|
"indicator--56795890-1450-4586-a12b-4216950d210f",
|
|
"indicator--56795891-8844-4982-851e-4987950d210f",
|
|
"indicator--56795891-6370-4d34-bba3-4610950d210f",
|
|
"indicator--56795891-4ac4-40cd-a5bb-4414950d210f",
|
|
"indicator--56795891-176c-4fff-a55d-4a3c950d210f",
|
|
"indicator--56795892-3a78-442a-901e-400d950d210f",
|
|
"indicator--56795892-2414-4a37-9cd0-4323950d210f",
|
|
"indicator--56795892-40c0-4b33-8829-4d97950d210f",
|
|
"indicator--56795892-0b74-44a5-b321-4e98950d210f",
|
|
"indicator--56795893-7af8-4d60-8db8-4f63950d210f",
|
|
"indicator--56795893-c300-41a5-af2a-405f950d210f",
|
|
"indicator--56795893-2d40-4ede-a5ab-465e950d210f",
|
|
"indicator--56795893-7e2c-4dc8-b46a-4738950d210f",
|
|
"indicator--56795894-7d30-4811-b538-447b950d210f",
|
|
"indicator--56795894-0cf8-4a7f-a055-4b49950d210f",
|
|
"indicator--56795894-6f04-4ceb-9219-429a950d210f",
|
|
"indicator--56795895-33d4-4439-998a-4f94950d210f",
|
|
"indicator--56795895-dfbc-4149-aca0-4da2950d210f",
|
|
"indicator--56795895-67f4-4259-a5bf-497f950d210f",
|
|
"indicator--56795895-935c-4f66-99a8-4eaf950d210f",
|
|
"indicator--56795896-44bc-42bb-a733-4a59950d210f",
|
|
"indicator--56795896-cd20-4855-8600-4c18950d210f",
|
|
"indicator--56795896-299c-48fd-bcc6-49fe950d210f",
|
|
"indicator--56795897-3174-4761-bf08-4f02950d210f",
|
|
"indicator--56795897-6b20-411c-8e0f-4399950d210f",
|
|
"indicator--56795897-1a2c-489b-8a72-4cc8950d210f",
|
|
"indicator--56795897-66e0-49c1-981e-4f1f950d210f",
|
|
"indicator--56795898-fab8-40dc-848b-46cc950d210f",
|
|
"indicator--56795898-2e14-432a-80ec-4e18950d210f",
|
|
"indicator--56795898-b2b4-4618-892f-4175950d210f",
|
|
"indicator--56795899-2e6c-4751-8588-453e950d210f",
|
|
"indicator--56795899-3ab8-4b5d-87e6-46b7950d210f",
|
|
"indicator--56795899-0edc-4a3d-97d0-434a950d210f",
|
|
"indicator--56795899-7eb8-4310-924a-470b950d210f",
|
|
"indicator--5679589a-f800-477d-94a6-454a950d210f",
|
|
"indicator--5679589a-632c-4bd9-ae2c-42c2950d210f",
|
|
"indicator--5679589a-1aa0-4d14-b7b4-492f950d210f",
|
|
"indicator--5679589b-44ec-42f4-8a4d-49ac950d210f",
|
|
"indicator--5679589b-66cc-4301-a7db-4e40950d210f",
|
|
"indicator--5679589b-b0e0-4b64-93ed-4647950d210f",
|
|
"indicator--5679589c-bd7c-41ba-af93-4871950d210f",
|
|
"indicator--5679589c-9de0-4fc1-9dc4-44d4950d210f",
|
|
"indicator--5679589c-cb78-44fc-bc7d-4320950d210f",
|
|
"indicator--5679589c-ff14-4cf3-8d8f-4ed8950d210f",
|
|
"indicator--5679589d-b034-4cf0-88c1-43c2950d210f",
|
|
"indicator--5679589d-c148-4147-8d50-4e35950d210f",
|
|
"indicator--5679589d-c1c8-4424-b492-41cd950d210f",
|
|
"indicator--5679589e-e1d8-4747-82f8-40c9950d210f",
|
|
"indicator--5679589e-8ba8-41f5-9025-476d950d210f",
|
|
"indicator--5679589e-c060-4a4d-843a-4642950d210f",
|
|
"indicator--5679589e-c5ac-4633-b44d-4775950d210f",
|
|
"indicator--5679589f-2fd0-495c-a5d7-4a47950d210f",
|
|
"indicator--5679589f-7c50-41df-a35e-4ea1950d210f",
|
|
"indicator--5679589f-b7cc-4a79-9f0f-4ca7950d210f",
|
|
"indicator--5679589f-2f34-4343-90ea-4d03950d210f",
|
|
"indicator--567958a0-756c-4356-889a-4a68950d210f",
|
|
"indicator--567958a0-2c60-4e03-9a17-42fc950d210f",
|
|
"indicator--567958a0-d630-42dc-af56-4ffb950d210f",
|
|
"indicator--567958a1-b9b8-4403-a559-4ade950d210f",
|
|
"indicator--567958a1-7064-4129-acb2-4f48950d210f",
|
|
"indicator--567958a1-f968-4d32-a412-4b3e950d210f",
|
|
"indicator--567958a1-b288-4e7c-971c-4a49950d210f",
|
|
"indicator--567958a2-a63c-4bfd-82cc-41f9950d210f",
|
|
"indicator--567958a2-374c-4e3f-8f46-4db7950d210f",
|
|
"indicator--567958a2-1ec8-4920-a3e0-4180950d210f",
|
|
"indicator--567958a3-cdd8-4c10-a06f-47da950d210f",
|
|
"indicator--567958a3-859c-4973-9ea0-4a83950d210f",
|
|
"indicator--567958a3-0f0c-49c9-b7cf-4a7f950d210f",
|
|
"indicator--567958a3-81ec-4ef8-b8e4-4a72950d210f",
|
|
"indicator--567958a4-03ac-4bca-b27d-4124950d210f",
|
|
"indicator--567958a4-7334-41f7-a055-43a5950d210f",
|
|
"indicator--567958a4-1738-47c1-83de-4eb6950d210f",
|
|
"indicator--567958a5-864c-4050-94f0-4a94950d210f",
|
|
"indicator--567958a5-2f28-4594-bf52-4f98950d210f",
|
|
"indicator--567958a5-4168-4901-abec-4adb950d210f",
|
|
"indicator--567958a6-7e58-41e1-aac1-46f9950d210f",
|
|
"indicator--567958a6-52e4-45d4-9276-4f03950d210f",
|
|
"indicator--567958a6-4df4-4305-a074-4dab950d210f",
|
|
"indicator--567958a6-8dd8-40c0-bd69-43aa950d210f",
|
|
"indicator--567958a7-5d24-4467-aacf-4a6b950d210f",
|
|
"indicator--567958a7-16a8-4feb-a69d-4935950d210f",
|
|
"indicator--567958a7-d170-4b5b-bc54-4519950d210f",
|
|
"indicator--567958a8-90e4-4f30-972f-4b47950d210f",
|
|
"indicator--567958a8-9a28-466a-b0a2-46af950d210f",
|
|
"indicator--567958a8-2bec-4fcf-a5bc-470b950d210f",
|
|
"indicator--567958a9-3af4-4a8d-96f6-482f950d210f",
|
|
"indicator--567958a9-b904-4b7e-8f92-40a3950d210f",
|
|
"indicator--567958a9-3398-477c-bb12-41c8950d210f",
|
|
"indicator--567958a9-2734-46af-a1b3-4976950d210f",
|
|
"indicator--567958aa-c0e4-4b7b-b4ae-48cf950d210f",
|
|
"indicator--567958aa-0d58-4f76-ba5f-4720950d210f",
|
|
"indicator--567958aa-ea28-4cca-8932-4583950d210f",
|
|
"indicator--567958ab-0648-4470-bf84-4e13950d210f",
|
|
"indicator--567958ab-ad0c-4360-b71e-478c950d210f",
|
|
"indicator--567958ab-b4bc-4f7f-a20c-4aac950d210f",
|
|
"indicator--567958ab-34c0-4e65-9a13-4734950d210f",
|
|
"indicator--567958ac-5d68-42a0-9422-4d7e950d210f",
|
|
"indicator--567958ac-5944-4fd6-ad9a-4960950d210f",
|
|
"indicator--567958ac-26d4-425c-b543-4f2b950d210f",
|
|
"indicator--567958ad-4664-4675-9c54-4552950d210f",
|
|
"indicator--567958ad-b04c-4e6a-bf2d-4fde950d210f",
|
|
"indicator--567958ad-7ae4-4059-a1ba-4e1e950d210f",
|
|
"indicator--567958ad-090c-4fa8-b7ba-4a60950d210f",
|
|
"indicator--567958ae-01c0-4690-aa73-42c1950d210f",
|
|
"indicator--567958ae-1a1c-409e-9f09-4b72950d210f",
|
|
"indicator--567958ae-a6cc-4bb8-a13b-47a6950d210f",
|
|
"indicator--567958af-e078-4044-ab3a-427c950d210f",
|
|
"indicator--567958af-9d08-4e3a-8373-413e950d210f",
|
|
"indicator--567958af-e6c0-4f6d-b059-4928950d210f",
|
|
"indicator--567958b0-e5c4-4e73-b058-48a7950d210f",
|
|
"indicator--567958b0-c6a8-46d8-ba70-4b72950d210f",
|
|
"indicator--567958b0-33c8-4624-88bb-4cbc950d210f",
|
|
"indicator--567958b0-ef70-4661-858e-4f2c950d210f",
|
|
"indicator--567958b1-da70-4ceb-8af8-4b8b950d210f",
|
|
"indicator--567958b1-2e78-4322-85bf-42ed950d210f",
|
|
"indicator--567958b1-8628-43ff-8d81-426b950d210f",
|
|
"indicator--567958b1-78b4-4772-9087-4ae7950d210f",
|
|
"indicator--567958b2-f348-44e3-b276-421e950d210f",
|
|
"indicator--567958b2-6c10-4edf-86fb-4b90950d210f",
|
|
"indicator--567958b2-5544-43b8-a288-4dd1950d210f",
|
|
"indicator--567958b2-5ac4-4680-9955-449c950d210f",
|
|
"indicator--567958b3-8774-407f-bfdf-4645950d210f",
|
|
"indicator--567958b3-ce30-4013-ba5d-405c950d210f",
|
|
"indicator--567958b3-1b44-4e66-8533-4556950d210f",
|
|
"indicator--567958b4-09bc-43d0-af6a-4604950d210f",
|
|
"indicator--567958b4-5f0c-483b-adcc-4205950d210f",
|
|
"indicator--567958b4-8b30-4f06-af3b-4088950d210f",
|
|
"indicator--567958b5-5b30-491c-bd5a-432d950d210f",
|
|
"indicator--567958b5-bae4-49cd-aed6-49a1950d210f",
|
|
"indicator--567958b5-5090-4a4c-8156-4f09950d210f",
|
|
"indicator--567958b5-143c-4a09-ab62-471a950d210f",
|
|
"indicator--567958b6-ce10-4bf4-97e4-4549950d210f",
|
|
"indicator--567958b6-5e04-4a95-8970-4245950d210f",
|
|
"indicator--567958b6-4aec-4546-a18d-4b71950d210f",
|
|
"indicator--567958b7-0d18-4ebf-bc50-42aa950d210f",
|
|
"indicator--567958b7-5d10-4130-8948-4463950d210f",
|
|
"indicator--567958b7-d440-42dd-8b76-4c68950d210f",
|
|
"indicator--567958b8-e9e0-4a60-b824-4953950d210f",
|
|
"indicator--567958b8-22a8-482e-8ede-4cbe950d210f",
|
|
"indicator--567958b8-0888-487a-aca2-4c1e950d210f",
|
|
"indicator--567958b8-5434-42d6-b7f7-4585950d210f",
|
|
"indicator--567958b9-8854-499d-98c3-449b950d210f",
|
|
"indicator--567958b9-0d30-4872-b063-4263950d210f",
|
|
"indicator--567958b9-a56c-4013-9703-484c950d210f",
|
|
"indicator--567958ba-286c-47cc-86b7-4c0b950d210f",
|
|
"indicator--567958ba-4d0c-44fd-b860-428a950d210f",
|
|
"indicator--567958ba-0e28-4499-9c7f-4419950d210f",
|
|
"indicator--567958ba-ee44-4220-9d82-4f16950d210f",
|
|
"indicator--567958bb-4ed4-4885-824c-4df8950d210f",
|
|
"indicator--567958bb-7220-4689-903a-410b950d210f",
|
|
"indicator--567958bb-73c8-4d87-a7ee-4807950d210f",
|
|
"indicator--567958bc-0280-42e0-9963-44c4950d210f",
|
|
"indicator--567958bc-0d70-4a11-adaa-4834950d210f",
|
|
"indicator--567958bc-a160-4072-9503-4d43950d210f",
|
|
"indicator--567958bd-6b34-4a5f-90ec-4297950d210f",
|
|
"indicator--567958bd-dd5c-4dd9-b738-41ca950d210f",
|
|
"indicator--567958bd-b988-4c35-aa2e-4fc0950d210f",
|
|
"indicator--567958be-85f0-4c26-bc88-4550950d210f",
|
|
"indicator--567958be-7e44-4f22-a23f-4d3c950d210f",
|
|
"indicator--567958be-b378-478d-a6f2-4e1a950d210f",
|
|
"indicator--567958be-16fc-4e53-bcaf-473e950d210f",
|
|
"indicator--567958bf-9638-4ac8-bd10-426c950d210f",
|
|
"indicator--567958bf-9e90-4c88-95c1-4e00950d210f",
|
|
"indicator--567958bf-091c-4173-8ae2-4b47950d210f",
|
|
"indicator--567958c0-fdac-4564-a120-4e52950d210f",
|
|
"indicator--567958c0-3ac0-4354-b916-4514950d210f",
|
|
"indicator--567958c0-0204-49e6-b430-4c15950d210f",
|
|
"indicator--567958c0-f43c-4b0e-a211-401b950d210f",
|
|
"indicator--567958c1-7f14-408e-b08f-4f33950d210f",
|
|
"indicator--567958c1-dbfc-4be7-b1c7-43a8950d210f",
|
|
"indicator--567958c1-9f94-4f81-b669-4c92950d210f",
|
|
"indicator--567958c2-3dd0-47fe-ae74-480a950d210f",
|
|
"indicator--567958c2-173c-44df-b150-4b5f950d210f",
|
|
"indicator--567958c2-70fc-4c53-9d19-4e06950d210f",
|
|
"indicator--567958c3-643c-4252-9f7a-4fbb950d210f",
|
|
"indicator--567958c3-1208-436e-8df2-44f8950d210f",
|
|
"indicator--567958c3-5ebc-47a1-b79f-41e3950d210f",
|
|
"indicator--567958c4-7598-4d9e-a351-4ef8950d210f",
|
|
"indicator--567958c4-8344-4b9a-9d2d-4d15950d210f",
|
|
"indicator--567958c4-ba3c-4887-bbd2-4351950d210f",
|
|
"indicator--567958c4-78e4-4df0-8005-46cc950d210f",
|
|
"indicator--567958c5-2d44-494d-b232-4334950d210f",
|
|
"indicator--567958c5-193c-42b9-9264-4dca950d210f",
|
|
"indicator--567958c5-c818-4f14-8810-4e8f950d210f",
|
|
"indicator--567958c5-eb74-49fb-a7b5-4ae9950d210f",
|
|
"indicator--567958c6-88bc-49f2-8e12-40b4950d210f",
|
|
"indicator--567958c6-19e8-45a5-9a57-4b57950d210f",
|
|
"indicator--567958c6-ae1c-4cf3-972a-4741950d210f",
|
|
"indicator--567958c7-841c-400e-a478-4e31950d210f",
|
|
"indicator--567958c7-4948-491a-8458-4068950d210f",
|
|
"indicator--567958c7-d430-40ca-978d-48df950d210f",
|
|
"indicator--567958c8-b498-4eab-bc0e-4e92950d210f",
|
|
"indicator--567958c8-4714-4e31-9484-4c37950d210f",
|
|
"indicator--567958c8-ce00-44d5-a46e-4635950d210f",
|
|
"indicator--567958c8-8130-4e2c-85b4-454b950d210f",
|
|
"indicator--567958c9-68f8-4417-881d-4613950d210f",
|
|
"indicator--567958c9-b164-42fb-8226-428f950d210f",
|
|
"indicator--567958c9-f608-429a-ab19-40fa950d210f",
|
|
"indicator--567958ca-705c-4245-b382-4968950d210f",
|
|
"indicator--567958ca-14e4-4bf2-ba2a-43ee950d210f",
|
|
"indicator--567958ca-5094-44e5-b8b2-4cbd950d210f",
|
|
"indicator--567958cb-ec94-48b9-89f0-4f53950d210f",
|
|
"indicator--567958cb-1760-4412-873c-40dd950d210f",
|
|
"indicator--567958cb-2aa8-4dfc-8fd7-4af7950d210f",
|
|
"indicator--567958cb-a3a4-4f38-91c0-4ab0950d210f",
|
|
"indicator--567958cc-3268-4e5f-84f3-456c950d210f",
|
|
"indicator--567958cc-6bf8-49db-b09c-42ff950d210f",
|
|
"indicator--567958cc-3878-4764-8a37-4061950d210f",
|
|
"indicator--567958cd-7e4c-43ad-9e15-4b30950d210f",
|
|
"indicator--567958cd-6da4-411b-8c59-47e1950d210f",
|
|
"indicator--567958cd-5aac-4845-8ff6-4402950d210f",
|
|
"indicator--567958ce-0508-49ff-8ce3-4c3f950d210f",
|
|
"indicator--567958ce-0dc4-46be-9572-4e85950d210f",
|
|
"indicator--567958ce-e894-4cef-ac53-43c0950d210f",
|
|
"indicator--567958ce-b068-4b5a-98d0-4161950d210f",
|
|
"indicator--567958cf-c284-4c56-8db3-47aa950d210f",
|
|
"indicator--567958cf-8a84-42da-b191-4833950d210f",
|
|
"indicator--567958cf-d828-4fdb-bd70-478a950d210f",
|
|
"indicator--567958d0-9454-44b9-a7d2-48e8950d210f",
|
|
"indicator--567958d0-0944-4362-941e-42d0950d210f",
|
|
"indicator--567958d0-6c00-485b-9a80-43af950d210f",
|
|
"indicator--567958d1-f4dc-451c-9f85-4340950d210f",
|
|
"indicator--567958d1-2b14-448a-89f4-4ad4950d210f",
|
|
"indicator--567958d1-957c-4993-a8cd-4af2950d210f",
|
|
"indicator--567958d1-46ec-495a-a3f1-47cd950d210f",
|
|
"indicator--567958d2-e834-4301-acdf-46f1950d210f",
|
|
"indicator--567958d2-6cf8-4cd5-b8de-4170950d210f",
|
|
"indicator--567958d2-5a54-42dc-8f20-456f950d210f",
|
|
"indicator--567958d3-153c-4159-b40b-451a950d210f",
|
|
"indicator--567958d3-0940-4b8b-afd0-4519950d210f",
|
|
"indicator--567958d3-c448-4dbc-a0b6-4012950d210f",
|
|
"indicator--567958d3-5e0c-400f-961d-41f4950d210f",
|
|
"indicator--567958d4-1c94-4278-ae88-4558950d210f",
|
|
"indicator--567958d4-51b4-4f7e-a8ea-4be7950d210f",
|
|
"indicator--567958d4-637c-49dd-8af6-4866950d210f",
|
|
"indicator--567958d5-12e0-4886-bb04-4e92950d210f",
|
|
"indicator--567958d5-f960-4623-9cb3-4623950d210f",
|
|
"indicator--567958d5-e3e4-4e33-a759-4f99950d210f",
|
|
"indicator--567958d5-1d78-4faa-bc83-4b25950d210f",
|
|
"indicator--567958d6-3024-4a52-b1b3-4297950d210f",
|
|
"indicator--567958d6-cee0-473c-89e7-4734950d210f",
|
|
"indicator--567958d6-9a4c-4a6e-9d1b-4f7a950d210f",
|
|
"indicator--567958d7-73fc-4813-b4a2-48fc950d210f",
|
|
"indicator--567958d7-d798-4c53-a56c-4d3b950d210f",
|
|
"indicator--567958d7-38a0-4c1a-a8c3-4fb3950d210f",
|
|
"indicator--567958d8-8b28-4067-84b8-44d4950d210f",
|
|
"indicator--567958d8-7ce4-4201-a778-48f3950d210f",
|
|
"indicator--567958d8-a0bc-44b3-9339-4a3a950d210f",
|
|
"indicator--567958d8-7728-4796-89f7-4761950d210f",
|
|
"indicator--567958d9-b3ac-40a0-a0fe-47db950d210f",
|
|
"indicator--567958d9-16e8-46b6-b6b2-444d950d210f",
|
|
"indicator--567958d9-6774-459f-8c8a-4f74950d210f",
|
|
"indicator--567958d9-047c-4871-ac0a-461e950d210f",
|
|
"indicator--567958da-6e24-4590-be6c-4c54950d210f",
|
|
"indicator--567958da-760c-4602-97d0-4d93950d210f",
|
|
"indicator--567958da-7800-402c-8786-460a950d210f",
|
|
"indicator--567958db-5ca0-448d-b63b-40cb950d210f",
|
|
"indicator--567958db-bbf8-426e-a331-4009950d210f",
|
|
"indicator--567958db-63b0-4746-b14c-4f0c950d210f",
|
|
"indicator--567958db-d094-4d09-a795-401a950d210f",
|
|
"indicator--567958dc-24d8-45ea-82dc-4c70950d210f",
|
|
"indicator--567958dc-5fd4-4dd1-a0ed-4701950d210f",
|
|
"indicator--567958dc-20fc-4dc6-a2a7-4a10950d210f",
|
|
"indicator--567958dd-cd88-4f9c-8caf-4e32950d210f",
|
|
"indicator--567958dd-6068-4382-84be-4cb6950d210f",
|
|
"indicator--567958dd-9700-4c98-9008-4637950d210f",
|
|
"indicator--567958de-43f0-4ab6-b496-4fbe950d210f",
|
|
"indicator--567958de-9acc-4586-b37f-42a5950d210f",
|
|
"indicator--567958de-d398-4c8f-bdd4-41be950d210f",
|
|
"indicator--567958de-bed8-4bd8-b2b7-4455950d210f",
|
|
"indicator--567958df-4110-43b1-bd23-49bd950d210f",
|
|
"indicator--567958df-1680-480f-83a6-4740950d210f",
|
|
"indicator--567958df-37f4-48bc-b39f-4683950d210f",
|
|
"indicator--567958e0-02f8-4346-a0fe-4236950d210f",
|
|
"indicator--567958e0-a61c-48af-93fc-4db6950d210f",
|
|
"indicator--567958e0-be64-41e2-92c1-4ec1950d210f",
|
|
"indicator--567958e0-0e90-4d09-b584-467c950d210f",
|
|
"indicator--567958e1-b630-475b-8b0a-470a950d210f",
|
|
"indicator--567958e1-3034-44ba-a9f1-4939950d210f",
|
|
"indicator--567958e1-1aa4-4736-ab76-457f950d210f",
|
|
"indicator--567958e2-a2bc-4045-8aa0-4c17950d210f",
|
|
"indicator--567958e2-adac-4179-9446-4120950d210f",
|
|
"indicator--567958e2-f164-48c7-b45d-4871950d210f",
|
|
"indicator--567958e3-c630-4750-9094-43ef950d210f",
|
|
"indicator--567958e3-ae5c-46b0-bd58-4dd2950d210f",
|
|
"indicator--567958e3-15a0-4c94-91e5-4d7c950d210f",
|
|
"indicator--567958e3-ecc4-45a2-9252-4c2f950d210f",
|
|
"indicator--567958e4-992c-4f4f-8226-44e1950d210f",
|
|
"indicator--567958e4-9210-4de8-8472-440e950d210f",
|
|
"indicator--567958e4-3d20-4ef8-aa59-403c950d210f",
|
|
"indicator--567958e5-abe0-463d-86c1-40e5950d210f",
|
|
"indicator--567958e5-f114-4708-9248-4b29950d210f",
|
|
"indicator--567958e5-fdbc-4dc8-82d4-4549950d210f",
|
|
"indicator--567958e5-4e4c-4ee9-8857-430f950d210f",
|
|
"indicator--567958e6-b6a0-431e-a014-468a950d210f",
|
|
"indicator--567958e6-a544-4d00-9f1b-4928950d210f",
|
|
"indicator--567958e6-ced0-460a-859f-4052950d210f",
|
|
"indicator--567958e7-87d0-4eac-b879-4025950d210f",
|
|
"indicator--567958e7-31c8-4ba4-9135-4bbd950d210f",
|
|
"indicator--567958e7-6ce8-4d31-b67d-4ea2950d210f",
|
|
"indicator--567958e8-6460-495b-b075-4213950d210f",
|
|
"indicator--567958e8-dbd0-4594-b243-477e950d210f",
|
|
"indicator--567958e8-6e70-45cf-8e2d-466f950d210f",
|
|
"indicator--567958e8-ad60-4ffe-8681-4d2c950d210f",
|
|
"indicator--567958e9-1a28-4b49-9af1-4f67950d210f",
|
|
"indicator--567958e9-1044-4969-8353-4a2e950d210f",
|
|
"indicator--567958e9-efd0-4399-bed6-4ae0950d210f",
|
|
"indicator--567958ea-ba58-4e2d-a71b-45d0950d210f",
|
|
"indicator--567958ea-cd4c-4486-b840-4d0f950d210f",
|
|
"indicator--567958ea-f474-42ff-991f-4671950d210f",
|
|
"indicator--567958eb-ecd4-4ed5-8388-4496950d210f",
|
|
"indicator--567958eb-46d0-4f88-aa47-416e950d210f",
|
|
"indicator--567958eb-1170-4cd8-8b9e-49fa950d210f",
|
|
"indicator--567958eb-6360-4340-9c98-46fd950d210f",
|
|
"indicator--567958ec-44cc-44dc-80c1-420e950d210f",
|
|
"indicator--567958ec-9464-45fd-87e9-400e950d210f",
|
|
"indicator--567958ec-1aec-4490-a081-4027950d210f",
|
|
"indicator--567958ed-19c0-42f1-9511-4704950d210f",
|
|
"indicator--567958ed-cb3c-4cf4-90eb-4a21950d210f",
|
|
"indicator--567958ed-b434-4883-ba6b-46c9950d210f",
|
|
"indicator--567958ee-3564-4eca-bf82-41e5950d210f",
|
|
"indicator--567958ee-26f8-48b9-a19b-46ee950d210f",
|
|
"indicator--567958ee-acb8-40da-9d67-4a1b950d210f",
|
|
"indicator--567958ee-3420-4f4e-8333-4578950d210f",
|
|
"indicator--567958ef-55e4-45df-8160-4100950d210f",
|
|
"indicator--567958ef-4c40-4863-9ac5-4915950d210f",
|
|
"indicator--567958ef-de4c-417b-91a5-475c950d210f",
|
|
"indicator--567958ef-1eb8-4c86-adfc-4309950d210f",
|
|
"indicator--567958f0-0ab4-4d65-885c-4598950d210f",
|
|
"indicator--567958f0-b898-4779-a559-4839950d210f",
|
|
"indicator--567958f0-ad38-4c9a-99f5-4ccc950d210f",
|
|
"indicator--567958f1-d688-4483-9106-4082950d210f",
|
|
"indicator--567958f1-5e38-4338-88ab-4494950d210f",
|
|
"indicator--567958f1-eb3c-450d-991e-49cf950d210f",
|
|
"indicator--567958f1-137c-4f32-8d1e-4a70950d210f",
|
|
"indicator--567958f2-d978-4e58-ba03-4612950d210f",
|
|
"indicator--567958f2-a4d8-4889-a5a4-47af950d210f",
|
|
"indicator--567958f2-b694-4a34-8608-4ab3950d210f",
|
|
"indicator--567958f3-3dfc-40ac-a444-4ea5950d210f",
|
|
"indicator--567958f3-9d84-470f-8b11-4736950d210f",
|
|
"indicator--567958f3-e568-4c39-a4c0-4cb4950d210f",
|
|
"indicator--567958f4-c584-456e-be81-448e950d210f",
|
|
"indicator--567958f4-227c-4a22-ba98-4727950d210f",
|
|
"indicator--567958f4-1f44-4b1b-9265-4f60950d210f",
|
|
"indicator--567958f4-3524-45d3-815f-4ebd950d210f",
|
|
"indicator--567958f5-a500-4e20-b548-440e950d210f",
|
|
"indicator--567958f5-045c-4630-b540-4ba8950d210f",
|
|
"indicator--567958f5-09f8-45ef-9fcb-4b17950d210f",
|
|
"indicator--567958f6-8b4c-413c-9875-4ada950d210f",
|
|
"indicator--567958f6-ab3c-415f-aadf-4446950d210f",
|
|
"indicator--567958f6-c958-4b56-8f57-46fa950d210f",
|
|
"indicator--567958f7-ab7c-48cd-8f96-463d950d210f",
|
|
"indicator--567958f7-b628-4860-99c5-44d2950d210f",
|
|
"indicator--567958f7-545c-4a49-9e18-464b950d210f",
|
|
"indicator--567958f7-667c-4cb4-a89b-44ce950d210f",
|
|
"indicator--567958f8-658c-41d1-88c0-49b5950d210f",
|
|
"indicator--567958f8-e590-4553-893c-49df950d210f",
|
|
"indicator--567958f8-c9f0-412e-8060-485d950d210f",
|
|
"indicator--567958f8-a4f0-4c3d-9c42-4250950d210f",
|
|
"indicator--567958f9-3efc-4faf-8003-4522950d210f",
|
|
"indicator--567958f9-c450-4c74-8f74-4ffe950d210f",
|
|
"indicator--567958f9-b82c-40b3-b587-4f06950d210f",
|
|
"indicator--567958f9-9604-41b8-af7f-4372950d210f",
|
|
"indicator--567958fa-bee8-456d-ba9e-4fda950d210f",
|
|
"indicator--567958fa-98c8-4ba1-865c-466b950d210f",
|
|
"indicator--567958fa-eeb0-4a87-87db-4627950d210f",
|
|
"indicator--567958fa-1d64-418c-9e10-4212950d210f",
|
|
"indicator--567958fb-1de4-4f11-9942-40e7950d210f",
|
|
"indicator--567958fb-f93c-41ac-93a1-4075950d210f",
|
|
"indicator--567958fb-ec58-4fea-8e04-4535950d210f",
|
|
"indicator--567958fb-1d00-492a-af28-45fb950d210f",
|
|
"indicator--567958fc-6ccc-43e6-aa99-431f950d210f",
|
|
"indicator--567958fc-ee3c-47a9-bee3-40ee950d210f",
|
|
"indicator--567958fc-2600-4a7f-9a7e-41fe950d210f",
|
|
"indicator--567958fd-0370-4645-929a-4cec950d210f",
|
|
"indicator--567958fd-5fb4-4fa8-ad53-43b1950d210f",
|
|
"indicator--567958fd-d678-4a29-b4db-48d6950d210f",
|
|
"indicator--567958fd-187c-421b-9e7a-44a4950d210f",
|
|
"indicator--567958fe-7620-48a6-a4d8-463d950d210f",
|
|
"indicator--567958fe-c148-4d81-aad1-4e48950d210f",
|
|
"indicator--567958fe-c69c-4782-b9b8-463d950d210f",
|
|
"indicator--567958ff-0234-4151-a603-4be3950d210f",
|
|
"indicator--567958ff-8024-4de7-8823-4533950d210f",
|
|
"indicator--567958ff-03e0-4bd1-be91-4f72950d210f",
|
|
"indicator--56795900-7408-4b67-8e49-4efc950d210f",
|
|
"indicator--56795900-76ac-4491-8030-4c6e950d210f",
|
|
"indicator--56795900-cf7c-44f8-b6e2-4a70950d210f",
|
|
"indicator--56795900-7fa8-4dd2-88c5-48b0950d210f",
|
|
"indicator--56795901-bd08-4c17-9465-47ca950d210f",
|
|
"indicator--56795901-1fdc-4bf6-b9c2-446c950d210f",
|
|
"indicator--56795901-b11c-4f04-a25e-482b950d210f",
|
|
"indicator--56795902-0588-4335-9025-44aa950d210f",
|
|
"indicator--56795902-d9e0-40cd-bdd0-48cf950d210f",
|
|
"indicator--56795902-a330-41f3-8fdb-4440950d210f",
|
|
"indicator--56795903-8578-4c44-934f-4f42950d210f",
|
|
"indicator--56795903-f7e8-49ee-b3fa-4b68950d210f",
|
|
"indicator--56795903-6538-49a4-8b1f-4647950d210f",
|
|
"indicator--56795903-b278-4f8f-92e6-478a950d210f",
|
|
"indicator--56795904-76d8-421b-b660-4e36950d210f",
|
|
"indicator--56795904-a2d8-47cc-802f-4172950d210f",
|
|
"indicator--56795904-50f8-4807-a17b-4a3e950d210f",
|
|
"indicator--56795905-53fc-426d-9873-483e950d210f",
|
|
"indicator--56795905-034c-457f-bc4e-418b950d210f",
|
|
"indicator--56795905-cb4c-472d-bd3b-4889950d210f",
|
|
"indicator--56795905-2144-4d49-8cc4-4a13950d210f",
|
|
"indicator--56795906-8560-4d7d-b53c-4d40950d210f",
|
|
"indicator--56795906-88b8-4f96-a14e-41c9950d210f",
|
|
"indicator--56795906-af74-4652-bfe1-4764950d210f",
|
|
"indicator--56795907-cd48-453c-ba6a-4087950d210f",
|
|
"indicator--56795907-8018-43e2-a7ad-4b41950d210f",
|
|
"indicator--56795907-8e8c-4bfa-8367-4f31950d210f",
|
|
"indicator--56795908-3410-4b90-86d1-4dc7950d210f",
|
|
"indicator--56795908-e720-46e8-824a-467c950d210f",
|
|
"indicator--56795908-5558-4fa2-8f11-4e4b950d210f",
|
|
"indicator--56795908-f6c8-48c9-8aff-4a6e950d210f",
|
|
"indicator--56795909-0d68-47a3-8e6d-4395950d210f",
|
|
"indicator--56795909-d1a4-4478-90e9-4c26950d210f",
|
|
"indicator--56795909-650c-488b-92ac-499a950d210f",
|
|
"indicator--5679590a-403c-4bfc-8eb9-4ec6950d210f",
|
|
"indicator--5679590a-0618-4bb1-908b-459f950d210f",
|
|
"indicator--5679590a-161c-44a1-88ca-4b55950d210f",
|
|
"indicator--5679590a-bea0-493b-bdaf-4a67950d210f",
|
|
"indicator--5679590b-857c-49db-880d-42bf950d210f",
|
|
"indicator--5679590b-aad0-41ad-9b9f-43ae950d210f",
|
|
"indicator--5679590b-d580-402c-bba1-479c950d210f",
|
|
"indicator--5679590c-059c-4210-8795-44bd950d210f",
|
|
"indicator--5679590c-0f20-4c02-a6b8-4477950d210f",
|
|
"indicator--5679590c-4fb4-4dc9-953c-4db7950d210f",
|
|
"indicator--5679590d-1600-4228-9290-4098950d210f",
|
|
"indicator--5679590d-1680-4eb1-815b-41c4950d210f",
|
|
"indicator--5679590d-28f0-4abf-9341-4aff950d210f",
|
|
"indicator--5679590d-aa2c-4c9a-bab0-488b950d210f",
|
|
"indicator--5679590e-6bac-4ef1-bc14-4ef0950d210f",
|
|
"indicator--5679590e-00e8-413a-9ac8-4a6e950d210f",
|
|
"indicator--5679590e-8030-49b1-a30e-4296950d210f",
|
|
"indicator--5679590f-85d0-4c90-b4d8-416c950d210f",
|
|
"indicator--5679590f-f23c-4771-a108-4a32950d210f",
|
|
"indicator--5679590f-50b0-4a1b-819d-4bf5950d210f",
|
|
"indicator--56795910-c6a8-4b2d-bed4-4a64950d210f",
|
|
"indicator--56795910-a804-46a3-9658-4a91950d210f",
|
|
"indicator--56795910-62bc-4ec9-a17f-498a950d210f",
|
|
"indicator--56795910-6064-4a87-b5fb-4762950d210f",
|
|
"indicator--56795911-bb1c-40d0-858d-485c950d210f",
|
|
"indicator--56795911-e570-4fea-8e05-42b6950d210f",
|
|
"indicator--56795911-b5c8-422c-8bfa-4b01950d210f",
|
|
"indicator--56795912-8590-440b-96c4-41f3950d210f",
|
|
"indicator--56795912-f4a4-4599-a6c4-4110950d210f",
|
|
"indicator--56795912-b944-4d3d-a157-4d9a950d210f",
|
|
"indicator--56795913-b2ac-410a-ab0e-4f66950d210f",
|
|
"indicator--56795913-07f8-44e3-ab4d-40f6950d210f",
|
|
"indicator--56795913-6f18-4e0c-9417-42b9950d210f",
|
|
"indicator--56795913-fee4-4401-b518-4b76950d210f",
|
|
"indicator--56795914-ec88-4326-8ed4-44f6950d210f",
|
|
"indicator--56795914-f19c-4da2-8602-41e5950d210f",
|
|
"indicator--56795914-8e14-49fa-8a31-444f950d210f",
|
|
"indicator--56795915-858c-4c9f-9762-43b3950d210f",
|
|
"indicator--56795915-460c-4870-b689-4deb950d210f",
|
|
"indicator--56795915-3ff4-428a-93a6-4866950d210f",
|
|
"indicator--56795915-39f0-4dd4-94b5-4841950d210f",
|
|
"indicator--56795916-bb90-4b27-bdae-4809950d210f",
|
|
"indicator--56795916-954c-4b33-b71c-4439950d210f",
|
|
"indicator--56795916-91c0-43f8-8ef2-4ff5950d210f",
|
|
"indicator--56795917-20f0-47dc-9002-41f8950d210f",
|
|
"indicator--56795917-27a4-422b-80bb-4f82950d210f",
|
|
"indicator--56795917-2248-443b-9151-46df950d210f",
|
|
"indicator--56795918-99ec-4605-ad05-430f950d210f",
|
|
"indicator--56795918-561c-4058-8c3c-4230950d210f",
|
|
"indicator--56795918-16d4-453b-a3d7-4f43950d210f",
|
|
"indicator--56795918-6158-45ba-b8a6-4ecf950d210f",
|
|
"indicator--56795919-dcd4-4379-a351-4657950d210f",
|
|
"indicator--56795919-52cc-4c74-b6ac-4aeb950d210f",
|
|
"indicator--56795919-7cbc-4627-bc91-4cc9950d210f",
|
|
"indicator--5679591a-6aa4-4784-ba12-4624950d210f",
|
|
"indicator--5679591a-c0b8-4b41-81b6-4354950d210f",
|
|
"indicator--5679591a-3f60-41dc-b2cc-43b2950d210f",
|
|
"indicator--5679591b-2198-4837-9367-492b950d210f",
|
|
"indicator--5679591b-cf90-4800-94c0-4fca950d210f",
|
|
"indicator--5679591b-4a48-4367-8988-4f61950d210f",
|
|
"indicator--5679591b-049c-4e78-bc31-48a5950d210f",
|
|
"indicator--5679591c-cd08-4fcb-8398-46d1950d210f",
|
|
"indicator--5679591c-5cac-444c-848d-4a7d950d210f",
|
|
"indicator--5679591c-5960-4519-99a3-4249950d210f",
|
|
"indicator--5679591d-4408-4aa5-bf4a-4633950d210f",
|
|
"indicator--5679591d-2e28-4380-be4c-40dd950d210f",
|
|
"indicator--5679591d-9cf4-4bc5-9985-4b3e950d210f",
|
|
"indicator--5679591d-dcd8-4258-9543-4ad3950d210f",
|
|
"indicator--5679591e-4254-4f01-8ab4-4876950d210f",
|
|
"indicator--5679591e-cae4-45e0-9587-4ffa950d210f",
|
|
"indicator--5679591e-1af8-4051-ac54-4715950d210f",
|
|
"indicator--5679591f-840c-47d8-a962-44ef950d210f",
|
|
"indicator--5679591f-ba1c-4a97-ae50-4440950d210f",
|
|
"indicator--5679591f-67cc-409a-b890-499c950d210f",
|
|
"indicator--5679591f-685c-4b5f-afe7-400e950d210f",
|
|
"indicator--56795920-1cbc-4b79-9558-4acd950d210f",
|
|
"indicator--56795920-fb24-421f-8f86-4e36950d210f",
|
|
"indicator--56795920-a36c-4562-8da5-4801950d210f",
|
|
"indicator--56795921-2a18-466b-8f74-417e950d210f",
|
|
"indicator--56795921-e854-403a-83b6-48d7950d210f",
|
|
"indicator--56795921-4e88-4f55-afec-482e950d210f",
|
|
"indicator--56795922-3100-4f5e-a74f-4125950d210f",
|
|
"indicator--56795922-69b4-45ce-be3e-4b53950d210f",
|
|
"indicator--56795922-f038-487c-a6ae-404e950d210f",
|
|
"indicator--56795922-ff08-4202-aaff-4e22950d210f",
|
|
"indicator--56795923-a290-41fa-9bbd-420c950d210f",
|
|
"indicator--56795923-e850-47e0-aafe-4fca950d210f",
|
|
"indicator--56795923-eca8-4190-b434-4d80950d210f",
|
|
"indicator--56795924-3728-40f7-adcd-4590950d210f",
|
|
"indicator--56795924-2bd4-4b28-9bb4-4d55950d210f",
|
|
"indicator--56795924-f9a8-4b77-94c2-4d9a950d210f",
|
|
"indicator--56795924-1588-450b-8667-4a6f950d210f",
|
|
"indicator--56795925-f580-4c9c-8497-40a3950d210f",
|
|
"indicator--56795925-4ec8-4067-9c39-4bdd950d210f",
|
|
"indicator--56795925-14b8-42d6-b1a0-477f950d210f",
|
|
"indicator--56795926-68b4-462d-adf1-4eab950d210f",
|
|
"indicator--56795926-2ad0-4f9c-92b2-4932950d210f",
|
|
"indicator--56795926-d864-4270-8d0b-476a950d210f",
|
|
"indicator--56795927-acc8-4b65-99a2-4081950d210f",
|
|
"indicator--56795927-5e24-464c-b7cd-479a950d210f",
|
|
"indicator--56795927-f63c-40ec-b973-40f9950d210f",
|
|
"indicator--56795927-21d8-495f-adc9-48fc950d210f",
|
|
"indicator--56795928-d864-4961-96ff-46fa950d210f",
|
|
"indicator--56795928-d288-4f6b-85cd-4fc7950d210f",
|
|
"indicator--56795928-d070-4b89-b541-4b9a950d210f",
|
|
"indicator--56795929-16b8-4562-93cd-48e9950d210f",
|
|
"indicator--56795929-f264-4b98-95d8-41fc950d210f",
|
|
"indicator--56795929-0b40-4bc3-b17e-4d8d950d210f",
|
|
"indicator--5679592a-7898-467b-8cb8-4251950d210f",
|
|
"indicator--5679592a-550c-4775-9105-4963950d210f",
|
|
"indicator--5679592a-206c-4393-a281-4921950d210f",
|
|
"indicator--5679592a-9740-4535-98d4-42a6950d210f",
|
|
"indicator--5679592b-7ee4-453a-9182-4501950d210f",
|
|
"indicator--5679592b-602c-4ca4-9c15-42ff950d210f",
|
|
"indicator--5679592b-30fc-4e5e-8e39-4947950d210f",
|
|
"indicator--5679592c-cab4-4ff4-b660-4bcf950d210f",
|
|
"indicator--5679592c-a778-4a90-ab95-4970950d210f",
|
|
"indicator--5679592c-c168-4768-a2da-4288950d210f",
|
|
"indicator--5679592c-a994-4bb9-8a00-463f950d210f",
|
|
"indicator--5679592d-5fc0-4dd2-8a31-4baa950d210f",
|
|
"indicator--5679592d-a3a8-4123-a62c-42d1950d210f",
|
|
"indicator--5679592d-4abc-4fda-a6ad-4a57950d210f",
|
|
"indicator--5679592e-6d80-4f88-bc8c-4082950d210f",
|
|
"indicator--5679592e-deb0-4e14-967f-47e3950d210f",
|
|
"indicator--5679592e-2d98-4963-a25b-4398950d210f",
|
|
"indicator--5679592f-b6b4-46c9-9f07-4c4a950d210f",
|
|
"indicator--5679592f-3f94-4c31-b607-4661950d210f",
|
|
"indicator--5679592f-c254-4e09-b63b-4d89950d210f",
|
|
"indicator--5679592f-a1bc-4361-8953-4844950d210f",
|
|
"indicator--56795930-b370-4ef6-9db3-4509950d210f",
|
|
"indicator--56795930-faec-495a-9ed4-4985950d210f",
|
|
"indicator--56795930-fe70-43cd-9ab9-4848950d210f",
|
|
"indicator--56795931-e950-4593-baa9-4e2a950d210f",
|
|
"indicator--56795931-c5a8-4608-92e7-4230950d210f",
|
|
"indicator--56795931-1614-4610-8d27-42ec950d210f",
|
|
"indicator--56795932-9a8c-4384-8e17-4e71950d210f",
|
|
"indicator--56795932-cabc-438a-a0c7-4889950d210f",
|
|
"indicator--56795932-12ac-4725-831d-497a950d210f",
|
|
"indicator--56795932-fbac-40c9-a7fb-44ab950d210f",
|
|
"indicator--56795933-d1a0-4e19-89a1-4950950d210f",
|
|
"indicator--56795933-77e4-45b8-9dc4-4cc3950d210f",
|
|
"indicator--56795933-a4e8-4f10-9a52-4a2a950d210f",
|
|
"indicator--56795934-c3d4-46a1-b0e4-4e39950d210f",
|
|
"indicator--56795934-83a0-4083-9d0f-43eb950d210f",
|
|
"indicator--56795934-c1d0-4d76-9033-4f97950d210f",
|
|
"indicator--56795934-1f34-4876-a246-412f950d210f",
|
|
"indicator--56795935-2480-403c-bb5e-451b950d210f",
|
|
"indicator--56795935-9b4c-4071-aeea-4490950d210f",
|
|
"indicator--56795935-41f4-46c4-9bd5-4c0c950d210f",
|
|
"indicator--56795936-095c-4869-8657-40d3950d210f"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"type:OSINT"
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--563a066f-5174-427c-a187-c7ff950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:21:51.000Z",
|
|
"modified": "2015-11-04T13:21:51.000Z",
|
|
"first_observed": "2015-11-04T13:21:51Z",
|
|
"last_observed": "2015-11-04T13:21:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--563a066f-5174-427c-a187-c7ff950d210b"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--563a066f-5174-427c-a187-c7ff950d210b",
|
|
"value": "https://www.fidelissecurity.com/sites/default/files/FTA_1019_Ratcheting_Down_on_JSocket_A_PC_and_Android_Threat_FINAL.pdf"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--563a066f-a008-4c1a-aa7d-c7ff950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:21:51.000Z",
|
|
"modified": "2015-11-04T13:21:51.000Z",
|
|
"first_observed": "2015-11-04T13:21:51Z",
|
|
"last_observed": "2015-11-04T13:21:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--563a066f-a008-4c1a-aa7d-c7ff950d210b"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--563a066f-a008-4c1a-aa7d-c7ff950d210b",
|
|
"value": "https://otx.alienvault.com/pulse/5638f23a4637f2388aaed240/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0729-c730-48c1-8964-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:24:57.000Z",
|
|
"modified": "2015-11-04T13:24:57.000Z",
|
|
"pattern": "[domain-name:value = 'd370.cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:24:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0729-33e4-46ef-9f8a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:24:57.000Z",
|
|
"modified": "2015-11-04T13:24:57.000Z",
|
|
"pattern": "[domain-name:value = 'officetartousi.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:24:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072a-6658-4e10-ad19-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:24:58.000Z",
|
|
"modified": "2015-11-04T13:24:58.000Z",
|
|
"pattern": "[domain-name:value = 'intergralhcs.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:24:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072a-4ce8-423b-8ec0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:24:58.000Z",
|
|
"modified": "2015-11-04T13:24:58.000Z",
|
|
"pattern": "[domain-name:value = 'jidespa0024yahjs.no-ip.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:24:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072b-a0b4-4b64-8add-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:24:59.000Z",
|
|
"modified": "2015-11-04T13:24:59.000Z",
|
|
"pattern": "[domain-name:value = 'elviscarson.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:24:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072b-3810-4af0-81ac-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:24:59.000Z",
|
|
"modified": "2015-11-04T13:24:59.000Z",
|
|
"pattern": "[domain-name:value = 'zivva007.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:24:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072c-4c2c-48ff-854d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:00.000Z",
|
|
"modified": "2015-11-04T13:25:00.000Z",
|
|
"pattern": "[domain-name:value = 'floffman.linkpc.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072c-a970-4196-bef4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:00.000Z",
|
|
"modified": "2015-11-04T13:25:00.000Z",
|
|
"pattern": "[domain-name:value = 'madman1.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072d-7a20-4405-a52d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:01.000Z",
|
|
"modified": "2015-11-04T13:25:01.000Z",
|
|
"pattern": "[domain-name:value = 'trusplus111.gotdns.ch']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072d-dba0-4298-a59d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:01.000Z",
|
|
"modified": "2015-11-04T13:25:01.000Z",
|
|
"pattern": "[domain-name:value = 'ewillsin.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072e-6820-4d4c-b37b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:02.000Z",
|
|
"modified": "2015-11-04T13:25:02.000Z",
|
|
"pattern": "[domain-name:value = 'harry150.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072e-1030-4cd8-aa35-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:02.000Z",
|
|
"modified": "2015-11-04T13:25:02.000Z",
|
|
"pattern": "[domain-name:value = 'justicsbro.linkpc.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072f-d01c-4849-8408-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:03.000Z",
|
|
"modified": "2015-11-04T13:25:03.000Z",
|
|
"pattern": "[domain-name:value = 'damuk1.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a072f-8cf4-48ca-922d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:03.000Z",
|
|
"modified": "2015-11-04T13:25:03.000Z",
|
|
"pattern": "[domain-name:value = 'workshopjs.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0730-a2ac-4f76-9192-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:04.000Z",
|
|
"modified": "2015-11-04T13:25:04.000Z",
|
|
"pattern": "[domain-name:value = 'hach.duckdns.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0730-e1f0-4f63-a701-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:04.000Z",
|
|
"modified": "2015-11-04T13:25:04.000Z",
|
|
"pattern": "[domain-name:value = 'jonnybary.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0731-f004-4ebb-a99e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:05.000Z",
|
|
"modified": "2015-11-04T13:25:05.000Z",
|
|
"pattern": "[domain-name:value = 'infowinboth.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0731-fb08-42a1-b582-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:05.000Z",
|
|
"modified": "2015-11-04T13:25:05.000Z",
|
|
"pattern": "[domain-name:value = 'judalien.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0732-d9ec-4cb9-8dbf-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:06.000Z",
|
|
"modified": "2015-11-04T13:25:06.000Z",
|
|
"pattern": "[domain-name:value = 'integralhcs.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0732-3e28-4a83-bed7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:06.000Z",
|
|
"modified": "2015-11-04T13:25:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = '81d1912a9f7f70344505b1c9d5d32307']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0733-7378-4f3f-932b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:07.000Z",
|
|
"modified": "2015-11-04T13:25:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2e0c898f5a6ea1e0d133e435f3fab27c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0733-fb38-41c8-91aa-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:07.000Z",
|
|
"modified": "2015-11-04T13:25:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7daba3583b400c27d510dc401ef18ce5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0733-7bd4-4f64-9b8f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:07.000Z",
|
|
"modified": "2015-11-04T13:25:07.000Z",
|
|
"pattern": "[domain-name:value = 'felbankgmailjs.no-ip.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0734-2110-4de6-8eda-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:08.000Z",
|
|
"modified": "2015-11-04T13:25:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c99b6cd6328ee23d6de6a049e77afb74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0734-54a8-464f-8583-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:08.000Z",
|
|
"modified": "2015-11-04T13:25:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8a23789f004999780c56800b40e58b33']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0735-c4f0-461e-9f00-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:09.000Z",
|
|
"modified": "2015-11-04T13:25:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '611618e3f9b51eb466c9302a328e3567']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0735-d4cc-49ef-8e2d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:09.000Z",
|
|
"modified": "2015-11-04T13:25:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a36ea233bd502b81e8b795add7ff3a45']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0736-3cf8-40b7-a0ab-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:10.000Z",
|
|
"modified": "2015-11-04T13:25:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '88b76af1a0ddc5f6fec64e5af83d1b5c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0736-6990-48c0-bf38-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:10.000Z",
|
|
"modified": "2015-11-04T13:25:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8b0d1a0974f6c6be294c7b0be083f128']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0737-f408-46ff-b997-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:11.000Z",
|
|
"modified": "2015-11-04T13:25:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c08c5aa627c73cdab337cfc7d8d11927']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0737-2860-45e0-b5da-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:11.000Z",
|
|
"modified": "2015-11-04T13:25:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ff54087bfa945fb92c925255d7d2234e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0738-6250-4c7d-8ca9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:12.000Z",
|
|
"modified": "2015-11-04T13:25:12.000Z",
|
|
"pattern": "[file:hashes.MD5 = '44f91555177e515a17f9e16a9062fde9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0738-9ebc-43a0-acc1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:12.000Z",
|
|
"modified": "2015-11-04T13:25:12.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8efb999d48fd354decc57f71ff9047e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0738-cdd0-4e64-b44a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:12.000Z",
|
|
"modified": "2015-11-04T13:25:12.000Z",
|
|
"pattern": "[domain-name:value = 'justicebro.linkpc.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0739-6a48-46fe-ab1c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:13.000Z",
|
|
"modified": "2015-11-04T13:25:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e1836e5657bfbe9990a87547408d32e6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0739-4968-4bbf-a4d4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:13.000Z",
|
|
"modified": "2015-11-04T13:25:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = '063b6a42f48cb83f1842c7f503c179a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073a-dcec-45ea-a058-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:14.000Z",
|
|
"modified": "2015-11-04T13:25:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '54cbfa7f6ab4d2e3c126e034c4937d1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073a-0814-44f8-b1f9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:14.000Z",
|
|
"modified": "2015-11-04T13:25:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '716dae5b83f2ab542e6e837e192ebcf5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073a-5698-4da7-ab35-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:14.000Z",
|
|
"modified": "2015-11-04T13:25:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bc8a20d06bd4ac646b13428a15279c5a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073b-0d48-4d7d-80be-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:15.000Z",
|
|
"modified": "2015-11-04T13:25:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd7666d4209b7eb31dbc5e6fcdd10de5f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073b-385c-4a49-bb41-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:15.000Z",
|
|
"modified": "2015-11-04T13:25:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = '22edfb6ca3aa06b3efc12d9c6621bc73']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073c-6294-48d1-b8cf-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:16.000Z",
|
|
"modified": "2015-11-04T13:25:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = '258583b7cc56dec995eef694dff4419d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073c-d02c-46c0-823f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:16.000Z",
|
|
"modified": "2015-11-04T13:25:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3b5b998058bd701347e55d7915506e0d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073c-b9fc-4e8f-b943-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:16.000Z",
|
|
"modified": "2015-11-04T13:25:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fc177ceee0f9e4ef58d76dd7a8b37860']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073d-e340-40c4-a955-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:17.000Z",
|
|
"modified": "2015-11-04T13:25:17.000Z",
|
|
"pattern": "[domain-name:value = 'frookze.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073d-c940-4b05-864f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:17.000Z",
|
|
"modified": "2015-11-04T13:25:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7ec9acd102d2772a04eeacfa2762327f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073e-89ac-470b-aaa8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:18.000Z",
|
|
"modified": "2015-11-04T13:25:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = '35f0e23a826823228f91dd43df47b18c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073e-204c-46af-9dc5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:18.000Z",
|
|
"modified": "2015-11-04T13:25:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c9afabcff6aa41b7408d7457efaa60bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073e-a8bc-4aef-ac2f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:18.000Z",
|
|
"modified": "2015-11-04T13:25:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8bb67a256ea311488b76fe60462fe828']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073f-feb0-4785-9d27-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:19.000Z",
|
|
"modified": "2015-11-04T13:25:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6a4b9317da47388656076d63be2c058f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a073f-e6a4-429b-8da8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:19.000Z",
|
|
"modified": "2015-11-04T13:25:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = '83b8decd5c634c49e60b03050ae44f7f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0740-19e0-45d2-b7ce-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:20.000Z",
|
|
"modified": "2015-11-04T13:25:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2a6375992b8ae29c286bbd461b4167ab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0740-5634-457e-9576-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:20.000Z",
|
|
"modified": "2015-11-04T13:25:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6a8a180740a78aa038bd7f1d9a747d91']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0740-d19c-4512-8c7d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:20.000Z",
|
|
"modified": "2015-11-04T13:25:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0704e99f1a3ca1866984cdadfbad9113']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0741-6778-4584-8335-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:21.000Z",
|
|
"modified": "2015-11-04T13:25:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a6b5c893703b6032715dee2f54e1c7eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0741-2e14-4e91-b3ff-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:21.000Z",
|
|
"modified": "2015-11-04T13:25:21.000Z",
|
|
"pattern": "[domain-name:value = 'moukenji.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0742-584c-4090-becb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:22.000Z",
|
|
"modified": "2015-11-04T13:25:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4e8d1ace53068e8dcd3a3a43590f21d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0742-af84-4cab-9627-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:22.000Z",
|
|
"modified": "2015-11-04T13:25:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2c89797d72e29c74ff1b190bb0dbd7d6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0742-4ba0-4585-a073-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:22.000Z",
|
|
"modified": "2015-11-04T13:25:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2b4ad2fa1736bc78e64676791ea15b65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0743-7ca4-4c7e-beb0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:23.000Z",
|
|
"modified": "2015-11-04T13:25:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0343460dbc8e73322cf4d394262863ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0743-86c0-4a79-b1d1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:23.000Z",
|
|
"modified": "2015-11-04T13:25:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c3a58be819d75943b45887e42f87e17b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0744-dd2c-4741-a15b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:24.000Z",
|
|
"modified": "2015-11-04T13:25:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ad88e4228fd920f43a4750fd519b6e92']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0744-0970-46b3-8feb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:24.000Z",
|
|
"modified": "2015-11-04T13:25:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = '08e13e8aebe45902b92a071a2e276369']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0744-7a5c-4c47-88f1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:24.000Z",
|
|
"modified": "2015-11-04T13:25:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd06e01e113d8fa28ef7effddb8daa22b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0745-c2d8-40ae-89f8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:25.000Z",
|
|
"modified": "2015-11-04T13:25:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = '704ed4dd601489f7f2b5c9fe36a52ebf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0745-920c-4a68-b203-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:25.000Z",
|
|
"modified": "2015-11-04T13:25:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = '12652684335ca77bec38dca9290006f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0745-8cf0-4517-92fa-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:25.000Z",
|
|
"modified": "2015-11-04T13:25:25.000Z",
|
|
"pattern": "[domain-name:value = 'felixres015js.zapto.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0746-27ec-4611-af79-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:26.000Z",
|
|
"modified": "2015-11-04T13:25:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bfd0592a8255ec62e04f6b646b0e1698']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0746-2a68-4a1f-92cb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:26.000Z",
|
|
"modified": "2015-11-04T13:25:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bc8a26a5070e9a84ff2601b4d21660fb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0747-3edc-443b-892c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:27.000Z",
|
|
"modified": "2015-11-04T13:25:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = '82ce9671e3f6e5eba855443e78959270']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0747-4cc0-4b9a-afa4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:27.000Z",
|
|
"modified": "2015-11-04T13:25:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd41350eb98e8b8d8dc397c4344ce4afa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0748-b73c-46da-98a6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:28.000Z",
|
|
"modified": "2015-11-04T13:25:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b49353917ec84b725f4ac86f5fab8e0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0748-0dc8-4eb0-bf29-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:28.000Z",
|
|
"modified": "2015-11-04T13:25:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1f53c17a9d9c3a4d9d0e5e956aa03da6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0748-a8f0-47d4-83f4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:28.000Z",
|
|
"modified": "2015-11-04T13:25:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b0975630a32486ef46bb1c3bc244285d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0749-0f90-4d40-bc93-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:29.000Z",
|
|
"modified": "2015-11-04T13:25:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '89168dd5feef327bce755dc5226ab835']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0749-5108-4366-9719-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:29.000Z",
|
|
"modified": "2015-11-04T13:25:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4b835e7bb50ad95b51cba409518a31fb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074a-e0f0-4d89-8833-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:30.000Z",
|
|
"modified": "2015-11-04T13:25:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c5adf11728b500d985accd8d1b40a298']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074a-a37c-4dc9-b9ef-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:30.000Z",
|
|
"modified": "2015-11-04T13:25:30.000Z",
|
|
"pattern": "[domain-name:value = 'budapest89.hopto.me']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074a-7010-4067-b8a2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:30.000Z",
|
|
"modified": "2015-11-04T13:25:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'caffdaebb2ccfbda022d619145a47f68']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074b-85e4-4e8a-aed5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:31.000Z",
|
|
"modified": "2015-11-04T13:25:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c935e2de7027e99487afc52148e30e18']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074b-de6c-46aa-bb8a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:31.000Z",
|
|
"modified": "2015-11-04T13:25:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f0d4fd3be8d5c167a6e63cd6960b08e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074c-2bc4-48fa-91dc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:32.000Z",
|
|
"modified": "2015-11-04T13:25:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7a1763dc91f701beb4446208ff1603cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074c-71c4-48a2-bc10-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:32.000Z",
|
|
"modified": "2015-11-04T13:25:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = '60faba1e39a397b68343355632bdd2c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074c-f91c-43b0-9a3e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:32.000Z",
|
|
"modified": "2015-11-04T13:25:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ac7edc1ed507635b6be79f64967f36f0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074d-ee90-4fa3-98ec-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:33.000Z",
|
|
"modified": "2015-11-04T13:25:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6fac7525cff3fc5d3dab00b756f9bc6b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074d-e560-4b20-8e20-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:33.000Z",
|
|
"modified": "2015-11-04T13:25:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e27f491893a6ae4a775d2f0894db9bda']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074e-af9c-4be3-bbfa-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:34.000Z",
|
|
"modified": "2015-11-04T13:25:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f200a6a77822148d9e006bcbe8d55ccf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074e-f7b4-48c3-b50b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:34.000Z",
|
|
"modified": "2015-11-04T13:25:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fb0925a19169e38dc4f7927b5797ff46']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074e-0a48-4dc2-a1be-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:34.000Z",
|
|
"modified": "2015-11-04T13:25:34.000Z",
|
|
"pattern": "[domain-name:value = 'toolsoffice.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074f-bad0-4925-b2bb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:35.000Z",
|
|
"modified": "2015-11-04T13:25:35.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4cb7ce0e2d9ffd19ba431441f1f63c00']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a074f-6d84-4bdb-bc53-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:35.000Z",
|
|
"modified": "2015-11-04T13:25:35.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ef931b306cbda2e6ef8e6abaf8ebdff4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0750-a524-4e53-9e83-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:36.000Z",
|
|
"modified": "2015-11-04T13:25:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd72c52a8653c6013ab923d364f5aa6a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0750-edf4-40c6-b0fc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:36.000Z",
|
|
"modified": "2015-11-04T13:25:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2ee5c7e17fca4e95881af84c5dee7b6f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0750-d138-467e-b4e4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:36.000Z",
|
|
"modified": "2015-11-04T13:25:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c9931f6dcec29a7aad5abf395381957c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0751-f624-4903-9845-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:37.000Z",
|
|
"modified": "2015-11-04T13:25:37.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c85462e5f6656c91eff133f53d0c64df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0751-f318-496f-8f35-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:37.000Z",
|
|
"modified": "2015-11-04T13:25:37.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f8b3989d68a5ca8e66cd1e29c4d6613e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0751-6a98-40e3-b030-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:37.000Z",
|
|
"modified": "2015-11-04T13:25:37.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8090ed11be5a4c6be90d2c36265528be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0752-b39c-4a53-8359-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:38.000Z",
|
|
"modified": "2015-11-04T13:25:38.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a59a2a47ed23e8c97c4d1d85ee8756f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0752-7444-43b1-9864-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:38.000Z",
|
|
"modified": "2015-11-04T13:25:38.000Z",
|
|
"pattern": "[file:hashes.MD5 = '85c8efc9af9f8ea11844a578a1bedf16']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0753-a3a4-459a-af69-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:39.000Z",
|
|
"modified": "2015-11-04T13:25:39.000Z",
|
|
"pattern": "[domain-name:value = 'alien12socket.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0753-1a40-4270-92e8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:39.000Z",
|
|
"modified": "2015-11-04T13:25:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = '354175be20ae6a5a8e3212485813897e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0754-0f34-44b3-89d9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:39.000Z",
|
|
"modified": "2015-11-04T13:25:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5fe8431707940ee736801515274a8a18']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0754-9e58-48b2-b4dc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:40.000Z",
|
|
"modified": "2015-11-04T13:25:40.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7e0f09aa3b47c760ec2ae586b97f283a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0754-2b5c-4d61-a4dc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:40.000Z",
|
|
"modified": "2015-11-04T13:25:40.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5f53d8920e8369b3f2911671ec35fe52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0755-c504-4dfd-b5e2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:41.000Z",
|
|
"modified": "2015-11-04T13:25:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c05e7c64f624e9219bb3f434629244a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0755-fe84-4e2c-85c8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:41.000Z",
|
|
"modified": "2015-11-04T13:25:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ea31aeb11480d1cec32d12a316cdf790']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0755-d03c-481f-8ed0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:41.000Z",
|
|
"modified": "2015-11-04T13:25:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8154f9a68f76a754abbc2786dcdb0540']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0756-cce0-4de2-a973-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:42.000Z",
|
|
"modified": "2015-11-04T13:25:42.000Z",
|
|
"pattern": "[file:hashes.MD5 = '900b33c060ff0d10dff1cf9b756aa792']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0756-5834-461e-b10e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:42.000Z",
|
|
"modified": "2015-11-04T13:25:42.000Z",
|
|
"pattern": "[file:hashes.MD5 = '752ca561596ba94cf47a5f5c72461b7a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0757-6738-4eb5-bd11-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:43.000Z",
|
|
"modified": "2015-11-04T13:25:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = '844b01e0e2383b76fafba9701788e046']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0757-df9c-4427-8048-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:43.000Z",
|
|
"modified": "2015-11-04T13:25:43.000Z",
|
|
"pattern": "[domain-name:value = 'evanovik.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0757-f720-4a42-b7da-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:43.000Z",
|
|
"modified": "2015-11-04T13:25:43.000Z",
|
|
"pattern": "[domain-name:value = 'saleshore201.serveblog.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0758-4acc-44c2-adc0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:44.000Z",
|
|
"modified": "2015-11-04T13:25:44.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2bb672c8af7f08b88b41e9750a9445d6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0758-4a6c-4fdf-b0ec-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:44.000Z",
|
|
"modified": "2015-11-04T13:25:44.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a8c1b306baeb315b815c8a4381924bdd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0759-1818-4f4c-98c7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:45.000Z",
|
|
"modified": "2015-11-04T13:25:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = '35670b2361a463d9b786a2167770d3f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0759-c4f8-400a-8e57-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:45.000Z",
|
|
"modified": "2015-11-04T13:25:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ae80b23eb36dcc1afeadcb64f9fecbf5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0759-7174-4583-8f36-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:45.000Z",
|
|
"modified": "2015-11-04T13:25:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'be9ebc1aa67eedca99a1d1e5659f741c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075a-dc98-4037-b2cf-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:46.000Z",
|
|
"modified": "2015-11-04T13:25:46.000Z",
|
|
"pattern": "[file:hashes.MD5 = '00fae81986029de180f47c8d0de85c9e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075a-820c-4d9c-9c75-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:46.000Z",
|
|
"modified": "2015-11-04T13:25:46.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ee45cf72bb155eecbe217f58359919d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075b-461c-4121-abf7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:47.000Z",
|
|
"modified": "2015-11-04T13:25:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = '140eadc7a0c443bf8a070a6c35509acb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075b-221c-463e-aabc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:47.000Z",
|
|
"modified": "2015-11-04T13:25:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a2a9d9fb7103fce514988c20c8550ad7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075b-79cc-43f4-8796-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:47.000Z",
|
|
"modified": "2015-11-04T13:25:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'eeac1aea13810d22c7d8a0e61fb07f58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075c-a270-4161-9e78-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:48.000Z",
|
|
"modified": "2015-11-04T13:25:48.000Z",
|
|
"pattern": "[domain-name:value = 'princelarry.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075c-a918-44bb-9a12-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:48.000Z",
|
|
"modified": "2015-11-04T13:25:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd80c61156bc6e535f90857024a66b207']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075d-5690-4147-b001-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:49.000Z",
|
|
"modified": "2015-11-04T13:25:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'af464987877450d2a62dfcd746592948']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075d-2a14-4565-b3c9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:49.000Z",
|
|
"modified": "2015-11-04T13:25:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = '58c1d5702dd14ed114b32088ed0305e2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075d-9960-4575-8768-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:49.000Z",
|
|
"modified": "2015-11-04T13:25:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8c3e1c43022d5ea35f32b8cdb8225073']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075e-ba94-4600-a05f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:50.000Z",
|
|
"modified": "2015-11-04T13:25:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = '06a077550476f68d939234b6405a90eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075e-f370-4601-bfd0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:50.000Z",
|
|
"modified": "2015-11-04T13:25:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'afc43c0338de91126344c6c27518b01a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075f-2958-4513-92c4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:51.000Z",
|
|
"modified": "2015-11-04T13:25:51.000Z",
|
|
"pattern": "[file:hashes.MD5 = '38c0328740ad6f20fec29a195fc8f5c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075f-415c-4d5e-b02c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:51.000Z",
|
|
"modified": "2015-11-04T13:25:51.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4885da6fdf0d0665925b233af7fab33c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a075f-3ce4-4bc7-9b23-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:51.000Z",
|
|
"modified": "2015-11-04T13:25:51.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c8ec24cbd2dd6cfbe81b6809f30b5e4a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0760-bd00-4af1-9897-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:52.000Z",
|
|
"modified": "2015-11-04T13:25:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cbe03d0d209ed0017f8414230b1a87d9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0760-0f78-4604-a808-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:52.000Z",
|
|
"modified": "2015-11-04T13:25:52.000Z",
|
|
"pattern": "[domain-name:value = 'nemere.no-ip.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0761-9844-4114-9c81-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:53.000Z",
|
|
"modified": "2015-11-04T13:25:53.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0f283a8bc9bbde16820b68d9d46bab14']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0761-0ae8-4257-a1e3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:53.000Z",
|
|
"modified": "2015-11-04T13:25:53.000Z",
|
|
"pattern": "[file:hashes.MD5 = '922735d508ca7cfbe77fd5c0ca4dc409']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0761-9f20-47b4-98a3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:53.000Z",
|
|
"modified": "2015-11-04T13:25:53.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3b6ae9ba737630d71c32c21a8f84b461']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0762-da20-485a-adcf-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:54.000Z",
|
|
"modified": "2015-11-04T13:25:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f81942dc0d255be71a6578b6b24978d1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0762-6940-4369-96af-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:54.000Z",
|
|
"modified": "2015-11-04T13:25:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e35535cb826824c1487203fc5601e54f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0762-5e84-4cd0-b02e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:54.000Z",
|
|
"modified": "2015-11-04T13:25:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = '74cc60b17dff3dc22722e8bed28f9edf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0763-3a8c-46e1-a0b8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:55.000Z",
|
|
"modified": "2015-11-04T13:25:55.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'eb107686113a9fef8856b64935e67512']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0763-551c-486f-b1fc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:55.000Z",
|
|
"modified": "2015-11-04T13:25:55.000Z",
|
|
"pattern": "[file:hashes.MD5 = '077faedb359e66187539dba3b45f109b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0764-8070-427d-8d2f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:56.000Z",
|
|
"modified": "2015-11-04T13:25:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = '26384fd1a54f44c32e1d2399662084ee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0764-a23c-47e1-a3b7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:56.000Z",
|
|
"modified": "2015-11-04T13:25:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9a9ab5d543ac44e4c08ec6d39e325001']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0764-0e58-47e5-afae-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:56.000Z",
|
|
"modified": "2015-11-04T13:25:56.000Z",
|
|
"pattern": "[domain-name:value = 'alicejav777.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0765-228c-47ff-9cd9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:57.000Z",
|
|
"modified": "2015-11-04T13:25:57.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b64520a4d10e235ae70157647bbf024a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0765-67d4-49ff-bc92-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:57.000Z",
|
|
"modified": "2015-11-04T13:25:57.000Z",
|
|
"pattern": "[file:hashes.MD5 = '13595dd817727883c0d516db3f4e4c08']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0766-4718-4953-8f2d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:58.000Z",
|
|
"modified": "2015-11-04T13:25:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fd8d9711547faa26e60de9d6e4290d9c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0766-f868-4169-bd2c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:58.000Z",
|
|
"modified": "2015-11-04T13:25:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5a76e8bab2debe52761d72f576f25022']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0766-6898-44b3-ba0b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:58.000Z",
|
|
"modified": "2015-11-04T13:25:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b22102d7917a83bc1a4ed7be403e28b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0767-e978-479b-9e87-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:59.000Z",
|
|
"modified": "2015-11-04T13:25:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b75af3a2eeeaf2a72160a1ec8da7ba45']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0767-ba34-43d6-8dda-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:25:59.000Z",
|
|
"modified": "2015-11-04T13:25:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = '13dbe7eba6c443594711bf3a13dae401']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:25:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0768-d4f8-44c4-beae-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:00.000Z",
|
|
"modified": "2015-11-04T13:26:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0682c69533d87d5295687f568db86c9f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0768-96a8-458a-b537-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:00.000Z",
|
|
"modified": "2015-11-04T13:26:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd0faade2ae78c6057d1ffe3c1900c242']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0768-50f4-4959-8d66-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:00.000Z",
|
|
"modified": "2015-11-04T13:26:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9e262c2e180ac4bb12ce3ecc0c0e37e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0769-b338-446e-b837-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:01.000Z",
|
|
"modified": "2015-11-04T13:26:01.000Z",
|
|
"pattern": "[domain-name:value = 'lawkimsun.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0769-f29c-49c2-bde2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:01.000Z",
|
|
"modified": "2015-11-04T13:26:01.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a9fb5a02c9fad9baf4afcec177ed5b93']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076a-75b8-423c-91d8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:02.000Z",
|
|
"modified": "2015-11-04T13:26:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a996aa61c94026932c6bcc13a2c2bb1a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076a-9910-4652-a2e8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:02.000Z",
|
|
"modified": "2015-11-04T13:26:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5c2feddcdb4a1cdaa90b46aaffedeb1d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076a-bf6c-41bd-89bb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:02.000Z",
|
|
"modified": "2015-11-04T13:26:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2a98997a022b069ad576cfdbbf9b8465']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076b-0a00-4644-ac28-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:03.000Z",
|
|
"modified": "2015-11-04T13:26:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = '37740728d4efa25ac9dff7f3df13fe8c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076b-dd28-4121-abb8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:03.000Z",
|
|
"modified": "2015-11-04T13:26:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b2f891b14d0ce105fb6d7cc1fc2549ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076c-3d40-49d7-94a7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:04.000Z",
|
|
"modified": "2015-11-04T13:26:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2a1509b141e574b710c60c635133576f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076c-543c-495a-9e12-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:04.000Z",
|
|
"modified": "2015-11-04T13:26:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd8183b4bb1129ed8b79528e7e3d6a715']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076c-8758-48ef-a53d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:04.000Z",
|
|
"modified": "2015-11-04T13:26:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = '81340026941739a74eb8a49bb1159449']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076d-28e4-4e09-8b4e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:05.000Z",
|
|
"modified": "2015-11-04T13:26:05.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e8576996331f260d554707b86c61a8c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076d-8810-459a-aee4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:05.000Z",
|
|
"modified": "2015-11-04T13:26:05.000Z",
|
|
"pattern": "[domain-name:value = 'arseisa.no-ip.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076e-36e0-4641-8a9a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:06.000Z",
|
|
"modified": "2015-11-04T13:26:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bb6ab62a3a0cfed8580a6e89c806738b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076e-1290-49be-8bd4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:06.000Z",
|
|
"modified": "2015-11-04T13:26:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f6869b30f236703d30c6887f38b3a455']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076e-93d8-4f71-a734-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:06.000Z",
|
|
"modified": "2015-11-04T13:26:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e5acd6ee0df1cad77e7fc60b40289f80']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076f-a0c4-4c89-add9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:07.000Z",
|
|
"modified": "2015-11-04T13:26:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cf7959ed1b09d647ee85d13596cf6cd2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076f-7d94-4ba8-a6b5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:07.000Z",
|
|
"modified": "2015-11-04T13:26:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7485fcc37a7dc0b54479432fa9ae6ebc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a076f-7418-42c4-a6d6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:07.000Z",
|
|
"modified": "2015-11-04T13:26:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e482685a6c332c20ba9a52ff1a172d7d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0770-aa30-4d3e-9f71-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:08.000Z",
|
|
"modified": "2015-11-04T13:26:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = '517d1b33c7e00da706dc6bb1b0b9ed34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0770-6c30-45e5-9fd5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:08.000Z",
|
|
"modified": "2015-11-04T13:26:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = '80c6d528958e847c33fce926a27f1f38']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0771-41cc-498f-908f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:09.000Z",
|
|
"modified": "2015-11-04T13:26:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1ebf6415bb960b745305d1915841a521']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0771-fb30-4df5-bde6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:09.000Z",
|
|
"modified": "2015-11-04T13:26:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0314f4615e0814f776b2354e5c9064c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0771-3a68-480a-ac19-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:09.000Z",
|
|
"modified": "2015-11-04T13:26:09.000Z",
|
|
"pattern": "[domain-name:value = 'blessingonblessings.hopto.me']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0772-d954-41b1-881c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:10.000Z",
|
|
"modified": "2015-11-04T13:26:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '87dd112052cf505463085613b4b59e3b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0772-c730-45ac-8488-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:10.000Z",
|
|
"modified": "2015-11-04T13:26:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '887af1e37c8e437fd95cb17880926045']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0773-c57c-447c-9aa2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:11.000Z",
|
|
"modified": "2015-11-04T13:26:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1367924eb6c13ae349a14e7783ca7b14']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0773-11b4-4ee5-a031-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:11.000Z",
|
|
"modified": "2015-11-04T13:26:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = '59da7a189e7dfb2d507b866e3324129d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0773-8760-4af3-9211-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:11.000Z",
|
|
"modified": "2015-11-04T13:26:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = '066affaebb03d3bfc432831cb41174c4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0774-9510-4a36-87b9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:12.000Z",
|
|
"modified": "2015-11-04T13:26:12.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3e4c0b98671be918652f8006c351a705']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0774-cdd4-4cfc-8f03-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:12.000Z",
|
|
"modified": "2015-11-04T13:26:12.000Z",
|
|
"pattern": "[file:hashes.MD5 = '335c7bec29c93fe18a2606634f4e0e8b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0775-6f5c-4927-89ec-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:13.000Z",
|
|
"modified": "2015-11-04T13:26:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd869ff8e37a0653b1698f06c33c5eb77']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0775-2d10-4c9e-a2c6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:13.000Z",
|
|
"modified": "2015-11-04T13:26:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = '829ec2e0dd7eaf21e8e078c95f598835']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0775-f090-43b6-b3db-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:13.000Z",
|
|
"modified": "2015-11-04T13:26:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cfa88693d0d7c17f872dd36f21c01127']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0776-90d4-47d5-afd0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:14.000Z",
|
|
"modified": "2015-11-04T13:26:14.000Z",
|
|
"pattern": "[domain-name:value = 'nikresut015js.zapto.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0776-7744-4952-8029-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:14.000Z",
|
|
"modified": "2015-11-04T13:26:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5945e2a97c18c9153141b40e48521927']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0777-8c70-4a01-ba86-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:15.000Z",
|
|
"modified": "2015-11-04T13:26:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = '79470667af56594beaf46f3cf6149abc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0777-9884-4626-b96c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:15.000Z",
|
|
"modified": "2015-11-04T13:26:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = '116bb79e4e56c72eccde133fbd81b00f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0777-12c0-41bf-8fe4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:15.000Z",
|
|
"modified": "2015-11-04T13:26:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bfa1faf15d13b36c716d51ad90abd3d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0778-6b48-4af7-b5ce-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:16.000Z",
|
|
"modified": "2015-11-04T13:26:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = '549ae1b2d7edb77af7f57c0b3a66b3c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0778-ff28-4063-8d62-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:16.000Z",
|
|
"modified": "2015-11-04T13:26:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e0ff4de69f9e724a22f5628723d68f9e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0779-e490-4629-8b07-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:17.000Z",
|
|
"modified": "2015-11-04T13:26:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = '150719079629d8d479fdd141a6862da3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0779-4abc-4b43-8096-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:17.000Z",
|
|
"modified": "2015-11-04T13:26:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = '77b9050f81bf177f9f442d0f0f2ba6a1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0779-7860-4c9f-825b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:17.000Z",
|
|
"modified": "2015-11-04T13:26:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3960b0027e8669ec7239ffc261c1a51d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077a-3238-4996-a6c0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:18.000Z",
|
|
"modified": "2015-11-04T13:26:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e25c466d58ef2fdab393b61416dcea69']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077a-1aa8-4293-bca1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:18.000Z",
|
|
"modified": "2015-11-04T13:26:18.000Z",
|
|
"pattern": "[domain-name:value = 'dotpago.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077a-2a30-447f-8ca3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:18.000Z",
|
|
"modified": "2015-11-04T13:26:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6e7533205ef18a55ad4ef384c152e181']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077b-86a8-4d40-ab07-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:19.000Z",
|
|
"modified": "2015-11-04T13:26:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cc61048a27d543f342de7700f3b5d649']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077b-80bc-40a3-9ca6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:19.000Z",
|
|
"modified": "2015-11-04T13:26:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = '61bd6255734c79a478edb3933e757d07']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077c-6b1c-4cb7-a378-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:20.000Z",
|
|
"modified": "2015-11-04T13:26:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '640e49904d84c198e42d6b4158cd6365']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077c-90d4-4bcd-ab5a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:20.000Z",
|
|
"modified": "2015-11-04T13:26:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c7aeab8f97128b1f8c653c94d0a099e0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077c-1a8c-4337-b78e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:20.000Z",
|
|
"modified": "2015-11-04T13:26:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9967bf8a17bf0bca5381261afa3a2593']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077d-38d8-4637-a693-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:21.000Z",
|
|
"modified": "2015-11-04T13:26:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = '410a1e1e02586b7af95ccf43b5bb61f9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077d-53c4-44f3-abc8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:21.000Z",
|
|
"modified": "2015-11-04T13:26:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = '285ab8fd58ec97da658a0fed06836c5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077e-0cc0-4d20-b8d0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:22.000Z",
|
|
"modified": "2015-11-04T13:26:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a9a587d3f8ef1c0f04bb84e880d931d9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077e-2420-4c01-b592-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:22.000Z",
|
|
"modified": "2015-11-04T13:26:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'addb452b32b52f633a08c37b6f839079']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077e-2fb4-43cb-8651-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:22.000Z",
|
|
"modified": "2015-11-04T13:26:22.000Z",
|
|
"pattern": "[domain-name:value = 'williasom.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077f-cab8-4c49-805d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:23.000Z",
|
|
"modified": "2015-11-04T13:26:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2cb59b32bb4a6919b72492f8db1c97cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a077f-8c54-409f-8880-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:23.000Z",
|
|
"modified": "2015-11-04T13:26:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fb38f8383214bfc545915e089ef6d18f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0780-fa94-48d2-ac8c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:24.000Z",
|
|
"modified": "2015-11-04T13:26:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6579e9d43b9864cf13e7202808874e8e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0780-c8f4-4d11-b78a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:24.000Z",
|
|
"modified": "2015-11-04T13:26:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4a2c981104cd77279b897fc0feb7485f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0780-bb3c-432e-8147-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:24.000Z",
|
|
"modified": "2015-11-04T13:26:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e949cff852839886d8f75990e1da5b83']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0781-67b8-4b3f-bcea-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:25.000Z",
|
|
"modified": "2015-11-04T13:26:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1fad86143616549aa0a13571ea2d9985']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0781-ea20-41e7-ba4c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:25.000Z",
|
|
"modified": "2015-11-04T13:26:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a804557ecc6d26d6c51ccfeb4111d855']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0782-4494-4797-94a1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:26.000Z",
|
|
"modified": "2015-11-04T13:26:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3c54ed7ac559604a78c25e7100480604']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0782-c1a8-4413-b2bd-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:26.000Z",
|
|
"modified": "2015-11-04T13:26:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0c5284ad9af01923818e42b02dc7ee90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0782-a8f8-467f-9776-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:26.000Z",
|
|
"modified": "2015-11-04T13:26:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'dd0f0f38dffbf0da3f328e8f94c48a0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0783-b408-44ff-a5e5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:27.000Z",
|
|
"modified": "2015-11-04T13:26:27.000Z",
|
|
"pattern": "[domain-name:value = 'jshkoi.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0783-7dec-4e2b-be59-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:27.000Z",
|
|
"modified": "2015-11-04T13:26:27.000Z",
|
|
"pattern": "[domain-name:value = 'floffman11.no-ip.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0784-9544-4347-978e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:28.000Z",
|
|
"modified": "2015-11-04T13:26:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '570133001cd6417d895c7d500e301f36']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0784-cfe4-4b40-8c57-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:28.000Z",
|
|
"modified": "2015-11-04T13:26:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bfb0b03538cc0166f4faf3062f6b4d28']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0784-c2e4-457c-9bcf-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:28.000Z",
|
|
"modified": "2015-11-04T13:26:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a9cf60dca213d6e8a9ce0ef0f230b3f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0785-8aa0-41e9-b632-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:29.000Z",
|
|
"modified": "2015-11-04T13:26:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd479bc551a8ee2b0152e9c9aef884321']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0785-d4fc-4279-aaf1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:29.000Z",
|
|
"modified": "2015-11-04T13:26:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e4ff3d6825da0524ebbf511667029a59']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0786-3d80-4800-8b02-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:30.000Z",
|
|
"modified": "2015-11-04T13:26:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd89e31c4a7e52a70f729d557590a215e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0786-898c-4253-a8b6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:30.000Z",
|
|
"modified": "2015-11-04T13:26:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9be850be8e8f78cf2e116ed375571dc1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0786-3694-4f07-a198-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:30.000Z",
|
|
"modified": "2015-11-04T13:26:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c327ad3ca111c388a928eec0d702f7c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0787-0c58-4748-8b41-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:31.000Z",
|
|
"modified": "2015-11-04T13:26:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = '34eb88dbe14ff2b7fbf4befc4dfc86ea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0787-7370-45de-8248-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:31.000Z",
|
|
"modified": "2015-11-04T13:26:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b9f450b4ddb1faef1a0e4cead3135dcc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0788-b658-4f6e-8287-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:32.000Z",
|
|
"modified": "2015-11-04T13:26:32.000Z",
|
|
"pattern": "[domain-name:value = 'egbowantedjs.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0788-b750-46f2-8ef4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:32.000Z",
|
|
"modified": "2015-11-04T13:26:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'db2df94485e7b453ad5d9fdfc9d0ff3b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0788-0a18-48a2-8d9d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:32.000Z",
|
|
"modified": "2015-11-04T13:26:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e74b9b79e096861ce27da966a37c4862']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0789-21c8-4284-8be5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:33.000Z",
|
|
"modified": "2015-11-04T13:26:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0aaaf25ad8f4a25c42c60698d27928d2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0789-16f0-4f4a-8fa5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:33.000Z",
|
|
"modified": "2015-11-04T13:26:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e2a3081a0f48ee51e84f0bc51013f947']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078a-1864-4d16-8e88-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:34.000Z",
|
|
"modified": "2015-11-04T13:26:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7ac493d7532d1c1f8bf6c78c7a338d48']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078a-53a0-41df-9624-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:34.000Z",
|
|
"modified": "2015-11-04T13:26:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f555a9fb345cc302b45d7cc9e5140be7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078a-2430-4866-8065-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:34.000Z",
|
|
"modified": "2015-11-04T13:26:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0af568fc82498359ddf295f72945b9ee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078b-e8f0-4b60-9875-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:35.000Z",
|
|
"modified": "2015-11-04T13:26:35.000Z",
|
|
"pattern": "[file:hashes.MD5 = '77fd95040a9d6d73c595d72d5b765673']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078b-9a50-4fcc-8453-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:35.000Z",
|
|
"modified": "2015-11-04T13:26:35.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a6fe9b7abb184b091076372b121a79ac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078c-6c38-4fd9-9eda-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:36.000Z",
|
|
"modified": "2015-11-04T13:26:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = '34318dbf1370711a81d4a0b05baee532']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078c-0004-4a16-88fa-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:36.000Z",
|
|
"modified": "2015-11-04T13:26:36.000Z",
|
|
"pattern": "[domain-name:value = 'mrmoney.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078d-dae8-4f6f-8231-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:37.000Z",
|
|
"modified": "2015-11-04T13:26:37.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7b862c0f2eacf215588d2543d686172e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078d-0f40-4f31-bd96-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:37.000Z",
|
|
"modified": "2015-11-04T13:26:37.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f8c3fd2b568510d20ff458596b8a1772']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078d-9a24-414b-af48-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:37.000Z",
|
|
"modified": "2015-11-04T13:26:37.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5af9933f2e2195e596bd18bca8710390']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078e-1c78-4173-9b5c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:38.000Z",
|
|
"modified": "2015-11-04T13:26:38.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2933cbaad75718136faadebbdbec4cf2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078e-1168-4ab0-8562-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:38.000Z",
|
|
"modified": "2015-11-04T13:26:38.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b0d1a876caa3147aecf0ebd282a7c028']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078f-fde0-4df3-a34e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:39.000Z",
|
|
"modified": "2015-11-04T13:26:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f337f4dfb3d37d4246f5fa403ac5a617']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078f-753c-431e-a882-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:39.000Z",
|
|
"modified": "2015-11-04T13:26:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fd5cdd41ade62f96d87cbd46eaf02e58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a078f-d0a4-44b8-bac3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:39.000Z",
|
|
"modified": "2015-11-04T13:26:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = '65dcc596eb7642c485e097f20934ca20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0790-2fa4-4b80-8877-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:40.000Z",
|
|
"modified": "2015-11-04T13:26:40.000Z",
|
|
"pattern": "[file:hashes.MD5 = '68a9e766feb1e342ac14bd07301f99fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0790-5b7c-483b-ac3d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:40.000Z",
|
|
"modified": "2015-11-04T13:26:40.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c7524a17b32bde68f2aa9fad37751e50']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0791-0510-4b6d-a209-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:41.000Z",
|
|
"modified": "2015-11-04T13:26:41.000Z",
|
|
"pattern": "[domain-name:value = 'olavroy4.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0791-2020-4a39-b0e5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:41.000Z",
|
|
"modified": "2015-11-04T13:26:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a449683b2bac104c4cff48a199d4f884']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0791-6568-42bd-b36e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:41.000Z",
|
|
"modified": "2015-11-04T13:26:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ae787b8f97ed9bb7a7eb1fff4e0f5e4f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0792-76e0-48f2-ac91-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:42.000Z",
|
|
"modified": "2015-11-04T13:26:42.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4de5878d18cf420f4a330a43ca6ba0be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0792-7764-48bb-9805-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:42.000Z",
|
|
"modified": "2015-11-04T13:26:42.000Z",
|
|
"pattern": "[file:hashes.MD5 = '68641076d375255f818985cfaad52b39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0793-3fcc-441b-896f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:43.000Z",
|
|
"modified": "2015-11-04T13:26:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a756a58053b3348cc91569034362ddfa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0793-80c8-48ad-87b6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:43.000Z",
|
|
"modified": "2015-11-04T13:26:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = '90169688b969a9993c56ee516a330b67']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0793-1eb0-42d1-8ed0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:43.000Z",
|
|
"modified": "2015-11-04T13:26:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f8c6add81b8ce52691ae650aff51c36b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0794-d2f0-4379-9e38-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:44.000Z",
|
|
"modified": "2015-11-04T13:26:44.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a76dddc8669f5faae257edec9bdab1c7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0794-09f4-4841-933c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:44.000Z",
|
|
"modified": "2015-11-04T13:26:44.000Z",
|
|
"pattern": "[file:hashes.MD5 = '960fad6a2ceddd0abfb74302c7ae7420']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0795-566c-4cbd-a0d8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:45.000Z",
|
|
"modified": "2015-11-04T13:26:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ff5ab5d563e91accb2db859df7ca7807']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0795-be64-4445-a244-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:45.000Z",
|
|
"modified": "2015-11-04T13:26:45.000Z",
|
|
"pattern": "[domain-name:value = 'whichway.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0795-e9cc-4213-88c5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:45.000Z",
|
|
"modified": "2015-11-04T13:26:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1a1f446fca92b54c42bdba4f835d51b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0796-fa2c-4c7c-9dbd-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:46.000Z",
|
|
"modified": "2015-11-04T13:26:46.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e40caf22393125ca9df0ca3e258798bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0796-dddc-48b3-8ccc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:46.000Z",
|
|
"modified": "2015-11-04T13:26:46.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4e7cc7a7e79ee6914265774ed2243bf9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0797-5e34-4522-b002-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:47.000Z",
|
|
"modified": "2015-11-04T13:26:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0f2cde056639fc419d4e5b611961f235']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0797-85fc-4acf-a083-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:47.000Z",
|
|
"modified": "2015-11-04T13:26:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = '864ce37676d85a15d6f84e30ea4bce33']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0797-e864-42b3-837c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:47.000Z",
|
|
"modified": "2015-11-04T13:26:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = '651f54989a9ab1e84b784cb1d11db33c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0798-6fe8-4a01-80f2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:48.000Z",
|
|
"modified": "2015-11-04T13:26:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'be5ed7bec23581c268acee395811e4b9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0798-5ea0-48dd-8f57-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:48.000Z",
|
|
"modified": "2015-11-04T13:26:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0cd5ebd100022c928e09145800d3a58a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0799-0f58-4126-951b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:49.000Z",
|
|
"modified": "2015-11-04T13:26:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e7b744d5a642cb1c9992fae127206aca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0799-67dc-43c1-a71d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:49.000Z",
|
|
"modified": "2015-11-04T13:26:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c67fe00db1af880bf19943df7d786c76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0799-06e0-4f25-86e1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:49.000Z",
|
|
"modified": "2015-11-04T13:26:49.000Z",
|
|
"pattern": "[domain-name:value = 'chriswork.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079a-7af8-4dab-9b07-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:50.000Z",
|
|
"modified": "2015-11-04T13:26:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9dc1896e931dddc19dd479cf70da0845']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079a-f558-4675-9b63-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:50.000Z",
|
|
"modified": "2015-11-04T13:26:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4073d5fd3e1c241d80c815f6fc2b82ec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079a-f1f0-40db-9c2d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:50.000Z",
|
|
"modified": "2015-11-04T13:26:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = '13f636821e64bc586cbbb99f694fed00']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079b-c57c-45e8-b172-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:51.000Z",
|
|
"modified": "2015-11-04T13:26:51.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f85c0620ccb8df3d9fb9de96bfe90248']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079b-8310-4cf0-8010-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:51.000Z",
|
|
"modified": "2015-11-04T13:26:51.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2b6f72d1d2bcc3bb5394d8aec51c2f8f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079c-1430-48ac-ac2b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:52.000Z",
|
|
"modified": "2015-11-04T13:26:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f2bed0b0bc0c6b9be3426d0f407c1ae6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079c-7ec8-4169-b8ba-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:52.000Z",
|
|
"modified": "2015-11-04T13:26:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2552791e18f8d59793359d1a97fedadf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079c-ac48-4365-acc4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:52.000Z",
|
|
"modified": "2015-11-04T13:26:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = '73591e1ed55700b564cf3b67112ea418']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079d-9938-4e81-afd7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:53.000Z",
|
|
"modified": "2015-11-04T13:26:53.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0f984f6ed249128b2ae7c57f4290bf44']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079d-386c-42db-a864-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:53.000Z",
|
|
"modified": "2015-11-04T13:26:53.000Z",
|
|
"pattern": "[file:hashes.MD5 = '18ecce0a5e6475f6477a078fd1dbefea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079e-b1e0-4aa6-903f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:54.000Z",
|
|
"modified": "2015-11-04T13:26:54.000Z",
|
|
"pattern": "[domain-name:value = 'dave1033.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079e-cce0-491f-9e35-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:54.000Z",
|
|
"modified": "2015-11-04T13:26:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c9d21f107132cdcbb1f38ad354c8987e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079e-ffa4-4024-82f2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:54.000Z",
|
|
"modified": "2015-11-04T13:26:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6a35cf8737e3ee27f56cb7bd83d1c998']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079f-f430-4a96-884d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:55.000Z",
|
|
"modified": "2015-11-04T13:26:55.000Z",
|
|
"pattern": "[file:hashes.MD5 = '89c2717e0902c0c3a8639c5682314c36']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a079f-d664-48bb-aafb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:55.000Z",
|
|
"modified": "2015-11-04T13:26:55.000Z",
|
|
"pattern": "[file:hashes.MD5 = '270a96c7dc60853604bb83e96e07ef78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a0-b678-4a6e-b716-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:56.000Z",
|
|
"modified": "2015-11-04T13:26:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ce5e2aa634b79e070794ca2f987c7d37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a0-9288-442d-8db9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:56.000Z",
|
|
"modified": "2015-11-04T13:26:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4b8c3ee0c2d53e40171a029eecf5fa4b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a0-b9e0-4e6c-8d77-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:56.000Z",
|
|
"modified": "2015-11-04T13:26:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ca9b6e4e2dce9ec8b1e8d58d38ef063a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a1-9808-4143-bcce-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:57.000Z",
|
|
"modified": "2015-11-04T13:26:57.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fec7f191a33df62e733ebfecc7fb26a9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a1-21c8-4207-a808-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:57.000Z",
|
|
"modified": "2015-11-04T13:26:57.000Z",
|
|
"pattern": "[file:hashes.MD5 = '62d102a1c8ee09d12ad9046316b428a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a2-2a50-4cdf-838f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:58.000Z",
|
|
"modified": "2015-11-04T13:26:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = '11d2f38c8dadef4702d0a8d91c0919a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a2-57bc-45c2-a250-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:58.000Z",
|
|
"modified": "2015-11-04T13:26:58.000Z",
|
|
"pattern": "[domain-name:value = 'filezilla.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a2-45ec-4e29-8ac0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:58.000Z",
|
|
"modified": "2015-11-04T13:26:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b001844775597a3487c9964222fe1f14']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a3-0030-4961-b6b7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:59.000Z",
|
|
"modified": "2015-11-04T13:26:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = '85952c0e83bad7b71cb5793fbf2af35a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a3-f6c0-4c99-9a27-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:26:59.000Z",
|
|
"modified": "2015-11-04T13:26:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0c59a489430322152a9a3f87149b78e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:26:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a4-94c8-4bbf-9276-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:00.000Z",
|
|
"modified": "2015-11-04T13:27:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c795cf4f7b1a194b2dfed402850b6fe3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a4-7414-4630-af6e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:00.000Z",
|
|
"modified": "2015-11-04T13:27:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e3671165cd1d3dd6394cf431e432ca58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a4-0cd4-4b68-aa28-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:00.000Z",
|
|
"modified": "2015-11-04T13:27:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9f5a4db5d6752b2e183d63e9a2ab5e77']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a5-65a8-4ff9-bb62-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:01.000Z",
|
|
"modified": "2015-11-04T13:27:01.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fd384d5aba0869d7e8f9adf1a0c04913']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a5-e27c-468a-8874-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:01.000Z",
|
|
"modified": "2015-11-04T13:27:01.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'af610db8b8f2f4cb6159a2978e2f8682']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a6-1cc0-46b2-b9f0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:02.000Z",
|
|
"modified": "2015-11-04T13:27:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0d19c7a1ff7766d011d0749f0a760029']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a6-4ca8-4ecd-929d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:02.000Z",
|
|
"modified": "2015-11-04T13:27:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = '737d2c13ebc18392b8cf6897f3c84482']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a6-2adc-4a9a-ba38-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:02.000Z",
|
|
"modified": "2015-11-04T13:27:02.000Z",
|
|
"pattern": "[domain-name:value = 'johnsonsammy.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a7-c418-4765-83b7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:03.000Z",
|
|
"modified": "2015-11-04T13:27:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = '046737a5ba9fce124c3403db0c5efcb1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a7-49cc-4ec9-b836-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:03.000Z",
|
|
"modified": "2015-11-04T13:27:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3a5d60f2b8a1b6ebe763865ae493a42d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a8-c658-47aa-861c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:04.000Z",
|
|
"modified": "2015-11-04T13:27:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9201de2b446784b1cfe32e767e36a5f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a8-d7a4-4ea7-bda1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:04.000Z",
|
|
"modified": "2015-11-04T13:27:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = '88253664fb130bf45637a946b82d8eb2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a8-85c4-4877-a028-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:04.000Z",
|
|
"modified": "2015-11-04T13:27:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ba76e0a0ce0ed84fea0601c1431853f5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a9-0904-4df1-b7ff-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:05.000Z",
|
|
"modified": "2015-11-04T13:27:05.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'dc02b80f0f9a54c19d61ff522ee22842']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a9-35a8-4685-848d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:05.000Z",
|
|
"modified": "2015-11-04T13:27:05.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd9df23dc092041a7bc571c37c987934e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07a9-b834-4a8e-8a53-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:05.000Z",
|
|
"modified": "2015-11-04T13:27:05.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9a785d616708afa0b8e59ee07cfa34e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07aa-e240-4c20-b87d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:06.000Z",
|
|
"modified": "2015-11-04T13:27:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bce98010ac78697d6eefb64994700773']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07aa-3c58-4e56-9a40-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:06.000Z",
|
|
"modified": "2015-11-04T13:27:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f0e25b006584b9d2fe6cc4b7a765b3a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ab-e710-468a-ab66-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:07.000Z",
|
|
"modified": "2015-11-04T13:27:07.000Z",
|
|
"pattern": "[domain-name:value = 'abdav21.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ab-c768-44f9-a3b2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:07.000Z",
|
|
"modified": "2015-11-04T13:27:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1b00b7a8fc0001b69d163feea4f11916']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ab-4d1c-4b39-9b66-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:07.000Z",
|
|
"modified": "2015-11-04T13:27:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ea532cd5d1764aa058d18dbcbca29748']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ac-d460-4729-9e91-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:08.000Z",
|
|
"modified": "2015-11-04T13:27:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0ee6c0616e7042196c6d0aa5921479be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ac-01cc-44c6-91e2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:08.000Z",
|
|
"modified": "2015-11-04T13:27:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b1c142463b540f0fea437aec5a546b3a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ad-e93c-40a4-a6cf-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:09.000Z",
|
|
"modified": "2015-11-04T13:27:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '98abaeb4104910feae3e5dbc9a1dfef5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ad-d634-476c-9f17-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:09.000Z",
|
|
"modified": "2015-11-04T13:27:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1377fd18f2165fc6773e3e89799e5a70']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ad-1cb4-4597-974c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:09.000Z",
|
|
"modified": "2015-11-04T13:27:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7ab1f374ebd9908a3f15c9dd66213190']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ae-acb4-4cd1-8378-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:10.000Z",
|
|
"modified": "2015-11-04T13:27:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8772a3e572787d30b19d2bd95aeb8de2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ae-d030-4740-a68d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:10.000Z",
|
|
"modified": "2015-11-04T13:27:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4b6cbd1c36c46dc7ee24ec4e7457bbfa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07af-42cc-4712-be26-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:11.000Z",
|
|
"modified": "2015-11-04T13:27:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bcf7995aae8894bb754c2e21ece8c57d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07af-4ab0-43fd-8d16-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:11.000Z",
|
|
"modified": "2015-11-04T13:27:11.000Z",
|
|
"pattern": "[domain-name:value = 'tpalmer1955.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07af-5dd4-4abf-a46a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:11.000Z",
|
|
"modified": "2015-11-04T13:27:11.000Z",
|
|
"pattern": "[domain-name:value = 'akwotie.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b0-458c-48a5-b1c6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:12.000Z",
|
|
"modified": "2015-11-04T13:27:12.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4ae80809ea5c1d4b6526316024c9353b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b0-8314-45ad-8d75-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:12.000Z",
|
|
"modified": "2015-11-04T13:27:12.000Z",
|
|
"pattern": "[file:hashes.MD5 = '059a3a1d39f774b5ef436a0df7b88547']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b1-4f64-4089-8811-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:13.000Z",
|
|
"modified": "2015-11-04T13:27:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5d53163c8e52d4d76de136a82ece4b59']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b1-3ca0-4f03-a654-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:13.000Z",
|
|
"modified": "2015-11-04T13:27:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6a40640b358f58cab3be3ac9612d64c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b1-77a4-4991-bd6f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:13.000Z",
|
|
"modified": "2015-11-04T13:27:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a506e84ed9b8cf32109c31b5186b72d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b2-7e88-4bd8-a87a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:14.000Z",
|
|
"modified": "2015-11-04T13:27:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0e851f71a562a9e5122a3de10c6c2bff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b2-f920-4556-a6c9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:14.000Z",
|
|
"modified": "2015-11-04T13:27:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '77021465ce3ed30ff3ff390d28157dbd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b3-fd2c-4546-bf95-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:15.000Z",
|
|
"modified": "2015-11-04T13:27:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c4e86df4da69199aa7fca10bcbe1284d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b3-5480-4273-ba89-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:15.000Z",
|
|
"modified": "2015-11-04T13:27:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1babbc9f2fe42fdfb12ae4714d0575b7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b3-7454-4b4c-8aac-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:15.000Z",
|
|
"modified": "2015-11-04T13:27:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9c89728855aaf383f9a835b0ce175a90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b4-6de8-4a35-8fac-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:16.000Z",
|
|
"modified": "2015-11-04T13:27:16.000Z",
|
|
"pattern": "[domain-name:value = 'adolfo196938.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b4-46d0-4a3f-9d8f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:16.000Z",
|
|
"modified": "2015-11-04T13:27:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a512b154ee4319ddcf45c789b933db4e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b5-2a48-4e19-8827-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:17.000Z",
|
|
"modified": "2015-11-04T13:27:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8cf448ecfe6037529834106dcb104f6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b5-aa94-4a35-af62-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:17.000Z",
|
|
"modified": "2015-11-04T13:27:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = '98d4d11676a2bddb4eddb5ec6469ccf0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b5-66ec-4cfe-b113-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:17.000Z",
|
|
"modified": "2015-11-04T13:27:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ebd749c85483f8695fdde79309276f4e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b6-0dec-472a-aa5e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:18.000Z",
|
|
"modified": "2015-11-04T13:27:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ac69d18d0e5730147d6dabb5a2c6a3d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b6-5684-4ee3-90df-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:18.000Z",
|
|
"modified": "2015-11-04T13:27:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8c8ebbf3c4747cb33bd6cb101491400d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b6-8418-4432-82a0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:18.000Z",
|
|
"modified": "2015-11-04T13:27:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = '220f38da5c162f274f809461c5dce3f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b7-dbf8-49a9-9770-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:19.000Z",
|
|
"modified": "2015-11-04T13:27:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ed51cdb54b948db32f0398de58b0c0d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b7-5684-4ddf-96b3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:19.000Z",
|
|
"modified": "2015-11-04T13:27:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5e9c33e553f94cdb691dc271184ce7c4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b8-d148-453b-8d10-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:20.000Z",
|
|
"modified": "2015-11-04T13:27:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '88539e45c9853c52ef7349535dd4e41c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b8-c1bc-4c9e-9d92-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:20.000Z",
|
|
"modified": "2015-11-04T13:27:20.000Z",
|
|
"pattern": "[domain-name:value = 'ome.no-ip.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b8-5c38-4f61-83f3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:20.000Z",
|
|
"modified": "2015-11-04T13:27:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a2819272d2be53a19e0cce53d4932e42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b9-3840-49fc-813b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:21.000Z",
|
|
"modified": "2015-11-04T13:27:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = '336562f4441b590ac0667e7659be73f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07b9-5028-4b43-bd6f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:21.000Z",
|
|
"modified": "2015-11-04T13:27:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fce7e921dfb86a357ead61514653dff7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ba-3eb8-40e9-ab27-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:22.000Z",
|
|
"modified": "2015-11-04T13:27:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'de7e21e194b54a4ed8539c131f29d019']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ba-0b18-4e13-b0d2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:22.000Z",
|
|
"modified": "2015-11-04T13:27:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '76b05fdf769c411546e285719fec612d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ba-447c-4650-8b99-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:22.000Z",
|
|
"modified": "2015-11-04T13:27:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ba64efc386518ae259bc57649ebd7645']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bb-e500-4088-a95c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:23.000Z",
|
|
"modified": "2015-11-04T13:27:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = '04f327e84e2a3413613186e0e2dac5d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bb-2f0c-4015-8c8c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:23.000Z",
|
|
"modified": "2015-11-04T13:27:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8f836fc63550e96d55283936a530441a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bc-d400-4d0b-8d1c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:24.000Z",
|
|
"modified": "2015-11-04T13:27:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9e467563730bf637e66a30418a310574']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bc-81e0-40c1-8061-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:24.000Z",
|
|
"modified": "2015-11-04T13:27:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0df43e770485b4cb5470117addc5d420']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bc-fb10-4b8b-91bb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:24.000Z",
|
|
"modified": "2015-11-04T13:27:24.000Z",
|
|
"pattern": "[domain-name:value = 'lazarus.ufcfan.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bd-d26c-4959-b569-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:25.000Z",
|
|
"modified": "2015-11-04T13:27:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd851f0b10a520bfe72fca0a5796d7a03']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bd-0628-4866-8ef8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:25.000Z",
|
|
"modified": "2015-11-04T13:27:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'da12034435fc9e0982d8ed5f9b26e9be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07be-43a8-4306-b283-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:26.000Z",
|
|
"modified": "2015-11-04T13:27:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '441f4d85a6790041a071e784404e45cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07be-acd8-41eb-b45d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:26.000Z",
|
|
"modified": "2015-11-04T13:27:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9da69ad5392c13aeaed98862684511b4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07be-8d2c-4f64-b36a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:26.000Z",
|
|
"modified": "2015-11-04T13:27:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8c28bb9e17e58a4c9f2365f1d284943a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bf-dabc-4384-a843-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:27.000Z",
|
|
"modified": "2015-11-04T13:27:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cd2f0d8b5bbe982ac524aa4541c13333']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07bf-1e94-47f4-afb8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:27.000Z",
|
|
"modified": "2015-11-04T13:27:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = '218bb6e57a1f8b80fa0b55a50ea569e5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c0-111c-4487-bedb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:28.000Z",
|
|
"modified": "2015-11-04T13:27:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd8ebd38a000a1fddf7979ce8c6c84d98']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c0-5570-4e55-b124-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:28.000Z",
|
|
"modified": "2015-11-04T13:27:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'afa496ee1ffaba2ba17ddd50f9163bef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c0-2150-43a7-a187-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:28.000Z",
|
|
"modified": "2015-11-04T13:27:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '55f89bb173229718c7f4db7d0498b7e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c1-276c-4011-81d7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:29.000Z",
|
|
"modified": "2015-11-04T13:27:29.000Z",
|
|
"pattern": "[domain-name:value = 'tomluke12.publicvm.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c1-c8d4-4c1a-8d15-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:29.000Z",
|
|
"modified": "2015-11-04T13:27:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '216a4ba002796e4d664c43f62cbd8e7e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c2-35c8-4222-8170-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:30.000Z",
|
|
"modified": "2015-11-04T13:27:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '79765c626ab2b1fa0b5169cc4241595f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c2-0e78-4fca-a4aa-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:30.000Z",
|
|
"modified": "2015-11-04T13:27:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '42996c68855c217531126d6729e195dc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c2-cc68-4dba-870c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:30.000Z",
|
|
"modified": "2015-11-04T13:27:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'eb3ebc53c6dee33d5abc3e1ea13f48f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c3-52cc-4a86-97a2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:31.000Z",
|
|
"modified": "2015-11-04T13:27:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd4d78f6633ab47b53a5c59459d53904d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c3-2b78-47c4-9201-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:31.000Z",
|
|
"modified": "2015-11-04T13:27:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = '33ec3e96e7a965260eb0cd79e7b695b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c4-322c-4dcd-b178-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:32.000Z",
|
|
"modified": "2015-11-04T13:27:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = '285b6edcd3e761534a6177c309f3c8c4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c4-94b8-44e8-9044-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:32.000Z",
|
|
"modified": "2015-11-04T13:27:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = '38bed53c6ff35d1b2b574c491cddbb29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c4-1a40-4480-a4bc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:32.000Z",
|
|
"modified": "2015-11-04T13:27:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = '750d28ef4eec9f70a7a43a31a47698c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c5-f844-4c4c-a8a7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:33.000Z",
|
|
"modified": "2015-11-04T13:27:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = '977b525027037206b59da2567fdf54ec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c5-d1c8-4e12-baf8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:33.000Z",
|
|
"modified": "2015-11-04T13:27:33.000Z",
|
|
"pattern": "[domain-name:value = 'vyperps.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c5-d9c0-4d75-a4a5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:33.000Z",
|
|
"modified": "2015-11-04T13:27:33.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ae3084ae9df3477008f19bb1a80c7764']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c6-646c-4c68-9f7f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:34.000Z",
|
|
"modified": "2015-11-04T13:27:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3cd02b51a59da276ecfb39fcebc5cebc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c6-a04c-497d-af6f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:34.000Z",
|
|
"modified": "2015-11-04T13:27:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'acd6bf813faa734f25abfc8d164d20a1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c7-46f4-4e0b-a2bd-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:35.000Z",
|
|
"modified": "2015-11-04T13:27:35.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'aab7cfcf19c427cbb04efbe7c930413a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c7-fcec-45e2-a217-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:35.000Z",
|
|
"modified": "2015-11-04T13:27:35.000Z",
|
|
"pattern": "[file:hashes.MD5 = '313bd26294600e92be1d479f76158444']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c7-a734-4f7f-ae1d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:35.000Z",
|
|
"modified": "2015-11-04T13:27:35.000Z",
|
|
"pattern": "[file:hashes.MD5 = '349edee80a63d009e076b5e70341093a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c8-221c-46a9-9d48-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:36.000Z",
|
|
"modified": "2015-11-04T13:27:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b585c430b052dfc82a3367a85e2fb4c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c8-d248-4ba6-910d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:36.000Z",
|
|
"modified": "2015-11-04T13:27:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2d012a6119325886c84a2742b3b4d7a5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c9-810c-4ec9-9c92-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:37.000Z",
|
|
"modified": "2015-11-04T13:27:37.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c4845723d687c48f4f9b6deb120fab69']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c9-7128-4360-b8bb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:37.000Z",
|
|
"modified": "2015-11-04T13:27:37.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3657e992dd18a6c2b7319ea9f15407b4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07c9-2e24-482c-9757-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:37.000Z",
|
|
"modified": "2015-11-04T13:27:37.000Z",
|
|
"pattern": "[domain-name:value = 'logisticsltd.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ca-c95c-4a47-b454-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:38.000Z",
|
|
"modified": "2015-11-04T13:27:38.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c06688b0c9a2b3a653bb9b4dacb07810']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ca-1e9c-4d4c-b6e2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:38.000Z",
|
|
"modified": "2015-11-04T13:27:38.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'df9c2e9708c9fe9f59a899a16342ffb1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cb-651c-468a-a0e9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:39.000Z",
|
|
"modified": "2015-11-04T13:27:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = '07d17b9d0be845d0abda27e68ea0dcf8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cb-bc28-4e59-82b0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:39.000Z",
|
|
"modified": "2015-11-04T13:27:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f583e3e4564a8a96cd4430f0caecb134']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cb-5968-4f72-bed0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:39.000Z",
|
|
"modified": "2015-11-04T13:27:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4cc6cc9be6208f5e48c71f81157c9eb0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cc-72e8-4e2e-b101-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:40.000Z",
|
|
"modified": "2015-11-04T13:27:40.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9aa4ed7d47cca9ffb7d3c847dbb2bd0d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cc-4a40-414a-ab62-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:40.000Z",
|
|
"modified": "2015-11-04T13:27:40.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'aee5b8a559dc7b83d9ebb526f63c27be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cd-5264-46ba-9c82-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:41.000Z",
|
|
"modified": "2015-11-04T13:27:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'adeeeb322d2001e50404948c1e5d054f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cd-640c-419d-9c13-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:41.000Z",
|
|
"modified": "2015-11-04T13:27:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4c823202db8c1e81719abba4f387e694']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cd-78b8-4dc1-9769-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:41.000Z",
|
|
"modified": "2015-11-04T13:27:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ce005e2652ef51b1b549501080c588e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ce-4560-44d6-a3b9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:42.000Z",
|
|
"modified": "2015-11-04T13:27:42.000Z",
|
|
"pattern": "[domain-name:value = 'ben770.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ce-397c-4555-aa7b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:42.000Z",
|
|
"modified": "2015-11-04T13:27:42.000Z",
|
|
"pattern": "[file:hashes.MD5 = '012f3a1bb9dd02af17c8fbc99556fcea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cf-5f5c-4a06-93f7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:43.000Z",
|
|
"modified": "2015-11-04T13:27:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2450e25efa8c5b77a58b2316b5df0dae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cf-eb94-440e-b44f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:43.000Z",
|
|
"modified": "2015-11-04T13:27:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = '985d2aaef96f2e94278b9219bcfb2431']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07cf-8560-48a4-a54c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:43.000Z",
|
|
"modified": "2015-11-04T13:27:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ede358e7e1165d55bdbac0faa3004542']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d0-9d74-443d-a68a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:44.000Z",
|
|
"modified": "2015-11-04T13:27:44.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8a2c5ea4fb75b3b9d0d8081aed650b8e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d0-b6c8-4af6-bd11-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:44.000Z",
|
|
"modified": "2015-11-04T13:27:44.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bdc8aaebc1823dd6b7cf906c1414fd17']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d1-2b30-4ed4-a48c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:45.000Z",
|
|
"modified": "2015-11-04T13:27:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e1daffe8ae442cd982e9711fd30fa97c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d1-8288-4caa-b9ca-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:45.000Z",
|
|
"modified": "2015-11-04T13:27:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8b489b2b104334cf74996b6a11818dd7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d1-2e88-44b6-9dd6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:45.000Z",
|
|
"modified": "2015-11-04T13:27:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = '029c96d902df2700d38cae47bcc378b5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d2-ea2c-4f72-9bf3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:46.000Z",
|
|
"modified": "2015-11-04T13:27:46.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ff0cd8fa2dbe2fae51a86c18c8a75a0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d2-003c-4c3e-8be5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:46.000Z",
|
|
"modified": "2015-11-04T13:27:46.000Z",
|
|
"pattern": "[domain-name:value = 'leonardomateus131.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d3-2d30-40d4-ae89-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:47.000Z",
|
|
"modified": "2015-11-04T13:27:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7c31b998e268425d63f7afc7b531fe96']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d3-cd88-42a5-9e74-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:47.000Z",
|
|
"modified": "2015-11-04T13:27:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = '574eea673e2b2aca01307ec65d26b20b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d3-b7e0-4de5-9442-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:47.000Z",
|
|
"modified": "2015-11-04T13:27:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fac74c7720cbc9a132558424fa4709e6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d4-a238-4379-b2f1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:48.000Z",
|
|
"modified": "2015-11-04T13:27:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ef965d1693d2f1379ed9f245f2190c93']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d4-de74-4e62-a984-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:48.000Z",
|
|
"modified": "2015-11-04T13:27:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = '279efc328e79a857786ec29e58567f31']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d5-1644-4e51-a906-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:48.000Z",
|
|
"modified": "2015-11-04T13:27:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0c90c5eb23bb4fa413648c0ef9ca399a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d5-c074-4834-bcbc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:49.000Z",
|
|
"modified": "2015-11-04T13:27:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = '77c5d1cd6a996bf4f4df37d172ad4b3d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d5-c15c-47c6-a1cf-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:49.000Z",
|
|
"modified": "2015-11-04T13:27:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = '88e91fa33316a1668ca65e8034f99a8b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d6-7c64-4429-858f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:50.000Z",
|
|
"modified": "2015-11-04T13:27:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = '297a6600a7eb25e1633468345a7a7107']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d6-d594-4348-b0de-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:50.000Z",
|
|
"modified": "2015-11-04T13:27:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c5a21961bbba68cc2486577cf7f19d08']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d6-fbc8-4140-b771-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:50.000Z",
|
|
"modified": "2015-11-04T13:27:50.000Z",
|
|
"pattern": "[domain-name:value = 'opendoors.myftp.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d7-3728-4b7f-a8ac-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:51.000Z",
|
|
"modified": "2015-11-04T13:27:51.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0fc0cd2700b67ed1c12d0b76047dfe59']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d7-219c-49ba-9461-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:51.000Z",
|
|
"modified": "2015-11-04T13:27:51.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8ce5586305e6a7d90bf2343466e9655d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d8-1dac-406f-ba07-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:52.000Z",
|
|
"modified": "2015-11-04T13:27:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = '458eb818280f726d7856e8d0de4de65c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d8-1d9c-4fae-8f55-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:52.000Z",
|
|
"modified": "2015-11-04T13:27:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = '44c71df65822f941918c4bce75d7f3d1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d8-cb70-444a-8e85-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:52.000Z",
|
|
"modified": "2015-11-04T13:27:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0b5df93467a81d193df7f7f43841ea77']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d9-b354-43e8-a67e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:53.000Z",
|
|
"modified": "2015-11-04T13:27:53.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd6bcd2a2e1ad4dc3466f995544463d8f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07d9-e780-4acc-ab22-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:53.000Z",
|
|
"modified": "2015-11-04T13:27:53.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1f8d3ecf8ffd01ddead8eaa92d40272e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07da-e6a8-4486-9cb2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:54.000Z",
|
|
"modified": "2015-11-04T13:27:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f3fb357c226aa8e56a692fa20cf00cb2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07da-d148-4ece-9a5a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:54.000Z",
|
|
"modified": "2015-11-04T13:27:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a275e7ec0fff7048ad991ff56825ff03']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07da-2218-4411-be14-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:54.000Z",
|
|
"modified": "2015-11-04T13:27:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1120f40da7387f273387cbfdb7eb6b5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07db-8ffc-4b4c-8db4-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:55.000Z",
|
|
"modified": "2015-11-04T13:27:55.000Z",
|
|
"pattern": "[domain-name:value = 'jjsmits7.serveftp.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07db-34d8-4cb7-b354-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:55.000Z",
|
|
"modified": "2015-11-04T13:27:55.000Z",
|
|
"pattern": "[domain-name:value = 'hydrabad-ur.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07dc-c4e8-419a-a07e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:56.000Z",
|
|
"modified": "2015-11-04T13:27:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = '221dbe30a24c087dd49092383b8b805b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07dc-a14c-4711-b2c2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:56.000Z",
|
|
"modified": "2015-11-04T13:27:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2fdbf18c8656ef1404e4f04483b579e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07dc-6430-40c5-b6b5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:56.000Z",
|
|
"modified": "2015-11-04T13:27:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'dbb94739f43b74e209daaff36dd6cd1f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07dd-0fac-4f99-89bc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:57.000Z",
|
|
"modified": "2015-11-04T13:27:57.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c087cd0951b525ea8a096c37f3014fe0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07dd-8834-452e-9ee5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:57.000Z",
|
|
"modified": "2015-11-04T13:27:57.000Z",
|
|
"pattern": "[file:hashes.MD5 = '773f5dd3d2ca3f9654fbcf21f5ff00c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07de-7e84-44e8-8022-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:58.000Z",
|
|
"modified": "2015-11-04T13:27:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'edd84f7c567e30ee0d78de3739945927']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07de-1948-4e9a-be82-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:58.000Z",
|
|
"modified": "2015-11-04T13:27:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8672c029b942aecbd87518935215d753']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07de-0e44-412f-8e8d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:58.000Z",
|
|
"modified": "2015-11-04T13:27:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3edbe1bdbae126360a5713eba5f56c9e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07df-407c-4b27-8fd5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:59.000Z",
|
|
"modified": "2015-11-04T13:27:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd5179087caa4a882ce74d3d8c5302007']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07df-e390-47e6-9014-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:27:59.000Z",
|
|
"modified": "2015-11-04T13:27:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2241f50151c05ee86dc6d1986e47861d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:27:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e0-10c0-48b3-8359-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:00.000Z",
|
|
"modified": "2015-11-04T13:28:00.000Z",
|
|
"pattern": "[domain-name:value = 'mega123b.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e0-afa4-4bc8-a706-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:00.000Z",
|
|
"modified": "2015-11-04T13:28:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9cb3c22c0832315945b31cda6423cf9b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e0-28f4-40bb-b131-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:00.000Z",
|
|
"modified": "2015-11-04T13:28:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c31330422abceb47f030f4efb690b4ad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e1-0f8c-456a-be52-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:01.000Z",
|
|
"modified": "2015-11-04T13:28:01.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5212f9ab9c667b0ec56be94ed427e0c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e1-4c38-41fa-99a8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:01.000Z",
|
|
"modified": "2015-11-04T13:28:01.000Z",
|
|
"pattern": "[file:hashes.MD5 = '36b254e1321e76a410438c172b307924']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e2-6360-4583-af0d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:02.000Z",
|
|
"modified": "2015-11-04T13:28:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2f46f246099d70c82d58c4a78230bd78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e2-9d30-41a9-940f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:02.000Z",
|
|
"modified": "2015-11-04T13:28:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = '43e8738a58ea070e81b428c718b446d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e2-cbc8-4f2a-9a48-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:02.000Z",
|
|
"modified": "2015-11-04T13:28:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ab84079afdf255cd80073d00df9a8815']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e3-ec6c-41d5-834e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:03.000Z",
|
|
"modified": "2015-11-04T13:28:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = '722645b9438e5963224ac6a1717011b4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e3-2758-482d-8864-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:03.000Z",
|
|
"modified": "2015-11-04T13:28:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = '69f57fb9c517829f3028208ae6c87800']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e3-2834-4de3-8ec0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:03.000Z",
|
|
"modified": "2015-11-04T13:28:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b77de462d1816858948eecf3f1d78a13']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e4-4860-4ede-80cc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:04.000Z",
|
|
"modified": "2015-11-04T13:28:04.000Z",
|
|
"pattern": "[domain-name:value = 'tools4chima.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e4-82e8-4d52-89ea-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:04.000Z",
|
|
"modified": "2015-11-04T13:28:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = '609c2b0626cf964493287bdf3a9027f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e5-a860-46dc-adf5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:05.000Z",
|
|
"modified": "2015-11-04T13:28:05.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f1658b69eb72396a430c28df7ff58d87']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e5-fe6c-4de8-8a53-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:05.000Z",
|
|
"modified": "2015-11-04T13:28:05.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b449bad8fe2d5b147485891cb48fd96d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e5-864c-4f5f-bdc0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:05.000Z",
|
|
"modified": "2015-11-04T13:28:05.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c13d9a88935de6d384d0d97f8923691f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e6-fd28-43f3-8f0a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:06.000Z",
|
|
"modified": "2015-11-04T13:28:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = '876b5806fd737381048bf678532e699f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e6-d7bc-4bd0-adf7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:06.000Z",
|
|
"modified": "2015-11-04T13:28:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4e607842016a2e42c3f3c40785fddf45']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e7-1a7c-4707-b254-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:07.000Z",
|
|
"modified": "2015-11-04T13:28:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2c4d4f3e2602c3d946d00d7633c42100']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e7-c634-45dd-a5ef-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:07.000Z",
|
|
"modified": "2015-11-04T13:28:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = '16177410d01502a44fff78ad2b0964de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e7-ecb8-4714-9a14-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:07.000Z",
|
|
"modified": "2015-11-04T13:28:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = '128276ba3fcb6c359bdb69ac75219924']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e8-fdd0-47d0-bf5b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:08.000Z",
|
|
"modified": "2015-11-04T13:28:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5ed5da0ac426b3af5488e1b14353e3bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e8-0a8c-4c42-b825-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:08.000Z",
|
|
"modified": "2015-11-04T13:28:08.000Z",
|
|
"pattern": "[domain-name:value = 'paulcoe.no-ip.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e9-ee20-4049-9d30-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:09.000Z",
|
|
"modified": "2015-11-04T13:28:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '42cfb6dd762ef302b4137a3f5c5ae8d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e9-7458-43c1-ad0f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:09.000Z",
|
|
"modified": "2015-11-04T13:28:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '14d7f0cdd01db02de6dc66ce4285870f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07e9-d5b8-4ac3-b422-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:09.000Z",
|
|
"modified": "2015-11-04T13:28:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3a9cdf146372fd358160014e9c83e94f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ea-0ca0-4647-bb3f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:10.000Z",
|
|
"modified": "2015-11-04T13:28:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '46ac08e57e7c4be8f255eb65b7e7b646']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ea-8a3c-4e1b-a1a3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:10.000Z",
|
|
"modified": "2015-11-04T13:28:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '49a71d907b0ba412ce6e90f20f66aa2a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07eb-9fd0-4017-99c8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:11.000Z",
|
|
"modified": "2015-11-04T13:28:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0defc31277ebcca9a7b89492fee9fccc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07eb-f3e8-402d-bf66-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:11.000Z",
|
|
"modified": "2015-11-04T13:28:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3d4e010089df5c37495ff40861cdc0b4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07eb-e6fc-42c7-802d-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:11.000Z",
|
|
"modified": "2015-11-04T13:28:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f6853320259e7b3b6e1202847e7d2878']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ec-8014-44c7-9926-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:12.000Z",
|
|
"modified": "2015-11-04T13:28:12.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cb5915660bd5c87b2a9f2589a31067fb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ec-1298-4784-a474-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:12.000Z",
|
|
"modified": "2015-11-04T13:28:12.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b7367ac660cf9d3446fc9c65d82afac9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ed-9434-4527-b00a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:13.000Z",
|
|
"modified": "2015-11-04T13:28:13.000Z",
|
|
"pattern": "[domain-name:value = 'iykeben00.no-ip.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ed-f7a8-49c3-8c7c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:13.000Z",
|
|
"modified": "2015-11-04T13:28:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = '79f98c2669bc4989e48207aee2adb0e6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ed-9f40-4c5f-b4bb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:13.000Z",
|
|
"modified": "2015-11-04T13:28:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a9c672edb6214af0c5d0274c6e0bc7b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ee-1fc4-4360-8da8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:14.000Z",
|
|
"modified": "2015-11-04T13:28:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '47f59774fadcb9801051b02b1b41ee0c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ee-3cc0-45bb-886a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:14.000Z",
|
|
"modified": "2015-11-04T13:28:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '01fb5833d771807e080886c3cff5a100']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ef-92d4-44bb-a522-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:15.000Z",
|
|
"modified": "2015-11-04T13:28:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'fdcd06c6041df1d7503875877c8cf0d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ef-e150-412b-bc06-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:15.000Z",
|
|
"modified": "2015-11-04T13:28:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = '231b035bedb4f3b47d55dd6537aeb6c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ef-cf88-448b-ab4f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:15.000Z",
|
|
"modified": "2015-11-04T13:28:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a0dfb9c840155cb76ab07626e2775369']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f0-9c94-425b-99bb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:16.000Z",
|
|
"modified": "2015-11-04T13:28:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a0822ca60a008641ca03757fd841a7d1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f0-3ea0-4456-9eda-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:16.000Z",
|
|
"modified": "2015-11-04T13:28:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = '59cdd0301f0d4ccd89f11ee428a4cdfc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f1-973c-403b-9472-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:17.000Z",
|
|
"modified": "2015-11-04T13:28:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd209e56c719e205868ddef9afca02fb2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f1-dde8-4157-8ef1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:17.000Z",
|
|
"modified": "2015-11-04T13:28:17.000Z",
|
|
"pattern": "[domain-name:value = 'agentwhite.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f1-2ccc-4e32-aab9-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:17.000Z",
|
|
"modified": "2015-11-04T13:28:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b033b40fb188da2e00dbe26cd4a76a42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f2-b4ac-4280-a475-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:18.000Z",
|
|
"modified": "2015-11-04T13:28:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3b9f9070f338bbf85e43212e429ee3d6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f2-49a4-4eba-9584-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:18.000Z",
|
|
"modified": "2015-11-04T13:28:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = '59c71e222126407df587fcd7e52e868c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f3-a9d0-4e1e-ae47-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:19.000Z",
|
|
"modified": "2015-11-04T13:28:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c62b28a6f5029097d3e7ae65114a1bc9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f3-3ee8-4d18-9eb0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:19.000Z",
|
|
"modified": "2015-11-04T13:28:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = '30eb1ea290f8804664d3ec56a596a631']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f3-24f8-4c00-8b65-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:19.000Z",
|
|
"modified": "2015-11-04T13:28:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = '32783221615f88ced216a3d6129f55ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f4-4b68-4d69-875b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:20.000Z",
|
|
"modified": "2015-11-04T13:28:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2568b31abf83b791d0f218e3f368df8a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f4-2308-44e8-a2ec-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:20.000Z",
|
|
"modified": "2015-11-04T13:28:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '38da6bb8f4562bad2959c8cb9b871416']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f4-300c-47e4-b309-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:20.000Z",
|
|
"modified": "2015-11-04T13:28:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4555859966e74c99736ef4534bbb667a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f5-4860-46c1-a1f0-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:21.000Z",
|
|
"modified": "2015-11-04T13:28:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bbcb49831177be7ad173281ba95480fd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f5-aa5c-4e15-a8c6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:21.000Z",
|
|
"modified": "2015-11-04T13:28:21.000Z",
|
|
"pattern": "[domain-name:value = 'panel.myactivedirectory.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f6-c158-4982-891b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:22.000Z",
|
|
"modified": "2015-11-04T13:28:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '15041e046977348fd370ae57dc112490']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f6-da84-4140-ba62-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:22.000Z",
|
|
"modified": "2015-11-04T13:28:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9f6c18e9bde91d1b44aa7224d7b9c416']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f6-1834-490d-9016-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:22.000Z",
|
|
"modified": "2015-11-04T13:28:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2b73e22c16486dd30d21ab6b79bbcf53']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f7-1700-4784-a3fa-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:23.000Z",
|
|
"modified": "2015-11-04T13:28:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = '37f9175232e961caf9632cd788addaa6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f7-bc58-4ff5-8607-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:23.000Z",
|
|
"modified": "2015-11-04T13:28:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8e47372f4e0e85c8f93cf61d3cbacd81']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f8-6814-41dd-97bc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:24.000Z",
|
|
"modified": "2015-11-04T13:28:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = '9e837d7b0567c672db80f31085af7efe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f8-a900-4834-a621-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:24.000Z",
|
|
"modified": "2015-11-04T13:28:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = '125abd1283492cca01e2500711e99a29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f8-0e14-484d-ae28-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:24.000Z",
|
|
"modified": "2015-11-04T13:28:24.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a3b18a9aee2b1981d84434ee199c1c52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f9-49e8-4ad8-a3b3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:25.000Z",
|
|
"modified": "2015-11-04T13:28:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = '90eb04935d02de54ce77047a5978dab9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07f9-dfa4-4342-a3ce-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:25.000Z",
|
|
"modified": "2015-11-04T13:28:25.000Z",
|
|
"pattern": "[domain-name:value = 'philsa.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fa-80b4-4659-93c8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:26.000Z",
|
|
"modified": "2015-11-04T13:28:26.000Z",
|
|
"pattern": "[domain-name:value = 'mtrealm.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fa-1af0-4f54-8fe3-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:26.000Z",
|
|
"modified": "2015-11-04T13:28:26.000Z",
|
|
"pattern": "[domain-name:value = 'peter123456.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fa-3f30-434f-aace-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:26.000Z",
|
|
"modified": "2015-11-04T13:28:26.000Z",
|
|
"pattern": "[domain-name:value = 'quaver.publicvm.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fb-0c18-4636-a8be-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:27.000Z",
|
|
"modified": "2015-11-04T13:28:27.000Z",
|
|
"pattern": "[domain-name:value = 'bright207.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fb-3db4-4f6c-814f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:27.000Z",
|
|
"modified": "2015-11-04T13:28:27.000Z",
|
|
"pattern": "[domain-name:value = 'livesyn03.midexim.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fc-95ac-44e5-b5b1-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:28.000Z",
|
|
"modified": "2015-11-04T13:28:28.000Z",
|
|
"pattern": "[domain-name:value = 'dellboy13.dnsiskinky.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fc-1114-4923-8dc2-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:28.000Z",
|
|
"modified": "2015-11-04T13:28:28.000Z",
|
|
"pattern": "[domain-name:value = 'emenike.no-ip.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fc-7520-493e-ad42-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:28.000Z",
|
|
"modified": "2015-11-04T13:28:28.000Z",
|
|
"pattern": "[domain-name:value = 'raydonovan2015.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fd-a204-43c4-8285-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:29.000Z",
|
|
"modified": "2015-11-04T13:28:29.000Z",
|
|
"pattern": "[domain-name:value = 'sync.ebaeuropa.eu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fd-95b8-4e3c-8e19-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:29.000Z",
|
|
"modified": "2015-11-04T13:28:29.000Z",
|
|
"pattern": "[domain-name:value = 'prinve24.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fe-93bc-4082-afe5-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:30.000Z",
|
|
"modified": "2015-11-04T13:28:30.000Z",
|
|
"pattern": "[domain-name:value = 'wlkd.myftp.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fe-f428-4976-8417-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:30.000Z",
|
|
"modified": "2015-11-04T13:28:30.000Z",
|
|
"pattern": "[domain-name:value = 'dydx69.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07fe-4dd4-4f47-bbb7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:30.000Z",
|
|
"modified": "2015-11-04T13:28:30.000Z",
|
|
"pattern": "[domain-name:value = 'mikkyserial.redirectme.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ff-d4e8-4fa9-9ebf-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:31.000Z",
|
|
"modified": "2015-11-04T13:28:31.000Z",
|
|
"pattern": "[domain-name:value = '11111111.noip.me']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a07ff-20c8-45c5-876a-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:31.000Z",
|
|
"modified": "2015-11-04T13:28:31.000Z",
|
|
"pattern": "[domain-name:value = 'stevemartins02.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0800-c320-4041-acb7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:32.000Z",
|
|
"modified": "2015-11-04T13:28:32.000Z",
|
|
"pattern": "[domain-name:value = 'jamestommyyy.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0800-815c-4de1-96ba-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:32.000Z",
|
|
"modified": "2015-11-04T13:28:32.000Z",
|
|
"pattern": "[domain-name:value = 'myyveon.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0800-6294-4dbf-9b55-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:32.000Z",
|
|
"modified": "2015-11-04T13:28:32.000Z",
|
|
"pattern": "[domain-name:value = 'khaleeel.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0801-0678-4d85-a4e6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:33.000Z",
|
|
"modified": "2015-11-04T13:28:33.000Z",
|
|
"pattern": "[domain-name:value = 'jsocket2-giftedhands.linkpc.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0801-a424-4a3a-8590-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:33.000Z",
|
|
"modified": "2015-11-04T13:28:33.000Z",
|
|
"pattern": "[domain-name:value = 'bbullgard.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0802-18c4-4962-8363-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:34.000Z",
|
|
"modified": "2015-11-04T13:28:34.000Z",
|
|
"pattern": "[domain-name:value = 'dish-darkcomet2.linkpc.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0802-05b4-4e50-9edc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:34.000Z",
|
|
"modified": "2015-11-04T13:28:34.000Z",
|
|
"pattern": "[domain-name:value = 'okpole123.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0802-3b18-4dc3-97fc-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:34.000Z",
|
|
"modified": "2015-11-04T13:28:34.000Z",
|
|
"pattern": "[domain-name:value = 'hackmakers.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0803-4150-4959-b23b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:35.000Z",
|
|
"modified": "2015-11-04T13:28:35.000Z",
|
|
"pattern": "[domain-name:value = 'okshallowstonex.no-ip.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0803-3bb8-42fc-b47f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:35.000Z",
|
|
"modified": "2015-11-04T13:28:35.000Z",
|
|
"pattern": "[domain-name:value = 'prince24.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0804-1544-4ff1-b814-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:36.000Z",
|
|
"modified": "2015-11-04T13:28:36.000Z",
|
|
"pattern": "[domain-name:value = 'ipcorrect.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0804-6c10-467d-9094-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:36.000Z",
|
|
"modified": "2015-11-04T13:28:36.000Z",
|
|
"pattern": "[domain-name:value = 'mrsrizap.myftp.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0804-eab8-4d24-b4fa-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:36.000Z",
|
|
"modified": "2015-11-04T13:28:36.000Z",
|
|
"pattern": "[domain-name:value = 'mukor.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0805-04fc-46a2-8208-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:37.000Z",
|
|
"modified": "2015-11-04T13:28:37.000Z",
|
|
"pattern": "[domain-name:value = 'fredkill.chickenkiller.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0805-0874-4af0-8dfb-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:37.000Z",
|
|
"modified": "2015-11-04T13:28:37.000Z",
|
|
"pattern": "[domain-name:value = 'herura.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0806-0300-4cd7-80fe-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:38.000Z",
|
|
"modified": "2015-11-04T13:28:38.000Z",
|
|
"pattern": "[domain-name:value = 'froidthefucker.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0806-5aac-4502-bc9c-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:38.000Z",
|
|
"modified": "2015-11-04T13:28:38.000Z",
|
|
"pattern": "[domain-name:value = 'albertfrankie.no-ip.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0806-81e4-48b1-8708-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:38.000Z",
|
|
"modified": "2015-11-04T13:28:38.000Z",
|
|
"pattern": "[domain-name:value = 'correctip.noip.me']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0807-8330-49c9-b2e7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:39.000Z",
|
|
"modified": "2015-11-04T13:28:39.000Z",
|
|
"pattern": "[domain-name:value = 'donhamza.no-ip.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0807-84f0-4305-a5c7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:39.000Z",
|
|
"modified": "2015-11-04T13:28:39.000Z",
|
|
"pattern": "[domain-name:value = 'amina.pointto.us']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0807-6620-489a-9c25-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:39.000Z",
|
|
"modified": "2015-11-04T13:28:39.000Z",
|
|
"pattern": "[domain-name:value = 'basketxrtz.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0808-d99c-4e25-ac53-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:40.000Z",
|
|
"modified": "2015-11-04T13:28:40.000Z",
|
|
"pattern": "[domain-name:value = 'linsom05.noip.me']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0808-83c0-4a16-b952-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:40.000Z",
|
|
"modified": "2015-11-04T13:28:40.000Z",
|
|
"pattern": "[domain-name:value = 'indologisticsltd.no-ip.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0809-2958-4e5e-a73b-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:41.000Z",
|
|
"modified": "2015-11-04T13:28:41.000Z",
|
|
"pattern": "[domain-name:value = 'goods11.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0809-0390-4af1-a15f-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:41.000Z",
|
|
"modified": "2015-11-04T13:28:41.000Z",
|
|
"pattern": "[domain-name:value = 'jsocserveronline.read-books.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a0809-faa0-4028-bba6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:41.000Z",
|
|
"modified": "2015-11-04T13:28:41.000Z",
|
|
"pattern": "[domain-name:value = 'henrygalaxy.publicvm.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a080a-9ff8-4204-b934-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:42.000Z",
|
|
"modified": "2015-11-04T13:28:42.000Z",
|
|
"pattern": "[domain-name:value = 'svchost.myvnc.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a080a-a988-4051-b9b7-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:42.000Z",
|
|
"modified": "2015-11-04T13:28:42.000Z",
|
|
"pattern": "[domain-name:value = 'versionfive.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a080b-c128-4d0e-82e8-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:43.000Z",
|
|
"modified": "2015-11-04T13:28:43.000Z",
|
|
"pattern": "[domain-name:value = 'tchecks.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a080b-6ab4-46cb-be62-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:43.000Z",
|
|
"modified": "2015-11-04T13:28:43.000Z",
|
|
"pattern": "[domain-name:value = 'badmanthing.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a080b-87e0-4e0a-a628-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:43.000Z",
|
|
"modified": "2015-11-04T13:28:43.000Z",
|
|
"pattern": "[domain-name:value = 'klydest.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a080c-806c-467d-9f4e-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:44.000Z",
|
|
"modified": "2015-11-04T13:28:44.000Z",
|
|
"pattern": "[domain-name:value = 't3rr0r.ddns.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--563a080c-fa18-429a-87c6-a0c9950d210b",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-11-04T13:28:44.000Z",
|
|
"modified": "2015-11-04T13:28:44.000Z",
|
|
"pattern": "[domain-name:value = 'chriswoolmer00.no-ip.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-11-04T13:28:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b2-7af0-40ba-844c-4f2f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:22.000Z",
|
|
"modified": "2015-12-22T14:01:22.000Z",
|
|
"description": "- Xchecked via VT: 90eb04935d02de54ce77047a5978dab9",
|
|
"pattern": "[file:hashes.SHA256 = 'ed0fd3e131ba0dd4e4e4421c09d47dc9e69296b5878740d640b4af994c9e700a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b2-f3ec-40f7-947a-4681950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:22.000Z",
|
|
"modified": "2015-12-22T14:01:22.000Z",
|
|
"description": "- Xchecked via VT: 90eb04935d02de54ce77047a5978dab9",
|
|
"pattern": "[file:hashes.SHA1 = '420b2eb10b566c7e8f33c8d89a851572db756d65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b3-4af0-4e4b-a960-4bff950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:23.000Z",
|
|
"modified": "2015-12-22T14:01:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ed0fd3e131ba0dd4e4e4421c09d47dc9e69296b5878740d640b4af994c9e700a/analysis/1446028941/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b3-d284-4347-af50-4915950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:23.000Z",
|
|
"modified": "2015-12-22T14:01:23.000Z",
|
|
"description": "- Xchecked via VT: a3b18a9aee2b1981d84434ee199c1c52",
|
|
"pattern": "[file:hashes.SHA256 = '0f86e73b3585f966b6e5b9cebb6a1e80701cbb6f79cb77d520ed0a302f093487']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b3-9da0-4632-9098-496d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:23.000Z",
|
|
"modified": "2015-12-22T14:01:23.000Z",
|
|
"description": "- Xchecked via VT: a3b18a9aee2b1981d84434ee199c1c52",
|
|
"pattern": "[file:hashes.SHA1 = '129489fb55f17916b6628336130b5eb4c74602cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b4-e91c-4a19-a00b-45c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:24.000Z",
|
|
"modified": "2015-12-22T14:01:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/0f86e73b3585f966b6e5b9cebb6a1e80701cbb6f79cb77d520ed0a302f093487/analysis/1446904511/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b4-f188-4aab-bcea-4e65950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:24.000Z",
|
|
"modified": "2015-12-22T14:01:24.000Z",
|
|
"description": "- Xchecked via VT: 125abd1283492cca01e2500711e99a29",
|
|
"pattern": "[file:hashes.SHA256 = 'e0d4e4651d15fa7dfa907ac6a1cc99d64cd085ee5991f3673c9afd16ccd064b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b4-442c-40f5-b777-4374950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:24.000Z",
|
|
"modified": "2015-12-22T14:01:24.000Z",
|
|
"description": "- Xchecked via VT: 125abd1283492cca01e2500711e99a29",
|
|
"pattern": "[file:hashes.SHA1 = '65808a6978712c223d835a6c02f9e79eab8513b7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b4-76fc-474e-80e2-4869950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:24.000Z",
|
|
"modified": "2015-12-22T14:01:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e0d4e4651d15fa7dfa907ac6a1cc99d64cd085ee5991f3673c9afd16ccd064b8/analysis/1445949536/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b5-3b14-4960-b756-4eed950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:25.000Z",
|
|
"modified": "2015-12-22T14:01:25.000Z",
|
|
"description": "- Xchecked via VT: 9e837d7b0567c672db80f31085af7efe",
|
|
"pattern": "[file:hashes.SHA256 = 'a896f3e0fa1d3b3d0d3f8f223baa9094cb1b825df8b155dd3aa1a7ed6214170e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b5-a844-49b3-90a4-4da4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:25.000Z",
|
|
"modified": "2015-12-22T14:01:25.000Z",
|
|
"description": "- Xchecked via VT: 9e837d7b0567c672db80f31085af7efe",
|
|
"pattern": "[file:hashes.SHA1 = 'ea81dc8a21385a83f1c4ad9a16c1ce11b72949e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b5-0468-4f14-9344-4184950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:25.000Z",
|
|
"modified": "2015-12-22T14:01:25.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a896f3e0fa1d3b3d0d3f8f223baa9094cb1b825df8b155dd3aa1a7ed6214170e/analysis/1444930264/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b6-d1a0-459a-8f2e-4ab8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:26.000Z",
|
|
"modified": "2015-12-22T14:01:26.000Z",
|
|
"description": "- Xchecked via VT: 8e47372f4e0e85c8f93cf61d3cbacd81",
|
|
"pattern": "[file:hashes.SHA256 = 'ae244c4b2a37a5e1a4cb0883d7e718328d260e86f679ef1f12265b34813559a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b6-2354-4831-b6ef-4fe3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:26.000Z",
|
|
"modified": "2015-12-22T14:01:26.000Z",
|
|
"description": "- Xchecked via VT: 8e47372f4e0e85c8f93cf61d3cbacd81",
|
|
"pattern": "[file:hashes.SHA1 = 'f7f977057498b223efb50827d6946596d3c0941f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b6-9a88-4d34-a8e4-47c2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:26.000Z",
|
|
"modified": "2015-12-22T14:01:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ae244c4b2a37a5e1a4cb0883d7e718328d260e86f679ef1f12265b34813559a3/analysis/1443650881/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b6-4068-4aeb-a9a3-4b48950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:26.000Z",
|
|
"modified": "2015-12-22T14:01:26.000Z",
|
|
"description": "- Xchecked via VT: 37f9175232e961caf9632cd788addaa6",
|
|
"pattern": "[file:hashes.SHA256 = 'b619f924e3273be8c8edfa42df96f366ec5a78da9390b734424dd4623b79cb71']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b6-285c-45e9-b766-4942950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:26.000Z",
|
|
"modified": "2015-12-22T14:01:26.000Z",
|
|
"description": "- Xchecked via VT: 37f9175232e961caf9632cd788addaa6",
|
|
"pattern": "[file:hashes.SHA1 = 'aa6eb117b238f32bf269745823ea88ac7457ff89']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b7-4f7c-4f7a-9931-4c4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:27.000Z",
|
|
"modified": "2015-12-22T14:01:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b619f924e3273be8c8edfa42df96f366ec5a78da9390b734424dd4623b79cb71/analysis/1447151789/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b7-cc58-424e-a297-4488950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:27.000Z",
|
|
"modified": "2015-12-22T14:01:27.000Z",
|
|
"description": "- Xchecked via VT: 2b73e22c16486dd30d21ab6b79bbcf53",
|
|
"pattern": "[file:hashes.SHA256 = '46fb8e29b85c75880fd2a7013b32155230baefabbaa116a20dabe1268a5e919e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b7-2828-4f88-af6f-4365950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:27.000Z",
|
|
"modified": "2015-12-22T14:01:27.000Z",
|
|
"description": "- Xchecked via VT: 2b73e22c16486dd30d21ab6b79bbcf53",
|
|
"pattern": "[file:hashes.SHA1 = 'e930a6f2d6493f53c67de23fa280096ffc56bd32']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b7-c1c8-4e43-a9b9-4b87950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:27.000Z",
|
|
"modified": "2015-12-22T14:01:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/46fb8e29b85c75880fd2a7013b32155230baefabbaa116a20dabe1268a5e919e/analysis/1445948409/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b8-c68c-4b57-8aec-49f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:28.000Z",
|
|
"modified": "2015-12-22T14:01:28.000Z",
|
|
"description": "- Xchecked via VT: 9f6c18e9bde91d1b44aa7224d7b9c416",
|
|
"pattern": "[file:hashes.SHA256 = 'a408399ef146cbfd14fb7b62e6dd6c2225b7740c24d7cf20d4a1eacd0d21b95a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b8-4fd4-45bc-88f1-4a5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:28.000Z",
|
|
"modified": "2015-12-22T14:01:28.000Z",
|
|
"description": "- Xchecked via VT: 9f6c18e9bde91d1b44aa7224d7b9c416",
|
|
"pattern": "[file:hashes.SHA1 = 'f7c7bc47c4a2f243f74c553e2c8e2b3f9dd31d02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b8-0b64-4ef1-bd23-4e3b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:28.000Z",
|
|
"modified": "2015-12-22T14:01:28.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a408399ef146cbfd14fb7b62e6dd6c2225b7740c24d7cf20d4a1eacd0d21b95a/analysis/1446904519/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b9-c69c-440d-a52c-4912950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:29.000Z",
|
|
"modified": "2015-12-22T14:01:29.000Z",
|
|
"description": "- Xchecked via VT: 15041e046977348fd370ae57dc112490",
|
|
"pattern": "[file:hashes.SHA256 = '38633b3443fa552f0174038596f4a8e7a980684f301ba4a2234c6b081d5919f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b9-d89c-425f-ad55-49b0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:29.000Z",
|
|
"modified": "2015-12-22T14:01:29.000Z",
|
|
"description": "- Xchecked via VT: 15041e046977348fd370ae57dc112490",
|
|
"pattern": "[file:hashes.SHA1 = '0354b2a7b82ff1af11b98ff7ed8007bd29cb3196']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957b9-9534-40d0-8df6-46f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:29.000Z",
|
|
"modified": "2015-12-22T14:01:29.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/38633b3443fa552f0174038596f4a8e7a980684f301ba4a2234c6b081d5919f7/analysis/1446814476/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ba-0cf4-4d1d-bcff-471e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:30.000Z",
|
|
"modified": "2015-12-22T14:01:30.000Z",
|
|
"description": "- Xchecked via VT: bbcb49831177be7ad173281ba95480fd",
|
|
"pattern": "[file:hashes.SHA256 = '0b42e47642c7e769c12703c5547bb0f4fddf21bb3971908e63b14190e8a3befe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ba-7cd8-4842-ac47-43eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:30.000Z",
|
|
"modified": "2015-12-22T14:01:30.000Z",
|
|
"description": "- Xchecked via VT: bbcb49831177be7ad173281ba95480fd",
|
|
"pattern": "[file:hashes.SHA1 = '334587274d0cd9297146abfe4b28fc5edd7df298']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ba-5e68-49df-9987-4bb9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:30.000Z",
|
|
"modified": "2015-12-22T14:01:30.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/0b42e47642c7e769c12703c5547bb0f4fddf21bb3971908e63b14190e8a3befe/analysis/1444712725/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ba-f748-4bac-bcbc-4f7a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:30.000Z",
|
|
"modified": "2015-12-22T14:01:30.000Z",
|
|
"description": "- Xchecked via VT: 4555859966e74c99736ef4534bbb667a",
|
|
"pattern": "[file:hashes.SHA256 = 'b6a40f236f31599dd8dbef7c7522785e80977aef936421f6ffc11eecc3e78fbd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bb-c660-4a5b-9ff8-4ec0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:31.000Z",
|
|
"modified": "2015-12-22T14:01:31.000Z",
|
|
"description": "- Xchecked via VT: 4555859966e74c99736ef4534bbb667a",
|
|
"pattern": "[file:hashes.SHA1 = 'e4b6a7bffdb7cab3e83005607ecc5a5d34ec664f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bb-ea3c-4d4e-9105-48cb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:31.000Z",
|
|
"modified": "2015-12-22T14:01:31.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b6a40f236f31599dd8dbef7c7522785e80977aef936421f6ffc11eecc3e78fbd/analysis/1446904382/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bb-7308-4952-939c-43bb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:31.000Z",
|
|
"modified": "2015-12-22T14:01:31.000Z",
|
|
"description": "- Xchecked via VT: 38da6bb8f4562bad2959c8cb9b871416",
|
|
"pattern": "[file:hashes.SHA256 = 'bea0d2da31636f176bf00f83b5b9eb5fba624b125fe573bba981a63dbf5e0af2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bc-3b28-4a6c-bbf3-4876950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:32.000Z",
|
|
"modified": "2015-12-22T14:01:32.000Z",
|
|
"description": "- Xchecked via VT: 38da6bb8f4562bad2959c8cb9b871416",
|
|
"pattern": "[file:hashes.SHA1 = '802f0d2a6ac2721e496cf6b4f5272dadfacde269']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bc-16c4-41a7-b08c-48ba950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:32.000Z",
|
|
"modified": "2015-12-22T14:01:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/bea0d2da31636f176bf00f83b5b9eb5fba624b125fe573bba981a63dbf5e0af2/analysis/1443800126/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bc-e088-4ea9-b419-49f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:32.000Z",
|
|
"modified": "2015-12-22T14:01:32.000Z",
|
|
"description": "- Xchecked via VT: 2568b31abf83b791d0f218e3f368df8a",
|
|
"pattern": "[file:hashes.SHA256 = '4e864381b5975d5d67b981cfbad477bd212eeb0b2265356a26d1b888de82a63f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bc-6b04-4f58-bad9-4e9c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:32.000Z",
|
|
"modified": "2015-12-22T14:01:32.000Z",
|
|
"description": "- Xchecked via VT: 2568b31abf83b791d0f218e3f368df8a",
|
|
"pattern": "[file:hashes.SHA1 = '0f6e7bc23cb76d8b585385d8a52ba55290d5c3f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bd-61b4-48db-b093-49bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:33.000Z",
|
|
"modified": "2015-12-22T14:01:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/4e864381b5975d5d67b981cfbad477bd212eeb0b2265356a26d1b888de82a63f/analysis/1447152194/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bd-b3f4-4211-9f4b-44fb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:33.000Z",
|
|
"modified": "2015-12-22T14:01:33.000Z",
|
|
"description": "- Xchecked via VT: 32783221615f88ced216a3d6129f55ca",
|
|
"pattern": "[file:hashes.SHA256 = 'c904bf1ef896cdc8b088cb7c15708d2188dce3ca441071f7ec28e3bec528f0b3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bd-226c-403b-ae4a-4699950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:33.000Z",
|
|
"modified": "2015-12-22T14:01:33.000Z",
|
|
"description": "- Xchecked via VT: 32783221615f88ced216a3d6129f55ca",
|
|
"pattern": "[file:hashes.SHA1 = 'f1b899aa01eee923bc6c4c08169accd9be49c151']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957be-4ab8-46d5-a376-4dae950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:33.000Z",
|
|
"modified": "2015-12-22T14:01:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c904bf1ef896cdc8b088cb7c15708d2188dce3ca441071f7ec28e3bec528f0b3/analysis/1443599888/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957be-5f2c-44a9-8e9b-41e9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:34.000Z",
|
|
"modified": "2015-12-22T14:01:34.000Z",
|
|
"description": "- Xchecked via VT: 30eb1ea290f8804664d3ec56a596a631",
|
|
"pattern": "[file:hashes.SHA256 = '2b6686bb63d668aca778fb96bc4d942d40d4dfb0b6d765e236a4463a9c4b9897']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957be-38fc-4ade-b56f-49cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:34.000Z",
|
|
"modified": "2015-12-22T14:01:34.000Z",
|
|
"description": "- Xchecked via VT: 30eb1ea290f8804664d3ec56a596a631",
|
|
"pattern": "[file:hashes.SHA1 = 'f929744f9ef82d4548c486e8f1c3c01f8bab8bce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957be-a930-4aea-aac8-40cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:34.000Z",
|
|
"modified": "2015-12-22T14:01:34.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2b6686bb63d668aca778fb96bc4d942d40d4dfb0b6d765e236a4463a9c4b9897/analysis/1447601028/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bf-49d8-40d4-b9fd-4cd1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:35.000Z",
|
|
"modified": "2015-12-22T14:01:35.000Z",
|
|
"description": "- Xchecked via VT: c62b28a6f5029097d3e7ae65114a1bc9",
|
|
"pattern": "[file:hashes.SHA256 = 'ad5258b36a3101dead9b37c83a62ac81ddc716ab4c1dccbf02a8f767eb354a64']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bf-88e8-4521-82df-4dcc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:35.000Z",
|
|
"modified": "2015-12-22T14:01:35.000Z",
|
|
"description": "- Xchecked via VT: c62b28a6f5029097d3e7ae65114a1bc9",
|
|
"pattern": "[file:hashes.SHA1 = 'de7cda39ded4e324581768aca63b036006e00b54']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957bf-be34-4f67-b68c-4c7d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:35.000Z",
|
|
"modified": "2015-12-22T14:01:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ad5258b36a3101dead9b37c83a62ac81ddc716ab4c1dccbf02a8f767eb354a64/analysis/1450659766/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c0-5210-42ac-87fd-4701950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:36.000Z",
|
|
"modified": "2015-12-22T14:01:36.000Z",
|
|
"description": "- Xchecked via VT: 59c71e222126407df587fcd7e52e868c",
|
|
"pattern": "[file:hashes.SHA256 = 'd1b723e1a28a36eb701947c59c0448e7032b0a9f2f481c55ff6f6c6d83536ee6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c0-5754-416d-8a73-4b68950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:36.000Z",
|
|
"modified": "2015-12-22T14:01:36.000Z",
|
|
"description": "- Xchecked via VT: 59c71e222126407df587fcd7e52e868c",
|
|
"pattern": "[file:hashes.SHA1 = '9c148550e14098825641b96205255d2b09bd1ec7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c0-f3c0-4090-bc47-4043950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:36.000Z",
|
|
"modified": "2015-12-22T14:01:36.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d1b723e1a28a36eb701947c59c0448e7032b0a9f2f481c55ff6f6c6d83536ee6/analysis/1450717952/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c0-c140-4d06-9ab3-4f76950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:36.000Z",
|
|
"modified": "2015-12-22T14:01:36.000Z",
|
|
"description": "- Xchecked via VT: 3b9f9070f338bbf85e43212e429ee3d6",
|
|
"pattern": "[file:hashes.SHA256 = '0f5f37a3e9c65a5fff4dc24a7bbab5ea1318acc4033e416e1721bd6cd2051d16']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c1-40fc-4343-8e5e-4aa8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:37.000Z",
|
|
"modified": "2015-12-22T14:01:37.000Z",
|
|
"description": "- Xchecked via VT: 3b9f9070f338bbf85e43212e429ee3d6",
|
|
"pattern": "[file:hashes.SHA1 = 'cc7b374947a01c79f9ec46fba50213f8b49a9928']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c1-f3d0-40c9-abcb-4b7e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:37.000Z",
|
|
"modified": "2015-12-22T14:01:37.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/0f5f37a3e9c65a5fff4dc24a7bbab5ea1318acc4033e416e1721bd6cd2051d16/analysis/1446022264/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c1-9b40-4f5c-a8bc-43cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:37.000Z",
|
|
"modified": "2015-12-22T14:01:37.000Z",
|
|
"description": "- Xchecked via VT: b033b40fb188da2e00dbe26cd4a76a42",
|
|
"pattern": "[file:hashes.SHA256 = '75e22f322fa20dc9e7ce5eb2d2434796e86ace14e90d43b228a74150ccd94ac5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c1-4ff4-422c-a994-46ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:37.000Z",
|
|
"modified": "2015-12-22T14:01:37.000Z",
|
|
"description": "- Xchecked via VT: b033b40fb188da2e00dbe26cd4a76a42",
|
|
"pattern": "[file:hashes.SHA1 = 'ab9a21effffb05c767590ec90e342c17074a9f78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c2-3eb8-4832-9de1-494d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:38.000Z",
|
|
"modified": "2015-12-22T14:01:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/75e22f322fa20dc9e7ce5eb2d2434796e86ace14e90d43b228a74150ccd94ac5/analysis/1446554909/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c2-b6b8-4ef1-b1ba-4e19950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:38.000Z",
|
|
"modified": "2015-12-22T14:01:38.000Z",
|
|
"description": "- Xchecked via VT: d209e56c719e205868ddef9afca02fb2",
|
|
"pattern": "[file:hashes.SHA256 = 'eaacf11fb59e2ab7ad92eb8edc143a515ee0e5e1482462071c27b8f0c4eb3097']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c2-96f0-416f-96dc-4913950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:38.000Z",
|
|
"modified": "2015-12-22T14:01:38.000Z",
|
|
"description": "- Xchecked via VT: d209e56c719e205868ddef9afca02fb2",
|
|
"pattern": "[file:hashes.SHA1 = '71b96d3432554ec14914e6c1714ee35ae49a5399']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c2-7230-44fd-9d69-4531950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:38.000Z",
|
|
"modified": "2015-12-22T14:01:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/eaacf11fb59e2ab7ad92eb8edc143a515ee0e5e1482462071c27b8f0c4eb3097/analysis/1447072297/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c2-7928-4f12-b0cc-4898950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:38.000Z",
|
|
"modified": "2015-12-22T14:01:38.000Z",
|
|
"description": "- Xchecked via VT: 59cdd0301f0d4ccd89f11ee428a4cdfc",
|
|
"pattern": "[file:hashes.SHA256 = '3753c73470a136f0aa0a13c326cdc745f8de49ad2b7894c741dd92a5968b8008']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c3-b104-4d9d-af76-44f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:39.000Z",
|
|
"modified": "2015-12-22T14:01:39.000Z",
|
|
"description": "- Xchecked via VT: 59cdd0301f0d4ccd89f11ee428a4cdfc",
|
|
"pattern": "[file:hashes.SHA1 = '25fe119aadac8366bfee24ef286188538febce1d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c3-5b14-4ccd-9997-4bc0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:39.000Z",
|
|
"modified": "2015-12-22T14:01:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3753c73470a136f0aa0a13c326cdc745f8de49ad2b7894c741dd92a5968b8008/analysis/1446812314/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c3-bd08-429b-994b-4484950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:39.000Z",
|
|
"modified": "2015-12-22T14:01:39.000Z",
|
|
"description": "- Xchecked via VT: a0822ca60a008641ca03757fd841a7d1",
|
|
"pattern": "[file:hashes.SHA256 = 'f39d181a61bca9e3966a6f5ccb52c4f08a2ba01e9a2fe23703404f0e12229fe6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c3-b2d4-4b0f-a9b0-415a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:39.000Z",
|
|
"modified": "2015-12-22T14:01:39.000Z",
|
|
"description": "- Xchecked via VT: a0822ca60a008641ca03757fd841a7d1",
|
|
"pattern": "[file:hashes.SHA1 = '29a9c1d5abd001acfb12c8029221f4a08b9466df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c4-299c-4508-9ee1-44c2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:40.000Z",
|
|
"modified": "2015-12-22T14:01:40.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f39d181a61bca9e3966a6f5ccb52c4f08a2ba01e9a2fe23703404f0e12229fe6/analysis/1444934287/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c4-6eb0-4183-aebf-47a9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:40.000Z",
|
|
"modified": "2015-12-22T14:01:40.000Z",
|
|
"description": "- Xchecked via VT: a0dfb9c840155cb76ab07626e2775369",
|
|
"pattern": "[file:hashes.SHA256 = 'd95237909aecb45f99c62f467efd5720d14ff2a57980552978db53c87d0508b2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c4-4194-4c2d-9c19-4de0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:40.000Z",
|
|
"modified": "2015-12-22T14:01:40.000Z",
|
|
"description": "- Xchecked via VT: a0dfb9c840155cb76ab07626e2775369",
|
|
"pattern": "[file:hashes.SHA1 = 'c702e0ac90ee16287eb336619fbb730483d20fff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c4-702c-48d0-ba7d-45fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:40.000Z",
|
|
"modified": "2015-12-22T14:01:40.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d95237909aecb45f99c62f467efd5720d14ff2a57980552978db53c87d0508b2/analysis/1446984456/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c5-6f24-455b-8027-4053950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:41.000Z",
|
|
"modified": "2015-12-22T14:01:41.000Z",
|
|
"description": "- Xchecked via VT: 231b035bedb4f3b47d55dd6537aeb6c1",
|
|
"pattern": "[file:hashes.SHA256 = '0af02672312f18d63b73df076d1aa8d5ddc0e70fdc225d07807f65c6cbce929e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c5-3cd4-468c-9df5-482c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:41.000Z",
|
|
"modified": "2015-12-22T14:01:41.000Z",
|
|
"description": "- Xchecked via VT: 231b035bedb4f3b47d55dd6537aeb6c1",
|
|
"pattern": "[file:hashes.SHA1 = '0df1093e45422f6615298e86e46a4a8937fde427']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c5-3274-4a6b-a655-452f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:41.000Z",
|
|
"modified": "2015-12-22T14:01:41.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/0af02672312f18d63b73df076d1aa8d5ddc0e70fdc225d07807f65c6cbce929e/analysis/1444764346/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c5-5f28-4743-8a82-4c7e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:41.000Z",
|
|
"modified": "2015-12-22T14:01:41.000Z",
|
|
"description": "- Xchecked via VT: fdcd06c6041df1d7503875877c8cf0d0",
|
|
"pattern": "[file:hashes.SHA256 = '43fa7a7746456967cab83c4982bd75e4d9f79c7cf9048f36bffb4855b72bcc22']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c5-79f8-4611-96b5-4bb3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:41.000Z",
|
|
"modified": "2015-12-22T14:01:41.000Z",
|
|
"description": "- Xchecked via VT: fdcd06c6041df1d7503875877c8cf0d0",
|
|
"pattern": "[file:hashes.SHA1 = '0128b928b971ab01625541dbcb98743570f08f7c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c6-00a8-406f-8184-4a4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:42.000Z",
|
|
"modified": "2015-12-22T14:01:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/43fa7a7746456967cab83c4982bd75e4d9f79c7cf9048f36bffb4855b72bcc22/analysis/1446034821/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c6-3164-4960-94ab-4dda950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:42.000Z",
|
|
"modified": "2015-12-22T14:01:42.000Z",
|
|
"description": "- Xchecked via VT: 01fb5833d771807e080886c3cff5a100",
|
|
"pattern": "[file:hashes.SHA256 = 'eb36acd402a357eace881ce5ead12e8487792179bec91b44b1b2da09155a314a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c6-02e8-407f-b048-437c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:42.000Z",
|
|
"modified": "2015-12-22T14:01:42.000Z",
|
|
"description": "- Xchecked via VT: 01fb5833d771807e080886c3cff5a100",
|
|
"pattern": "[file:hashes.SHA1 = '836f470e5d68968827d8315c8f18b9ad866b9b7b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c6-64c8-4f67-bbe5-4edc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:42.000Z",
|
|
"modified": "2015-12-22T14:01:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/eb36acd402a357eace881ce5ead12e8487792179bec91b44b1b2da09155a314a/analysis/1450761356/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c7-5714-4bf7-a2a1-4e6a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:43.000Z",
|
|
"modified": "2015-12-22T14:01:43.000Z",
|
|
"description": "- Xchecked via VT: 47f59774fadcb9801051b02b1b41ee0c",
|
|
"pattern": "[file:hashes.SHA256 = '5778d3aeddf23c4053309b96a267701b7465dc5442c2bb25fb8eb84c98437982']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c7-e7d0-48ee-8174-4726950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:43.000Z",
|
|
"modified": "2015-12-22T14:01:43.000Z",
|
|
"description": "- Xchecked via VT: 47f59774fadcb9801051b02b1b41ee0c",
|
|
"pattern": "[file:hashes.SHA1 = 'c839048bea19a1a3409d44218e0a18caa6333c8b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c7-5798-48e7-aa27-4e8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:43.000Z",
|
|
"modified": "2015-12-22T14:01:43.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5778d3aeddf23c4053309b96a267701b7465dc5442c2bb25fb8eb84c98437982/analysis/1445940194/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c7-e190-40cc-87eb-49fd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:43.000Z",
|
|
"modified": "2015-12-22T14:01:43.000Z",
|
|
"description": "- Xchecked via VT: a9c672edb6214af0c5d0274c6e0bc7b8",
|
|
"pattern": "[file:hashes.SHA256 = '3b3be6c0d3c402b9ecec78e0eb95d02b8234e62ffff91365696cd0592b7b6526']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c8-66b8-44c2-a504-450d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:44.000Z",
|
|
"modified": "2015-12-22T14:01:44.000Z",
|
|
"description": "- Xchecked via VT: a9c672edb6214af0c5d0274c6e0bc7b8",
|
|
"pattern": "[file:hashes.SHA1 = '38608a1328ee86dce1c6e4f2ae74c4adb7e62405']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c8-279c-40af-85a4-4aa0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:44.000Z",
|
|
"modified": "2015-12-22T14:01:44.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3b3be6c0d3c402b9ecec78e0eb95d02b8234e62ffff91365696cd0592b7b6526/analysis/1450761227/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c8-da24-4986-abac-4b84950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:44.000Z",
|
|
"modified": "2015-12-22T14:01:44.000Z",
|
|
"description": "- Xchecked via VT: 79f98c2669bc4989e48207aee2adb0e6",
|
|
"pattern": "[file:hashes.SHA256 = 'd5d9db964d7cda2e476f7de173a5f2d2744698b46ed165b443ffaf65937ffa73']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c9-7de0-4f66-86a5-43db950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:45.000Z",
|
|
"modified": "2015-12-22T14:01:45.000Z",
|
|
"description": "- Xchecked via VT: 79f98c2669bc4989e48207aee2adb0e6",
|
|
"pattern": "[file:hashes.SHA1 = '79c93271ce56b8917834030260a7b64055d1bef9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c9-55bc-496f-a499-4c6b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:45.000Z",
|
|
"modified": "2015-12-22T14:01:45.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d5d9db964d7cda2e476f7de173a5f2d2744698b46ed165b443ffaf65937ffa73/analysis/1450721447/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957c9-c0d8-450e-871e-45db950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:45.000Z",
|
|
"modified": "2015-12-22T14:01:45.000Z",
|
|
"description": "- Xchecked via VT: b7367ac660cf9d3446fc9c65d82afac9",
|
|
"pattern": "[file:hashes.SHA256 = '544d3301a1b9a71975525b0eeff93a0ecdb42e13ed7b62b501e29227153b9c4b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ca-4cac-42fe-aba4-453c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:45.000Z",
|
|
"modified": "2015-12-22T14:01:45.000Z",
|
|
"description": "- Xchecked via VT: b7367ac660cf9d3446fc9c65d82afac9",
|
|
"pattern": "[file:hashes.SHA1 = 'a67dad075892d7a348f701e76fdcc93d2b832f98']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ca-fd54-4b47-8787-4223950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:46.000Z",
|
|
"modified": "2015-12-22T14:01:46.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/544d3301a1b9a71975525b0eeff93a0ecdb42e13ed7b62b501e29227153b9c4b/analysis/1446904245/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ca-635c-4c86-b694-435d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:46.000Z",
|
|
"modified": "2015-12-22T14:01:46.000Z",
|
|
"description": "- Xchecked via VT: cb5915660bd5c87b2a9f2589a31067fb",
|
|
"pattern": "[file:hashes.SHA256 = '692aae591bcfb28c42060183956a1a454d5af1df49836225341d5ebc3d4988f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ca-5a14-4d47-93d5-42d5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:46.000Z",
|
|
"modified": "2015-12-22T14:01:46.000Z",
|
|
"description": "- Xchecked via VT: cb5915660bd5c87b2a9f2589a31067fb",
|
|
"pattern": "[file:hashes.SHA1 = '30928e3ad6bddf8affca456bedb62f126913f82b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cb-da20-41ab-a175-4e1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:47.000Z",
|
|
"modified": "2015-12-22T14:01:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/692aae591bcfb28c42060183956a1a454d5af1df49836225341d5ebc3d4988f1/analysis/1447152595/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cb-6584-48fa-9515-4297950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:47.000Z",
|
|
"modified": "2015-12-22T14:01:47.000Z",
|
|
"description": "- Xchecked via VT: f6853320259e7b3b6e1202847e7d2878",
|
|
"pattern": "[file:hashes.SHA256 = '590d39350bd7a03a7d60c3b92612e16b4990e209cb96cd4bd9a696d1d51d993a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cb-6a3c-461d-bc09-41d7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:47.000Z",
|
|
"modified": "2015-12-22T14:01:47.000Z",
|
|
"description": "- Xchecked via VT: f6853320259e7b3b6e1202847e7d2878",
|
|
"pattern": "[file:hashes.SHA1 = '21ec4288671f4ebc93e98dd0991e0b75691956d9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cc-3cb4-4756-bd40-4497950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:48.000Z",
|
|
"modified": "2015-12-22T14:01:48.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/590d39350bd7a03a7d60c3b92612e16b4990e209cb96cd4bd9a696d1d51d993a/analysis/1445938209/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cc-f404-4892-81e5-4e47950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:48.000Z",
|
|
"modified": "2015-12-22T14:01:48.000Z",
|
|
"description": "- Xchecked via VT: 3d4e010089df5c37495ff40861cdc0b4",
|
|
"pattern": "[file:hashes.SHA256 = 'f862d50e4b5d07eeb5105def0815466b5d74451f7ecbf1829c583680d1d4de44']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cc-6048-40f0-ada0-493a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:48.000Z",
|
|
"modified": "2015-12-22T14:01:48.000Z",
|
|
"description": "- Xchecked via VT: 3d4e010089df5c37495ff40861cdc0b4",
|
|
"pattern": "[file:hashes.SHA1 = '83c335395f1c85af3e535d804069a12f4a0ada88']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cc-7f04-4624-8cac-4b5b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:48.000Z",
|
|
"modified": "2015-12-22T14:01:48.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f862d50e4b5d07eeb5105def0815466b5d74451f7ecbf1829c583680d1d4de44/analysis/1447152458/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cd-2f68-4a3b-94d4-4624950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:49.000Z",
|
|
"modified": "2015-12-22T14:01:49.000Z",
|
|
"description": "- Xchecked via VT: 0defc31277ebcca9a7b89492fee9fccc",
|
|
"pattern": "[file:hashes.SHA256 = 'dcb097a0ea23d2ffe216f60f471930e1dc6628d3973d93a02d4f7ee191263e03']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cd-7ad4-4a14-8cc6-4a0a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:49.000Z",
|
|
"modified": "2015-12-22T14:01:49.000Z",
|
|
"description": "- Xchecked via VT: 0defc31277ebcca9a7b89492fee9fccc",
|
|
"pattern": "[file:hashes.SHA1 = '5080da83d10143012729fa1d748fa6907675e8ab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cd-a4a8-467c-95d7-4067950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:49.000Z",
|
|
"modified": "2015-12-22T14:01:49.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/dcb097a0ea23d2ffe216f60f471930e1dc6628d3973d93a02d4f7ee191263e03/analysis/1445239382/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ce-3f2c-4cbc-9316-48e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:50.000Z",
|
|
"modified": "2015-12-22T14:01:50.000Z",
|
|
"description": "- Xchecked via VT: 49a71d907b0ba412ce6e90f20f66aa2a",
|
|
"pattern": "[file:hashes.SHA256 = '7581f999dc1718aabefc7ab3b53216a38a8f4fe608e20fa8cc5b92dde9f44bce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ce-b2b8-406b-aba1-4a0c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:50.000Z",
|
|
"modified": "2015-12-22T14:01:50.000Z",
|
|
"description": "- Xchecked via VT: 49a71d907b0ba412ce6e90f20f66aa2a",
|
|
"pattern": "[file:hashes.SHA1 = 'f0e3999d35a9738469daff6d9da6c96fc1c1107b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ce-fd2c-45f8-8362-42e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:50.000Z",
|
|
"modified": "2015-12-22T14:01:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7581f999dc1718aabefc7ab3b53216a38a8f4fe608e20fa8cc5b92dde9f44bce/analysis/1446812103/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ce-4948-4623-aeb4-49ef950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:50.000Z",
|
|
"modified": "2015-12-22T14:01:50.000Z",
|
|
"description": "- Xchecked via VT: 46ac08e57e7c4be8f255eb65b7e7b646",
|
|
"pattern": "[file:hashes.SHA256 = '3bc888d9d98a8dad94aae6f661225144a2fe872050b0364a1c593aa8007af91a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cf-6430-4e08-a879-433a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:51.000Z",
|
|
"modified": "2015-12-22T14:01:51.000Z",
|
|
"description": "- Xchecked via VT: 46ac08e57e7c4be8f255eb65b7e7b646",
|
|
"pattern": "[file:hashes.SHA1 = '1aa63f68a1d7b12140f8991b1a76e3a42cfffa82']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cf-50b0-4fcd-92ff-4d8c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:51.000Z",
|
|
"modified": "2015-12-22T14:01:51.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3bc888d9d98a8dad94aae6f661225144a2fe872050b0364a1c593aa8007af91a/analysis/1444919095/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957cf-8580-40e9-a669-4b60950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:51.000Z",
|
|
"modified": "2015-12-22T14:01:51.000Z",
|
|
"description": "- Xchecked via VT: 3a9cdf146372fd358160014e9c83e94f",
|
|
"pattern": "[file:hashes.SHA256 = '8ba08c51f7fc535191929636af5d95dc746e513c09593630407e6003fd38459d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d0-5154-45b4-9a39-4908950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:52.000Z",
|
|
"modified": "2015-12-22T14:01:52.000Z",
|
|
"description": "- Xchecked via VT: 3a9cdf146372fd358160014e9c83e94f",
|
|
"pattern": "[file:hashes.SHA1 = '1f47a1c268996b6c4517935cd1158e7ebda1cd7f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d0-ff30-48cf-aaa1-4684950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:52.000Z",
|
|
"modified": "2015-12-22T14:01:52.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8ba08c51f7fc535191929636af5d95dc746e513c09593630407e6003fd38459d/analysis/1447601043/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d0-81c4-4604-9bc4-45c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:52.000Z",
|
|
"modified": "2015-12-22T14:01:52.000Z",
|
|
"description": "- Xchecked via VT: 14d7f0cdd01db02de6dc66ce4285870f",
|
|
"pattern": "[file:hashes.SHA256 = 'fffdbac30bc99fb872b4189026a452c29e88bb7c79aa06f90de1c7b90ad4a71b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d1-7998-4029-bcd2-4668950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:53.000Z",
|
|
"modified": "2015-12-22T14:01:53.000Z",
|
|
"description": "- Xchecked via VT: 14d7f0cdd01db02de6dc66ce4285870f",
|
|
"pattern": "[file:hashes.SHA1 = 'd1e31b6c55851db648090423f66ce5962eaeff6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d1-17d4-4f85-8da2-48a2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:53.000Z",
|
|
"modified": "2015-12-22T14:01:53.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/fffdbac30bc99fb872b4189026a452c29e88bb7c79aa06f90de1c7b90ad4a71b/analysis/1444813791/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d1-a144-4abd-ad8f-4e2d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:53.000Z",
|
|
"modified": "2015-12-22T14:01:53.000Z",
|
|
"description": "- Xchecked via VT: 42cfb6dd762ef302b4137a3f5c5ae8d5",
|
|
"pattern": "[file:hashes.SHA256 = '98b08dbaeaae5f222791f7e11f8880917831d3fab6ba28f54bb54c5d66eedb2c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d1-23e8-489e-a21b-4a17950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:53.000Z",
|
|
"modified": "2015-12-22T14:01:53.000Z",
|
|
"description": "- Xchecked via VT: 42cfb6dd762ef302b4137a3f5c5ae8d5",
|
|
"pattern": "[file:hashes.SHA1 = 'eb40b15cb38415d05e729a5719e65d0e9e8bad65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d2-4330-4211-9402-4283950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:54.000Z",
|
|
"modified": "2015-12-22T14:01:54.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/98b08dbaeaae5f222791f7e11f8880917831d3fab6ba28f54bb54c5d66eedb2c/analysis/1447686921/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d2-6dd8-4894-9b29-4938950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:54.000Z",
|
|
"modified": "2015-12-22T14:01:54.000Z",
|
|
"description": "- Xchecked via VT: 5ed5da0ac426b3af5488e1b14353e3bb",
|
|
"pattern": "[file:hashes.SHA256 = '785655a5a1fb2e5dc2384b9308575b9ad33cd8c0637d2248ec44c68aaedc60f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d2-3460-494d-9834-4665950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:54.000Z",
|
|
"modified": "2015-12-22T14:01:54.000Z",
|
|
"description": "- Xchecked via VT: 5ed5da0ac426b3af5488e1b14353e3bb",
|
|
"pattern": "[file:hashes.SHA1 = 'cfe7e4c2dd940dd559d10d323eb8be5279f6da33']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d3-b5fc-4e36-b18d-4425950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:55.000Z",
|
|
"modified": "2015-12-22T14:01:55.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/785655a5a1fb2e5dc2384b9308575b9ad33cd8c0637d2248ec44c68aaedc60f4/analysis/1445863392/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d3-a9c4-4b6b-be23-4338950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:55.000Z",
|
|
"modified": "2015-12-22T14:01:55.000Z",
|
|
"description": "- Xchecked via VT: 128276ba3fcb6c359bdb69ac75219924",
|
|
"pattern": "[file:hashes.SHA256 = 'ed9f9f0d9417981936943799de1bbb88a2191a0753f6bb1b25c1a3643263a9bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d3-7930-4828-9533-4c82950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:55.000Z",
|
|
"modified": "2015-12-22T14:01:55.000Z",
|
|
"description": "- Xchecked via VT: 128276ba3fcb6c359bdb69ac75219924",
|
|
"pattern": "[file:hashes.SHA1 = '4ef65b396b7849aa2a32d5ae83e849bc49320505']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d3-7a10-4c6b-a453-4239950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:55.000Z",
|
|
"modified": "2015-12-22T14:01:55.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ed9f9f0d9417981936943799de1bbb88a2191a0753f6bb1b25c1a3643263a9bf/analysis/1445373466/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d4-d4b8-481d-8368-4394950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:56.000Z",
|
|
"modified": "2015-12-22T14:01:56.000Z",
|
|
"description": "- Xchecked via VT: 16177410d01502a44fff78ad2b0964de",
|
|
"pattern": "[file:hashes.SHA256 = '1294f2595cb0b9f67a676b9ce8bbbd257e0baf46e84ba466667c68d962a0d860']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d4-ecc0-494b-bc54-4f10950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:56.000Z",
|
|
"modified": "2015-12-22T14:01:56.000Z",
|
|
"description": "- Xchecked via VT: 16177410d01502a44fff78ad2b0964de",
|
|
"pattern": "[file:hashes.SHA1 = '617fbda0340ad1ff1455630fe4fd479cbb768402']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d4-dda8-494c-9f5f-4f0f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:56.000Z",
|
|
"modified": "2015-12-22T14:01:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1294f2595cb0b9f67a676b9ce8bbbd257e0baf46e84ba466667c68d962a0d860/analysis/1447068541/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d5-97ac-4f49-a2fb-4b3c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:57.000Z",
|
|
"modified": "2015-12-22T14:01:57.000Z",
|
|
"description": "- Xchecked via VT: 2c4d4f3e2602c3d946d00d7633c42100",
|
|
"pattern": "[file:hashes.SHA256 = '8f1d70a6e8ef95ffe1ae3d0dd3986d24845a6b4e75bf10171b97e4b437137429']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d5-1558-4f42-9d51-4f07950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:57.000Z",
|
|
"modified": "2015-12-22T14:01:57.000Z",
|
|
"description": "- Xchecked via VT: 2c4d4f3e2602c3d946d00d7633c42100",
|
|
"pattern": "[file:hashes.SHA1 = '2f7d4b1f00bd96892db11153fa91f70731291b74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d5-44b4-4dd6-bec7-4054950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:57.000Z",
|
|
"modified": "2015-12-22T14:01:57.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8f1d70a6e8ef95ffe1ae3d0dd3986d24845a6b4e75bf10171b97e4b437137429/analysis/1446985962/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d6-a800-4cd1-b086-488b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:58.000Z",
|
|
"modified": "2015-12-22T14:01:58.000Z",
|
|
"description": "- Xchecked via VT: 4e607842016a2e42c3f3c40785fddf45",
|
|
"pattern": "[file:hashes.SHA256 = 'b1459a07b4f9efa17c1ea75f094d2fbbd326d1568e3b52d4ebae78bc42ca5c3f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d6-6e5c-4774-8d20-4aaf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:58.000Z",
|
|
"modified": "2015-12-22T14:01:58.000Z",
|
|
"description": "- Xchecked via VT: 4e607842016a2e42c3f3c40785fddf45",
|
|
"pattern": "[file:hashes.SHA1 = '19adb66421e48e3afd64fd5278bc69276382a907']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d6-50cc-4de3-8fd2-4d1a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:58.000Z",
|
|
"modified": "2015-12-22T14:01:58.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b1459a07b4f9efa17c1ea75f094d2fbbd326d1568e3b52d4ebae78bc42ca5c3f/analysis/1450627602/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d6-b6d4-4888-b60f-4a8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:58.000Z",
|
|
"modified": "2015-12-22T14:01:58.000Z",
|
|
"description": "- Xchecked via VT: 876b5806fd737381048bf678532e699f",
|
|
"pattern": "[file:hashes.SHA256 = '9e4b6f17d44385a4ce62f0804386ad02a5bfc9fc7418f7b6c04c22ba163a6177']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d7-656c-4b43-9cee-4715950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:59.000Z",
|
|
"modified": "2015-12-22T14:01:59.000Z",
|
|
"description": "- Xchecked via VT: 876b5806fd737381048bf678532e699f",
|
|
"pattern": "[file:hashes.SHA1 = '0a6a1dc3c3965eac1bd646d5cf562a8a3153da0c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d7-d054-4272-9ebf-4d7c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:59.000Z",
|
|
"modified": "2015-12-22T14:01:59.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9e4b6f17d44385a4ce62f0804386ad02a5bfc9fc7418f7b6c04c22ba163a6177/analysis/1443626055/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d7-fc38-4214-adf3-438e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:01:59.000Z",
|
|
"modified": "2015-12-22T14:01:59.000Z",
|
|
"description": "- Xchecked via VT: c13d9a88935de6d384d0d97f8923691f",
|
|
"pattern": "[file:hashes.SHA256 = 'b4aac03ec607f707ac5bec5bc4cb12b05f24d5308519891cda27bc720c1419be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:01:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d8-52c8-4a48-a29f-4e5e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:00.000Z",
|
|
"modified": "2015-12-22T14:02:00.000Z",
|
|
"description": "- Xchecked via VT: c13d9a88935de6d384d0d97f8923691f",
|
|
"pattern": "[file:hashes.SHA1 = '9cadb46c90cd8c2a3ede35bdd85e696877d1aefb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d8-04b0-4b42-95d2-421d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:00.000Z",
|
|
"modified": "2015-12-22T14:02:00.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b4aac03ec607f707ac5bec5bc4cb12b05f24d5308519891cda27bc720c1419be/analysis/1444694134/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d8-700c-4781-91bb-4295950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:00.000Z",
|
|
"modified": "2015-12-22T14:02:00.000Z",
|
|
"description": "- Xchecked via VT: b449bad8fe2d5b147485891cb48fd96d",
|
|
"pattern": "[file:hashes.SHA256 = 'f6850750ad449c5e0695758bc0810db53854582e74e692fd2055f33393ff9b3b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d8-0614-4f2b-9379-4f8a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:00.000Z",
|
|
"modified": "2015-12-22T14:02:00.000Z",
|
|
"description": "- Xchecked via VT: b449bad8fe2d5b147485891cb48fd96d",
|
|
"pattern": "[file:hashes.SHA1 = 'f91119868d89dd684f9636693798e4fa3e1fbb9b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d9-74e8-49c8-9f39-4ccd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:01.000Z",
|
|
"modified": "2015-12-22T14:02:01.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f6850750ad449c5e0695758bc0810db53854582e74e692fd2055f33393ff9b3b/analysis/1447787771/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d9-4428-4b38-82ab-4d08950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:01.000Z",
|
|
"modified": "2015-12-22T14:02:01.000Z",
|
|
"description": "- Xchecked via VT: f1658b69eb72396a430c28df7ff58d87",
|
|
"pattern": "[file:hashes.SHA256 = 'adfa102b2c553cad0deac88eb7b7de1ede618adac4ecd4e30e3f4f2fae3d24c4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957d9-ba28-4974-a715-4cee950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:01.000Z",
|
|
"modified": "2015-12-22T14:02:01.000Z",
|
|
"description": "- Xchecked via VT: f1658b69eb72396a430c28df7ff58d87",
|
|
"pattern": "[file:hashes.SHA1 = 'cb977742198c17224c4654324c877ccc809b778b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957da-9dac-4e12-ac2b-4262950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:02.000Z",
|
|
"modified": "2015-12-22T14:02:02.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/adfa102b2c553cad0deac88eb7b7de1ede618adac4ecd4e30e3f4f2fae3d24c4/analysis/1445264287/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957da-7ad8-41a1-97c3-4239950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:02.000Z",
|
|
"modified": "2015-12-22T14:02:02.000Z",
|
|
"description": "- Xchecked via VT: 609c2b0626cf964493287bdf3a9027f4",
|
|
"pattern": "[file:hashes.SHA256 = 'f148b282bade6297c4e3ae4c3917231be52828902da001562c394b4627a4a643']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957da-aa80-4407-91e4-45d9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:02.000Z",
|
|
"modified": "2015-12-22T14:02:02.000Z",
|
|
"description": "- Xchecked via VT: 609c2b0626cf964493287bdf3a9027f4",
|
|
"pattern": "[file:hashes.SHA1 = 'b69bfead7b832fb729ce3b2a75b26ad2deafef61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957db-71b8-448c-b840-4151950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:03.000Z",
|
|
"modified": "2015-12-22T14:02:03.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f148b282bade6297c4e3ae4c3917231be52828902da001562c394b4627a4a643/analysis/1447152378/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957db-6b3c-4bc8-a778-4c1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:03.000Z",
|
|
"modified": "2015-12-22T14:02:03.000Z",
|
|
"description": "- Xchecked via VT: b77de462d1816858948eecf3f1d78a13",
|
|
"pattern": "[file:hashes.SHA256 = '14271d15b29e9effbdfe93e6c863a498b7f10cfd6702a410db3eff521909189e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957db-52d4-4c6d-9f05-4fa0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:03.000Z",
|
|
"modified": "2015-12-22T14:02:03.000Z",
|
|
"description": "- Xchecked via VT: b77de462d1816858948eecf3f1d78a13",
|
|
"pattern": "[file:hashes.SHA1 = '926ea4fbcc3e1aaa12b94d555dd7281ef5cd9ba5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957db-fefc-4244-bd4d-4a63950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:03.000Z",
|
|
"modified": "2015-12-22T14:02:03.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/14271d15b29e9effbdfe93e6c863a498b7f10cfd6702a410db3eff521909189e/analysis/1446113516/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957dc-c0d0-4781-9bac-44c1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:04.000Z",
|
|
"modified": "2015-12-22T14:02:04.000Z",
|
|
"description": "- Xchecked via VT: 69f57fb9c517829f3028208ae6c87800",
|
|
"pattern": "[file:hashes.SHA256 = '7a6e416a39301b07377ca27c003b4664202ab767c16b5acab760932e24ddbaea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957dc-c588-4b13-b7f0-49ee950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:04.000Z",
|
|
"modified": "2015-12-22T14:02:04.000Z",
|
|
"description": "- Xchecked via VT: 69f57fb9c517829f3028208ae6c87800",
|
|
"pattern": "[file:hashes.SHA1 = 'c260906952e30d26c880f9b6c704758f4d435e92']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957dc-244c-4468-9b4d-4b6d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:04.000Z",
|
|
"modified": "2015-12-22T14:02:04.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7a6e416a39301b07377ca27c003b4664202ab767c16b5acab760932e24ddbaea/analysis/1446985642/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957dd-4b60-479b-b463-4cdc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:05.000Z",
|
|
"modified": "2015-12-22T14:02:05.000Z",
|
|
"description": "- Xchecked via VT: 722645b9438e5963224ac6a1717011b4",
|
|
"pattern": "[file:hashes.SHA256 = 'abe9a695762effdfae1c59a5ccde8ebf39a22589d306c0946dc0ca3e03f989d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957dd-8304-42d5-b29e-4ece950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:05.000Z",
|
|
"modified": "2015-12-22T14:02:05.000Z",
|
|
"description": "- Xchecked via VT: 722645b9438e5963224ac6a1717011b4",
|
|
"pattern": "[file:hashes.SHA1 = '5176a29ea8e99995ddd25cd364ef8ea060426a58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957dd-e200-410c-b5cf-41eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:05.000Z",
|
|
"modified": "2015-12-22T14:02:05.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/abe9a695762effdfae1c59a5ccde8ebf39a22589d306c0946dc0ca3e03f989d4/analysis/1445343941/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957dd-a140-468f-b7ca-4ead950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:05.000Z",
|
|
"modified": "2015-12-22T14:02:05.000Z",
|
|
"description": "- Xchecked via VT: ab84079afdf255cd80073d00df9a8815",
|
|
"pattern": "[file:hashes.SHA256 = '7982502ebe7e4a783a6435f810258c9ce9ff76b5397396649649af672c8e1818']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957dd-2154-4273-a0ad-4063950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:05.000Z",
|
|
"modified": "2015-12-22T14:02:05.000Z",
|
|
"description": "- Xchecked via VT: ab84079afdf255cd80073d00df9a8815",
|
|
"pattern": "[file:hashes.SHA1 = '10ebde1ac4baab86e48cde8ea750fc6a7ff61113']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957de-e210-4e7a-94f9-4439950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:06.000Z",
|
|
"modified": "2015-12-22T14:02:06.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7982502ebe7e4a783a6435f810258c9ce9ff76b5397396649649af672c8e1818/analysis/1447152328/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957de-c5b0-44b8-a14f-47e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:06.000Z",
|
|
"modified": "2015-12-22T14:02:06.000Z",
|
|
"description": "- Xchecked via VT: 43e8738a58ea070e81b428c718b446d8",
|
|
"pattern": "[file:hashes.SHA256 = '63654b5a0181ca55e46e368ff2f08ed8cc6f083b94082fa54ac81184822131ee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957de-faf4-4faf-9f99-413a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:06.000Z",
|
|
"modified": "2015-12-22T14:02:06.000Z",
|
|
"description": "- Xchecked via VT: 43e8738a58ea070e81b428c718b446d8",
|
|
"pattern": "[file:hashes.SHA1 = '8a7c53f4fdbee783029f516ff062338067a778c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957de-b034-40f2-a93d-42c0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:06.000Z",
|
|
"modified": "2015-12-22T14:02:06.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/63654b5a0181ca55e46e368ff2f08ed8cc6f083b94082fa54ac81184822131ee/analysis/1450721424/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957df-df60-4924-b8e9-45dc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:07.000Z",
|
|
"modified": "2015-12-22T14:02:07.000Z",
|
|
"description": "- Xchecked via VT: 2f46f246099d70c82d58c4a78230bd78",
|
|
"pattern": "[file:hashes.SHA256 = 'bbb49d7fdd59ba6249465eaf0b45462c4557926116917636b092a2a3c2353dba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957df-bb14-482d-9915-490d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:07.000Z",
|
|
"modified": "2015-12-22T14:02:07.000Z",
|
|
"description": "- Xchecked via VT: 2f46f246099d70c82d58c4a78230bd78",
|
|
"pattern": "[file:hashes.SHA1 = 'b2fb56279d4be272fe9975a163f098eb9751cc5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957df-9acc-4268-8d27-4cf6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:07.000Z",
|
|
"modified": "2015-12-22T14:02:07.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/bbb49d7fdd59ba6249465eaf0b45462c4557926116917636b092a2a3c2353dba/analysis/1446812316/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e0-7edc-4d76-860a-4aa7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:08.000Z",
|
|
"modified": "2015-12-22T14:02:08.000Z",
|
|
"description": "- Xchecked via VT: 36b254e1321e76a410438c172b307924",
|
|
"pattern": "[file:hashes.SHA256 = 'aa2342746babaa21cf10c3f6a144f36fb23936ce318015dd32a57c0cf32864d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e0-3a40-44de-af70-4f91950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:08.000Z",
|
|
"modified": "2015-12-22T14:02:08.000Z",
|
|
"description": "- Xchecked via VT: 36b254e1321e76a410438c172b307924",
|
|
"pattern": "[file:hashes.SHA1 = '761e93acf9e04ab5b85ddde9e1320ce864473e49']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e0-e890-40b6-867b-4a8b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:08.000Z",
|
|
"modified": "2015-12-22T14:02:08.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/aa2342746babaa21cf10c3f6a144f36fb23936ce318015dd32a57c0cf32864d4/analysis/1446802229/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e0-1584-46e0-87bf-4a20950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:08.000Z",
|
|
"modified": "2015-12-22T14:02:08.000Z",
|
|
"description": "- Xchecked via VT: 5212f9ab9c667b0ec56be94ed427e0c5",
|
|
"pattern": "[file:hashes.SHA256 = 'a5197c8994df388b6118f66602801cb2be7d5ad0d52f4f9333d1860bae51de34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e1-78c4-4f6c-9e12-4ff4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:09.000Z",
|
|
"modified": "2015-12-22T14:02:09.000Z",
|
|
"description": "- Xchecked via VT: 5212f9ab9c667b0ec56be94ed427e0c5",
|
|
"pattern": "[file:hashes.SHA1 = 'acb17946e9207c934e2fc397fd24f47e8dfc9df2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e1-5858-4b76-970d-4737950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:09.000Z",
|
|
"modified": "2015-12-22T14:02:09.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a5197c8994df388b6118f66602801cb2be7d5ad0d52f4f9333d1860bae51de34/analysis/1445948427/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e1-f744-47a1-ada6-4b19950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:09.000Z",
|
|
"modified": "2015-12-22T14:02:09.000Z",
|
|
"description": "- Xchecked via VT: c31330422abceb47f030f4efb690b4ad",
|
|
"pattern": "[file:hashes.SHA256 = '1fa6b54583a227e5cf8fb4a4f296a9b182359fb89101581678ce34b52f59dea8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e2-80cc-4119-ac4b-464f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:10.000Z",
|
|
"modified": "2015-12-22T14:02:10.000Z",
|
|
"description": "- Xchecked via VT: c31330422abceb47f030f4efb690b4ad",
|
|
"pattern": "[file:hashes.SHA1 = '013b619b78f37bad3c126caf4ae7ca38541a6873']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e2-59e0-4499-89cb-444f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:10.000Z",
|
|
"modified": "2015-12-22T14:02:10.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1fa6b54583a227e5cf8fb4a4f296a9b182359fb89101581678ce34b52f59dea8/analysis/1445232501/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e2-4c00-46c8-9859-4bda950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:10.000Z",
|
|
"modified": "2015-12-22T14:02:10.000Z",
|
|
"description": "- Xchecked via VT: 9cb3c22c0832315945b31cda6423cf9b",
|
|
"pattern": "[file:hashes.SHA256 = 'bfa957d4082e28b6a57d217dac13be580944af453c0b92c7b48ceddc92216614']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e2-d884-432c-8736-47f1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:10.000Z",
|
|
"modified": "2015-12-22T14:02:10.000Z",
|
|
"description": "- Xchecked via VT: 9cb3c22c0832315945b31cda6423cf9b",
|
|
"pattern": "[file:hashes.SHA1 = '1f6c2c630e3d0f64370a4a0b8bb2e86f9138d457']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e3-0260-48e1-a747-4b2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:11.000Z",
|
|
"modified": "2015-12-22T14:02:11.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/bfa957d4082e28b6a57d217dac13be580944af453c0b92c7b48ceddc92216614/analysis/1450638124/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e3-bf04-494d-8a98-46c5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:11.000Z",
|
|
"modified": "2015-12-22T14:02:11.000Z",
|
|
"description": "- Xchecked via VT: 2241f50151c05ee86dc6d1986e47861d",
|
|
"pattern": "[file:hashes.SHA256 = '5fcf0a438c84408ab2f1d9bcb3882eeaf26453f2772d4033f9c0ca69d448d6b3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e3-f9dc-4884-b881-4c3e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:11.000Z",
|
|
"modified": "2015-12-22T14:02:11.000Z",
|
|
"description": "- Xchecked via VT: 2241f50151c05ee86dc6d1986e47861d",
|
|
"pattern": "[file:hashes.SHA1 = 'a111052df8e706aca711d7d0e9d1d23375afcf90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e3-fd68-4c7a-9b20-4e1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:11.000Z",
|
|
"modified": "2015-12-22T14:02:11.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5fcf0a438c84408ab2f1d9bcb3882eeaf26453f2772d4033f9c0ca69d448d6b3/analysis/1443599757/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e4-fb88-4bc9-90e3-4ddf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:12.000Z",
|
|
"modified": "2015-12-22T14:02:12.000Z",
|
|
"description": "- Xchecked via VT: d5179087caa4a882ce74d3d8c5302007",
|
|
"pattern": "[file:hashes.SHA256 = '996e6abc5d9949d6b23f9dcb820ebe5642161e93f4c2cacbd2cb5777b2bfbdba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e4-29f0-41a2-a11b-4a51950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:12.000Z",
|
|
"modified": "2015-12-22T14:02:12.000Z",
|
|
"description": "- Xchecked via VT: d5179087caa4a882ce74d3d8c5302007",
|
|
"pattern": "[file:hashes.SHA1 = '427cd98e2deb5b452cd56fed9319a6f525cf7d19']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e4-d6bc-4fee-85cc-4e92950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:12.000Z",
|
|
"modified": "2015-12-22T14:02:12.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/996e6abc5d9949d6b23f9dcb820ebe5642161e93f4c2cacbd2cb5777b2bfbdba/analysis/1445040228/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e4-3458-4186-846a-4ccf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:12.000Z",
|
|
"modified": "2015-12-22T14:02:12.000Z",
|
|
"description": "- Xchecked via VT: 3edbe1bdbae126360a5713eba5f56c9e",
|
|
"pattern": "[file:hashes.SHA256 = '1273800d0722af2f0ae5457874f52d0a68f1ac077d106e3f4c2e58bc5c108a16']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e5-2a18-48c7-bfde-4a35950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:13.000Z",
|
|
"modified": "2015-12-22T14:02:13.000Z",
|
|
"description": "- Xchecked via VT: 3edbe1bdbae126360a5713eba5f56c9e",
|
|
"pattern": "[file:hashes.SHA1 = 'dcbc8cc86a91c0e5bc6a54ecac99f6efc806cf08']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e5-8f28-42fe-9f15-4e75950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:13.000Z",
|
|
"modified": "2015-12-22T14:02:13.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1273800d0722af2f0ae5457874f52d0a68f1ac077d106e3f4c2e58bc5c108a16/analysis/1445953634/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e5-3244-407e-b1bb-40dd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:13.000Z",
|
|
"modified": "2015-12-22T14:02:13.000Z",
|
|
"description": "- Xchecked via VT: 8672c029b942aecbd87518935215d753",
|
|
"pattern": "[file:hashes.SHA256 = '8778034cd06a145fe4c1a70518c0227a26b50589b25e63d57d52ae090ef2cc68']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e6-8ab8-47d7-9c6a-4373950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:14.000Z",
|
|
"modified": "2015-12-22T14:02:14.000Z",
|
|
"description": "- Xchecked via VT: 8672c029b942aecbd87518935215d753",
|
|
"pattern": "[file:hashes.SHA1 = '4660395db65a2b58851a447d028231cfddab61b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e6-83b8-4ee4-a4de-479e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:14.000Z",
|
|
"modified": "2015-12-22T14:02:14.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8778034cd06a145fe4c1a70518c0227a26b50589b25e63d57d52ae090ef2cc68/analysis/1443797505/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e6-ae3c-40e6-bc98-4177950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:14.000Z",
|
|
"modified": "2015-12-22T14:02:14.000Z",
|
|
"description": "- Xchecked via VT: edd84f7c567e30ee0d78de3739945927",
|
|
"pattern": "[file:hashes.SHA256 = '6815140e6ec0a7ee48ab72e18cd7226755e6431f74185eaca923afe5f46fe838']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e6-8904-4f2e-b5ad-4f24950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:14.000Z",
|
|
"modified": "2015-12-22T14:02:14.000Z",
|
|
"description": "- Xchecked via VT: edd84f7c567e30ee0d78de3739945927",
|
|
"pattern": "[file:hashes.SHA1 = '9971394704f8f9f1964b509319f4a937a03e677b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e7-96b8-4a5f-92f5-4161950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:15.000Z",
|
|
"modified": "2015-12-22T14:02:15.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6815140e6ec0a7ee48ab72e18cd7226755e6431f74185eaca923afe5f46fe838/analysis/1445948347/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e7-9c84-459e-9b8f-4924950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:15.000Z",
|
|
"modified": "2015-12-22T14:02:15.000Z",
|
|
"description": "- Xchecked via VT: 773f5dd3d2ca3f9654fbcf21f5ff00c5",
|
|
"pattern": "[file:hashes.SHA256 = 'ee624c69bf659ed28c592a90ed222899fca34d28e4f39b4e29c3b161b166aa67']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e7-c8a4-4628-8ec1-4358950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:15.000Z",
|
|
"modified": "2015-12-22T14:02:15.000Z",
|
|
"description": "- Xchecked via VT: 773f5dd3d2ca3f9654fbcf21f5ff00c5",
|
|
"pattern": "[file:hashes.SHA1 = 'c94589f7cd3212b935f197834b2e62691577bc25']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e8-97e0-40b6-8da8-4b38950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:16.000Z",
|
|
"modified": "2015-12-22T14:02:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ee624c69bf659ed28c592a90ed222899fca34d28e4f39b4e29c3b161b166aa67/analysis/1445336872/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e8-4848-49f6-b6ce-4b96950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:16.000Z",
|
|
"modified": "2015-12-22T14:02:16.000Z",
|
|
"description": "- Xchecked via VT: c087cd0951b525ea8a096c37f3014fe0",
|
|
"pattern": "[file:hashes.SHA256 = '2996fc7ebb74689350cba3d78c559f12122eb229463288dcb0c12a5f0aa7d429']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e8-51ec-4450-8bfe-48ac950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:16.000Z",
|
|
"modified": "2015-12-22T14:02:16.000Z",
|
|
"description": "- Xchecked via VT: c087cd0951b525ea8a096c37f3014fe0",
|
|
"pattern": "[file:hashes.SHA1 = '03db058d5dc87813e9cc0e7db5ec1b248dcd13c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e8-0fc4-4595-8e95-4827950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:16.000Z",
|
|
"modified": "2015-12-22T14:02:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2996fc7ebb74689350cba3d78c559f12122eb229463288dcb0c12a5f0aa7d429/analysis/1446114438/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e9-9ec0-45a9-bf2a-4ba6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:17.000Z",
|
|
"modified": "2015-12-22T14:02:17.000Z",
|
|
"description": "- Xchecked via VT: dbb94739f43b74e209daaff36dd6cd1f",
|
|
"pattern": "[file:hashes.SHA256 = '2f482f91a40653e91aa7ba60332b18677a583dfdaa30cb737b9be0a7e99e7b85']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e9-7abc-4a3a-824f-4e9c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:17.000Z",
|
|
"modified": "2015-12-22T14:02:17.000Z",
|
|
"description": "- Xchecked via VT: dbb94739f43b74e209daaff36dd6cd1f",
|
|
"pattern": "[file:hashes.SHA1 = '55c9bb7c744b4793071406bd672d00ac547edd4b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e9-c014-4b30-874d-42cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:17.000Z",
|
|
"modified": "2015-12-22T14:02:17.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2f482f91a40653e91aa7ba60332b18677a583dfdaa30cb737b9be0a7e99e7b85/analysis/1450721375/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957e9-27c8-4fe5-b41b-4116950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:17.000Z",
|
|
"modified": "2015-12-22T14:02:17.000Z",
|
|
"description": "- Xchecked via VT: 2fdbf18c8656ef1404e4f04483b579e7",
|
|
"pattern": "[file:hashes.SHA256 = 'a8907a1bafd96b0c77a96662e3c843fb5c993bd66d1500c68fd8dd48d3fb01ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ea-4cac-47df-8384-465e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:18.000Z",
|
|
"modified": "2015-12-22T14:02:18.000Z",
|
|
"description": "- Xchecked via VT: 2fdbf18c8656ef1404e4f04483b579e7",
|
|
"pattern": "[file:hashes.SHA1 = 'dd720d6d9a4f8f3fdd5d23c9113d2a821bb5e94d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ea-ed74-4bf9-89bf-4f83950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:18.000Z",
|
|
"modified": "2015-12-22T14:02:18.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a8907a1bafd96b0c77a96662e3c843fb5c993bd66d1500c68fd8dd48d3fb01ef/analysis/1445159916/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ea-9e04-48b0-85bf-4eec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:18.000Z",
|
|
"modified": "2015-12-22T14:02:18.000Z",
|
|
"description": "- Xchecked via VT: 221dbe30a24c087dd49092383b8b805b",
|
|
"pattern": "[file:hashes.SHA256 = '414114ab0f32ccb97bd45b1226e4c1e742666d0dcb8f469a95eac4590b842181']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957eb-f890-4b7e-9604-4ebd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:19.000Z",
|
|
"modified": "2015-12-22T14:02:19.000Z",
|
|
"description": "- Xchecked via VT: 221dbe30a24c087dd49092383b8b805b",
|
|
"pattern": "[file:hashes.SHA1 = 'bee9d568214797fc5989da4ef081fab62905774b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957eb-99c8-4685-8183-4490950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:19.000Z",
|
|
"modified": "2015-12-22T14:02:19.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/414114ab0f32ccb97bd45b1226e4c1e742666d0dcb8f469a95eac4590b842181/analysis/1446806982/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957eb-7008-473f-abca-46f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:19.000Z",
|
|
"modified": "2015-12-22T14:02:19.000Z",
|
|
"description": "- Xchecked via VT: 1120f40da7387f273387cbfdb7eb6b5d",
|
|
"pattern": "[file:hashes.SHA256 = 'ead0449c6ad0888ff4c2c567c0bbe5f01b6f414d41b21ec0dbbc2b6c6b859da7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ec-4878-4141-8f91-4dab950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:20.000Z",
|
|
"modified": "2015-12-22T14:02:20.000Z",
|
|
"description": "- Xchecked via VT: 1120f40da7387f273387cbfdb7eb6b5d",
|
|
"pattern": "[file:hashes.SHA1 = '164ca15759ddaea90e60a3c6e7c1d148e9b08254']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ec-d7cc-4641-b46e-4573950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:20.000Z",
|
|
"modified": "2015-12-22T14:02:20.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ead0449c6ad0888ff4c2c567c0bbe5f01b6f414d41b21ec0dbbc2b6c6b859da7/analysis/1446904495/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ec-ca18-4f3a-a25b-495d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:20.000Z",
|
|
"modified": "2015-12-22T14:02:20.000Z",
|
|
"description": "- Xchecked via VT: a275e7ec0fff7048ad991ff56825ff03",
|
|
"pattern": "[file:hashes.SHA256 = '7da17e898456509db0b88c17269f5efb4347035a31c5b1b80319d6da4110b016']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ec-07ec-403b-a2c6-47fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:20.000Z",
|
|
"modified": "2015-12-22T14:02:20.000Z",
|
|
"description": "- Xchecked via VT: a275e7ec0fff7048ad991ff56825ff03",
|
|
"pattern": "[file:hashes.SHA1 = 'cd531ea475dcf96af2ec725acd3943606a513dc7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ed-a714-4b13-89f8-4509950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:21.000Z",
|
|
"modified": "2015-12-22T14:02:21.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7da17e898456509db0b88c17269f5efb4347035a31c5b1b80319d6da4110b016/analysis/1447152981/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ed-c8b0-48d7-a8c4-4cc4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:21.000Z",
|
|
"modified": "2015-12-22T14:02:21.000Z",
|
|
"description": "- Xchecked via VT: f3fb357c226aa8e56a692fa20cf00cb2",
|
|
"pattern": "[file:hashes.SHA256 = 'ed7e057db744441e9d4d896a61cbcffa6fce8252d48b1d6d84ea08b8df8de266']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ed-1650-4170-95e7-487b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:21.000Z",
|
|
"modified": "2015-12-22T14:02:21.000Z",
|
|
"description": "- Xchecked via VT: f3fb357c226aa8e56a692fa20cf00cb2",
|
|
"pattern": "[file:hashes.SHA1 = 'c5694e25e3594674c90c3098ce46ca9dfb8b9b0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ed-1768-470f-9a16-4de3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:21.000Z",
|
|
"modified": "2015-12-22T14:02:21.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ed7e057db744441e9d4d896a61cbcffa6fce8252d48b1d6d84ea08b8df8de266/analysis/1443867152/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ee-ecc4-4153-8083-47d7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:22.000Z",
|
|
"modified": "2015-12-22T14:02:22.000Z",
|
|
"description": "- Xchecked via VT: 1f8d3ecf8ffd01ddead8eaa92d40272e",
|
|
"pattern": "[file:hashes.SHA256 = '0e7daa85113d1e5ccd4d4d5d8703b8ec9ec0f41290ad1199b718900a2674c613']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ee-8dec-4cce-822d-48ad950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:22.000Z",
|
|
"modified": "2015-12-22T14:02:22.000Z",
|
|
"description": "- Xchecked via VT: 1f8d3ecf8ffd01ddead8eaa92d40272e",
|
|
"pattern": "[file:hashes.SHA1 = 'cb73a5cae145af4043156b9106eed7a18761bd66']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ee-904c-4492-91ac-4dbd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:22.000Z",
|
|
"modified": "2015-12-22T14:02:22.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/0e7daa85113d1e5ccd4d4d5d8703b8ec9ec0f41290ad1199b718900a2674c613/analysis/1445192240/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ee-9d60-42d2-a857-4297950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:22.000Z",
|
|
"modified": "2015-12-22T14:02:22.000Z",
|
|
"description": "- Xchecked via VT: d6bcd2a2e1ad4dc3466f995544463d8f",
|
|
"pattern": "[file:hashes.SHA256 = 'a06e6b68c2c08f22ca5be3d274fe43246e8b3b29c05f96eeeb0fddbbaeddfc88']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ef-4e60-4590-8890-416d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:23.000Z",
|
|
"modified": "2015-12-22T14:02:23.000Z",
|
|
"description": "- Xchecked via VT: d6bcd2a2e1ad4dc3466f995544463d8f",
|
|
"pattern": "[file:hashes.SHA1 = 'c48df335009805092a978b106ed5da432ec9219f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ef-d584-4d72-a436-49a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:23.000Z",
|
|
"modified": "2015-12-22T14:02:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a06e6b68c2c08f22ca5be3d274fe43246e8b3b29c05f96eeeb0fddbbaeddfc88/analysis/1450761077/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ef-56b8-409a-94f9-4e38950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:23.000Z",
|
|
"modified": "2015-12-22T14:02:23.000Z",
|
|
"description": "- Xchecked via VT: 0b5df93467a81d193df7f7f43841ea77",
|
|
"pattern": "[file:hashes.SHA256 = 'cd8b686ce24935f98ea8c690ba0d5e01c321923047f20145608c7a544599f36c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ef-2330-42c3-b537-4e95950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:23.000Z",
|
|
"modified": "2015-12-22T14:02:23.000Z",
|
|
"description": "- Xchecked via VT: 0b5df93467a81d193df7f7f43841ea77",
|
|
"pattern": "[file:hashes.SHA1 = '24058d76f0ab0fb467f0cc4a2e88902ec9f20c06']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f0-5d2c-4f05-a451-4822950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:24.000Z",
|
|
"modified": "2015-12-22T14:02:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/cd8b686ce24935f98ea8c690ba0d5e01c321923047f20145608c7a544599f36c/analysis/1445949752/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f0-ee60-4961-ab03-40c3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:24.000Z",
|
|
"modified": "2015-12-22T14:02:24.000Z",
|
|
"description": "- Xchecked via VT: 44c71df65822f941918c4bce75d7f3d1",
|
|
"pattern": "[file:hashes.SHA256 = '7a4465a3c98ae8d14c7aba7dfe771258a9c621191b037b5a56a81f154b15b1ab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f0-c078-4ae4-8c87-4cf7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:24.000Z",
|
|
"modified": "2015-12-22T14:02:24.000Z",
|
|
"description": "- Xchecked via VT: 44c71df65822f941918c4bce75d7f3d1",
|
|
"pattern": "[file:hashes.SHA1 = 'd8014676e60d8637ceb52745d252ef4332eff7f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f0-52fc-43bb-9249-457c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:24.000Z",
|
|
"modified": "2015-12-22T14:02:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7a4465a3c98ae8d14c7aba7dfe771258a9c621191b037b5a56a81f154b15b1ab/analysis/1450761105/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f1-6c2c-4e0f-94fa-4baa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:25.000Z",
|
|
"modified": "2015-12-22T14:02:25.000Z",
|
|
"description": "- Xchecked via VT: 458eb818280f726d7856e8d0de4de65c",
|
|
"pattern": "[file:hashes.SHA256 = 'b402e9249e9e4a78ccaaab43a121e8475512ce317744c3939322c0636a0a84b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f1-847c-4254-ab39-4a39950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:25.000Z",
|
|
"modified": "2015-12-22T14:02:25.000Z",
|
|
"description": "- Xchecked via VT: 458eb818280f726d7856e8d0de4de65c",
|
|
"pattern": "[file:hashes.SHA1 = '4f0fe1299af7adbfeabd01e011e016474b7bcd10']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f1-d2f0-449b-9a9d-46cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:25.000Z",
|
|
"modified": "2015-12-22T14:02:25.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b402e9249e9e4a78ccaaab43a121e8475512ce317744c3939322c0636a0a84b1/analysis/1445974472/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f2-6e3c-4dde-b912-4a33950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:26.000Z",
|
|
"modified": "2015-12-22T14:02:26.000Z",
|
|
"description": "- Xchecked via VT: 8ce5586305e6a7d90bf2343466e9655d",
|
|
"pattern": "[file:hashes.SHA256 = 'f9c2dc08735cd309d8a500bc6de0d4a3e5eb7083cbfacdb2ef7a99dc5f835e04']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f2-4b70-4dd4-b2f4-40a0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:26.000Z",
|
|
"modified": "2015-12-22T14:02:26.000Z",
|
|
"description": "- Xchecked via VT: 8ce5586305e6a7d90bf2343466e9655d",
|
|
"pattern": "[file:hashes.SHA1 = 'd85b55b2bf99e24ede6b002f25199664d4e40350']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f2-42b8-4d0c-85e7-43cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:26.000Z",
|
|
"modified": "2015-12-22T14:02:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f9c2dc08735cd309d8a500bc6de0d4a3e5eb7083cbfacdb2ef7a99dc5f835e04/analysis/1445940655/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f2-09b4-40ef-84fa-476b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:26.000Z",
|
|
"modified": "2015-12-22T14:02:26.000Z",
|
|
"description": "- Xchecked via VT: 0fc0cd2700b67ed1c12d0b76047dfe59",
|
|
"pattern": "[file:hashes.SHA256 = 'ef0d0e431a07c4e5a949d4de215671e0f7557f2d6ce8ec70844fcb317c80dd18']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f2-5af8-4b7b-be47-4735950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:26.000Z",
|
|
"modified": "2015-12-22T14:02:26.000Z",
|
|
"description": "- Xchecked via VT: 0fc0cd2700b67ed1c12d0b76047dfe59",
|
|
"pattern": "[file:hashes.SHA1 = '8b10c2c8a5c12c8d21cf8175b8a466e8917dbc6d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f3-1580-4ce1-b0cb-4c85950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:27.000Z",
|
|
"modified": "2015-12-22T14:02:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ef0d0e431a07c4e5a949d4de215671e0f7557f2d6ce8ec70844fcb317c80dd18/analysis/1444095089/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f3-8184-473a-9321-483d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:27.000Z",
|
|
"modified": "2015-12-22T14:02:27.000Z",
|
|
"description": "- Xchecked via VT: c5a21961bbba68cc2486577cf7f19d08",
|
|
"pattern": "[file:hashes.SHA256 = '8bca2a8b2a2fac61403964bc3ae119686402f7ebd78f45d5a4ab4419b2631e43']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f3-c3f8-4512-af10-4cb9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:27.000Z",
|
|
"modified": "2015-12-22T14:02:27.000Z",
|
|
"description": "- Xchecked via VT: c5a21961bbba68cc2486577cf7f19d08",
|
|
"pattern": "[file:hashes.SHA1 = '75c165d7c71cfc07d609fff3c3144eda49aea35c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f3-49b0-4c28-b4a3-4fc2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:27.000Z",
|
|
"modified": "2015-12-22T14:02:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8bca2a8b2a2fac61403964bc3ae119686402f7ebd78f45d5a4ab4419b2631e43/analysis/1450721421/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f4-2c34-4aee-af98-42f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:28.000Z",
|
|
"modified": "2015-12-22T14:02:28.000Z",
|
|
"description": "- Xchecked via VT: 297a6600a7eb25e1633468345a7a7107",
|
|
"pattern": "[file:hashes.SHA256 = '1cc782621f0d0a0f6854edd9175ba24c7ac327002d0bed3a4be80348983c9b24']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f4-9994-4ec2-ae9e-4759950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:28.000Z",
|
|
"modified": "2015-12-22T14:02:28.000Z",
|
|
"description": "- Xchecked via VT: 297a6600a7eb25e1633468345a7a7107",
|
|
"pattern": "[file:hashes.SHA1 = '3b5cf31af6a8911d8b992b9b8c5bc892cc5ac2f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f4-5168-4359-b04c-4d0c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:28.000Z",
|
|
"modified": "2015-12-22T14:02:28.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1cc782621f0d0a0f6854edd9175ba24c7ac327002d0bed3a4be80348983c9b24/analysis/1446810715/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f4-fa9c-44a4-aef2-4201950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:28.000Z",
|
|
"modified": "2015-12-22T14:02:28.000Z",
|
|
"description": "- Xchecked via VT: 88e91fa33316a1668ca65e8034f99a8b",
|
|
"pattern": "[file:hashes.SHA256 = 'a1599dfdd7b39ba0b219a665da41cb6ad99e0b6aeed3ab66de6c9e1035385dac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f5-e648-41ea-a639-4085950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:29.000Z",
|
|
"modified": "2015-12-22T14:02:29.000Z",
|
|
"description": "- Xchecked via VT: 88e91fa33316a1668ca65e8034f99a8b",
|
|
"pattern": "[file:hashes.SHA1 = 'd8c620c4c6a4d545e9be2d10756afb528fc0cb42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f5-22ac-4157-920e-4476950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:29.000Z",
|
|
"modified": "2015-12-22T14:02:29.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a1599dfdd7b39ba0b219a665da41cb6ad99e0b6aeed3ab66de6c9e1035385dac/analysis/1447784471/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f5-e6a8-4685-ad7e-447d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:29.000Z",
|
|
"modified": "2015-12-22T14:02:29.000Z",
|
|
"description": "- Xchecked via VT: 77c5d1cd6a996bf4f4df37d172ad4b3d",
|
|
"pattern": "[file:hashes.SHA256 = 'f10a536d9d0244bc10611b377d9e3ec54f6e13544ed2d31c0c89bcd5175b6b75']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f5-a1f4-4e4e-b8e5-4796950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:29.000Z",
|
|
"modified": "2015-12-22T14:02:29.000Z",
|
|
"description": "- Xchecked via VT: 77c5d1cd6a996bf4f4df37d172ad4b3d",
|
|
"pattern": "[file:hashes.SHA1 = '89fbcc9f05a54bef0c14ff766b94d05cc78de05f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f6-d098-4be0-abc2-4de1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:30.000Z",
|
|
"modified": "2015-12-22T14:02:30.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f10a536d9d0244bc10611b377d9e3ec54f6e13544ed2d31c0c89bcd5175b6b75/analysis/1444928703/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f6-c72c-4731-88aa-479f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:30.000Z",
|
|
"modified": "2015-12-22T14:02:30.000Z",
|
|
"description": "- Xchecked via VT: 0c90c5eb23bb4fa413648c0ef9ca399a",
|
|
"pattern": "[file:hashes.SHA256 = '868ae5bfc2700ef17a920273a9ff3ad1d9f064aac4c29866ce3f516da10fd8c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f6-26e0-4f7e-9bf2-401d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:30.000Z",
|
|
"modified": "2015-12-22T14:02:30.000Z",
|
|
"description": "- Xchecked via VT: 0c90c5eb23bb4fa413648c0ef9ca399a",
|
|
"pattern": "[file:hashes.SHA1 = 'bdb62f83e8c2be5a0711539a4f5f0180c32fd6b2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f6-eb7c-4cb3-b64e-44b5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:30.000Z",
|
|
"modified": "2015-12-22T14:02:30.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/868ae5bfc2700ef17a920273a9ff3ad1d9f064aac4c29866ce3f516da10fd8c9/analysis/1446811320/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f6-3bc8-4b04-8c3c-4db6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:30.000Z",
|
|
"modified": "2015-12-22T14:02:30.000Z",
|
|
"description": "- Xchecked via VT: 279efc328e79a857786ec29e58567f31",
|
|
"pattern": "[file:hashes.SHA256 = 'dd3b90b17c380b8c94196b491ab60c889c6779eb9e4053b34d53a9a32c221d3e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f7-f8d8-430c-aff7-4b35950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:31.000Z",
|
|
"modified": "2015-12-22T14:02:31.000Z",
|
|
"description": "- Xchecked via VT: 279efc328e79a857786ec29e58567f31",
|
|
"pattern": "[file:hashes.SHA1 = 'a61c765d2a9eb65df09ac408e06be0aa144ef3e0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f7-bc04-4cc7-ae89-4725950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:31.000Z",
|
|
"modified": "2015-12-22T14:02:31.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/dd3b90b17c380b8c94196b491ab60c889c6779eb9e4053b34d53a9a32c221d3e/analysis/1450761355/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f7-68dc-4a2a-8ff2-4746950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:31.000Z",
|
|
"modified": "2015-12-22T14:02:31.000Z",
|
|
"description": "- Xchecked via VT: ef965d1693d2f1379ed9f245f2190c93",
|
|
"pattern": "[file:hashes.SHA256 = '56ecbeb4452b4d50c20348d102c3c39e7392aae1907290491d4ff6e6dc6f7240']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f7-b1a0-4237-ae90-420b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:31.000Z",
|
|
"modified": "2015-12-22T14:02:31.000Z",
|
|
"description": "- Xchecked via VT: ef965d1693d2f1379ed9f245f2190c93",
|
|
"pattern": "[file:hashes.SHA1 = '609d885cde2739b50af95a310ff9cd27068dde2d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f8-ced0-4a8e-8814-4ab3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:32.000Z",
|
|
"modified": "2015-12-22T14:02:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/56ecbeb4452b4d50c20348d102c3c39e7392aae1907290491d4ff6e6dc6f7240/analysis/1445059075/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f8-c150-429d-9e68-4419950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:32.000Z",
|
|
"modified": "2015-12-22T14:02:32.000Z",
|
|
"description": "- Xchecked via VT: fac74c7720cbc9a132558424fa4709e6",
|
|
"pattern": "[file:hashes.SHA256 = '300cd30958a4d8bb4c14f267e6da68602a4c545127faad6abaac307fa5d74653']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f8-5cc0-4bb7-a28d-47f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:32.000Z",
|
|
"modified": "2015-12-22T14:02:32.000Z",
|
|
"description": "- Xchecked via VT: fac74c7720cbc9a132558424fa4709e6",
|
|
"pattern": "[file:hashes.SHA1 = 'efd2b436b0e548cc3a9716fc4e46b1ba60476813']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f8-b5a4-473c-9768-4f28950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:32.000Z",
|
|
"modified": "2015-12-22T14:02:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/300cd30958a4d8bb4c14f267e6da68602a4c545127faad6abaac307fa5d74653/analysis/1443888011/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f9-a158-40bf-bfc0-4d96950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:33.000Z",
|
|
"modified": "2015-12-22T14:02:33.000Z",
|
|
"description": "- Xchecked via VT: 574eea673e2b2aca01307ec65d26b20b",
|
|
"pattern": "[file:hashes.SHA256 = '1981dbfe71f904c72c393502e71a9d841dbc37b40a919b827e8efd9e95a53b2e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f9-40b8-445d-9faa-47d9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:33.000Z",
|
|
"modified": "2015-12-22T14:02:33.000Z",
|
|
"description": "- Xchecked via VT: 574eea673e2b2aca01307ec65d26b20b",
|
|
"pattern": "[file:hashes.SHA1 = '36c42664f88579022092b87fe0780876392d27d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f9-5120-4f32-bd1c-43ba950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:33.000Z",
|
|
"modified": "2015-12-22T14:02:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1981dbfe71f904c72c393502e71a9d841dbc37b40a919b827e8efd9e95a53b2e/analysis/1445864400/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f9-ec14-4f3f-acf3-42aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:33.000Z",
|
|
"modified": "2015-12-22T14:02:33.000Z",
|
|
"description": "- Xchecked via VT: 7c31b998e268425d63f7afc7b531fe96",
|
|
"pattern": "[file:hashes.SHA256 = '02e94cbc86d8349d78493e01b72878e4171fabf4b26621e8a0a0318c96580311']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957f9-fda8-4380-9ead-4843950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:33.000Z",
|
|
"modified": "2015-12-22T14:02:33.000Z",
|
|
"description": "- Xchecked via VT: 7c31b998e268425d63f7afc7b531fe96",
|
|
"pattern": "[file:hashes.SHA1 = '66788292960b2129557baaa2300bdb6af966b242']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fa-31c8-47c1-983f-4708950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:34.000Z",
|
|
"modified": "2015-12-22T14:02:34.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/02e94cbc86d8349d78493e01b72878e4171fabf4b26621e8a0a0318c96580311/analysis/1450636072/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fa-b328-4834-b10e-4d70950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:34.000Z",
|
|
"modified": "2015-12-22T14:02:34.000Z",
|
|
"description": "- Xchecked via VT: ff0cd8fa2dbe2fae51a86c18c8a75a0f",
|
|
"pattern": "[file:hashes.SHA256 = '3a7af495745fcdfb54846070b44dfa847a7b198d09dabfd3fbd349484b979046']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fa-6a08-4d9c-9b0f-46e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:34.000Z",
|
|
"modified": "2015-12-22T14:02:34.000Z",
|
|
"description": "- Xchecked via VT: ff0cd8fa2dbe2fae51a86c18c8a75a0f",
|
|
"pattern": "[file:hashes.SHA1 = 'eba3ca0a884559a9b573c7d2d6da7174c7ac2f9a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fb-97e8-4b68-8dce-464a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:35.000Z",
|
|
"modified": "2015-12-22T14:02:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3a7af495745fcdfb54846070b44dfa847a7b198d09dabfd3fbd349484b979046/analysis/1444054679/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fb-f574-48b7-8c0e-4154950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:35.000Z",
|
|
"modified": "2015-12-22T14:02:35.000Z",
|
|
"description": "- Xchecked via VT: 029c96d902df2700d38cae47bcc378b5",
|
|
"pattern": "[file:hashes.SHA256 = '5420c35e19c21b163553c414301f26496b825be717106de59619936cdd6727b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fb-549c-4353-a4a3-4156950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:35.000Z",
|
|
"modified": "2015-12-22T14:02:35.000Z",
|
|
"description": "- Xchecked via VT: 029c96d902df2700d38cae47bcc378b5",
|
|
"pattern": "[file:hashes.SHA1 = 'f55b1a01b358874ba1e1eefea01947757ccfb15b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fb-bee4-4142-8051-4d0b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:35.000Z",
|
|
"modified": "2015-12-22T14:02:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5420c35e19c21b163553c414301f26496b825be717106de59619936cdd6727b1/analysis/1446810480/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fc-1bcc-48d8-8eb0-4886950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:36.000Z",
|
|
"modified": "2015-12-22T14:02:36.000Z",
|
|
"description": "- Xchecked via VT: 8b489b2b104334cf74996b6a11818dd7",
|
|
"pattern": "[file:hashes.SHA256 = '32840eda23c3020f3595e3c0157560a99e61781a185b3a147de83810ce04ee52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fc-5710-4d96-ace1-4c30950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:36.000Z",
|
|
"modified": "2015-12-22T14:02:36.000Z",
|
|
"description": "- Xchecked via VT: 8b489b2b104334cf74996b6a11818dd7",
|
|
"pattern": "[file:hashes.SHA1 = '7cb4469bb92dcea2038b29db910e65b36e13c9ff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fc-5bc0-4a7e-9217-4044950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:36.000Z",
|
|
"modified": "2015-12-22T14:02:36.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/32840eda23c3020f3595e3c0157560a99e61781a185b3a147de83810ce04ee52/analysis/1447151612/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fd-68e4-4b2f-bfed-4756950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:37.000Z",
|
|
"modified": "2015-12-22T14:02:37.000Z",
|
|
"description": "- Xchecked via VT: e1daffe8ae442cd982e9711fd30fa97c",
|
|
"pattern": "[file:hashes.SHA256 = 'f48cff35508ec9713947abe2f32f397d337c7795df67b5a57915337559047f36']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fd-7508-41a6-a2d2-438c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:37.000Z",
|
|
"modified": "2015-12-22T14:02:37.000Z",
|
|
"description": "- Xchecked via VT: e1daffe8ae442cd982e9711fd30fa97c",
|
|
"pattern": "[file:hashes.SHA1 = '040cd3c44a1d4bb6a81322859f465ba9c5577ce6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fd-3230-49c4-adea-45ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:37.000Z",
|
|
"modified": "2015-12-22T14:02:37.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f48cff35508ec9713947abe2f32f397d337c7795df67b5a57915337559047f36/analysis/1443767127/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fd-f5f8-4a3f-8faa-4815950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:37.000Z",
|
|
"modified": "2015-12-22T14:02:37.000Z",
|
|
"description": "- Xchecked via VT: bdc8aaebc1823dd6b7cf906c1414fd17",
|
|
"pattern": "[file:hashes.SHA256 = '7ffdf6260ae3f4933f5988aeeaef5ffb428cb9abcab165000d39f70adb4d87d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fe-d8d8-49e3-b4e0-4583950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:38.000Z",
|
|
"modified": "2015-12-22T14:02:38.000Z",
|
|
"description": "- Xchecked via VT: bdc8aaebc1823dd6b7cf906c1414fd17",
|
|
"pattern": "[file:hashes.SHA1 = 'ce92754f65936d87a49bb66f1a2751e120e5e309']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fe-e0cc-4995-a679-4545950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:38.000Z",
|
|
"modified": "2015-12-22T14:02:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7ffdf6260ae3f4933f5988aeeaef5ffb428cb9abcab165000d39f70adb4d87d3/analysis/1446810738/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957fe-4824-4815-b242-4224950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:38.000Z",
|
|
"modified": "2015-12-22T14:02:38.000Z",
|
|
"description": "- Xchecked via VT: 8a2c5ea4fb75b3b9d0d8081aed650b8e",
|
|
"pattern": "[file:hashes.SHA256 = '79b5fe7308627f390ac2b47b8a9a10c3368e35067e653171edd9149944d53a85']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ff-5d0c-4592-937c-48ab950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:39.000Z",
|
|
"modified": "2015-12-22T14:02:39.000Z",
|
|
"description": "- Xchecked via VT: 8a2c5ea4fb75b3b9d0d8081aed650b8e",
|
|
"pattern": "[file:hashes.SHA1 = '5ea0b002c90fb24afae8093aa8007dcb1b89c66c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ff-c8d0-4b46-b628-47df950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:39.000Z",
|
|
"modified": "2015-12-22T14:02:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/79b5fe7308627f390ac2b47b8a9a10c3368e35067e653171edd9149944d53a85/analysis/1445007659/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567957ff-80e0-4555-8a7e-4b14950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:39.000Z",
|
|
"modified": "2015-12-22T14:02:39.000Z",
|
|
"description": "- Xchecked via VT: ede358e7e1165d55bdbac0faa3004542",
|
|
"pattern": "[file:hashes.SHA256 = '3758b476d0d1117976bf60f3db0a4f22e655c50cf879587361b67502dd95750d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795800-8d8c-412a-aa15-4096950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:40.000Z",
|
|
"modified": "2015-12-22T14:02:40.000Z",
|
|
"description": "- Xchecked via VT: ede358e7e1165d55bdbac0faa3004542",
|
|
"pattern": "[file:hashes.SHA1 = 'a4c7b0c00ccc3350eac60889ddb780cf762adfcf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795800-d104-4a00-ad02-47c1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:40.000Z",
|
|
"modified": "2015-12-22T14:02:40.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3758b476d0d1117976bf60f3db0a4f22e655c50cf879587361b67502dd95750d/analysis/1444934281/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795800-1eb0-4b06-b745-4e85950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:40.000Z",
|
|
"modified": "2015-12-22T14:02:40.000Z",
|
|
"description": "- Xchecked via VT: 985d2aaef96f2e94278b9219bcfb2431",
|
|
"pattern": "[file:hashes.SHA256 = '3938f9806c629d4efdd7c8de6f35dbe4b9bb74ad0094f916be97979cd9a90d11']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795800-aa90-4b50-8444-43e7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:40.000Z",
|
|
"modified": "2015-12-22T14:02:40.000Z",
|
|
"description": "- Xchecked via VT: 985d2aaef96f2e94278b9219bcfb2431",
|
|
"pattern": "[file:hashes.SHA1 = '332afdcbebfc1dff63a7b4c4815e35ea62e330cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795801-8474-48c5-9a26-4fdb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:41.000Z",
|
|
"modified": "2015-12-22T14:02:41.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3938f9806c629d4efdd7c8de6f35dbe4b9bb74ad0094f916be97979cd9a90d11/analysis/1446808402/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795801-b8c4-45f8-a144-47f4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:41.000Z",
|
|
"modified": "2015-12-22T14:02:41.000Z",
|
|
"description": "- Xchecked via VT: 2450e25efa8c5b77a58b2316b5df0dae",
|
|
"pattern": "[file:hashes.SHA256 = '817470c142d24219fc7743bd746df49b26e76e693e6efba50f27ca89c57d32f2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795801-b674-4288-bfb6-4b40950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:41.000Z",
|
|
"modified": "2015-12-22T14:02:41.000Z",
|
|
"description": "- Xchecked via VT: 2450e25efa8c5b77a58b2316b5df0dae",
|
|
"pattern": "[file:hashes.SHA1 = '49e0b250ea020e3b9436e5cb9fb8f32428dddd3f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795802-79c4-43e7-9d97-430a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:42.000Z",
|
|
"modified": "2015-12-22T14:02:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/817470c142d24219fc7743bd746df49b26e76e693e6efba50f27ca89c57d32f2/analysis/1444910375/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795802-1520-48a7-b209-4f49950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:42.000Z",
|
|
"modified": "2015-12-22T14:02:42.000Z",
|
|
"description": "- Xchecked via VT: 012f3a1bb9dd02af17c8fbc99556fcea",
|
|
"pattern": "[file:hashes.SHA256 = 'c690907c3e8057c6da1947c619483373d8878a2765d1736d47ed4a7dd95e83db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795802-8a7c-4b97-9559-4f37950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:42.000Z",
|
|
"modified": "2015-12-22T14:02:42.000Z",
|
|
"description": "- Xchecked via VT: 012f3a1bb9dd02af17c8fbc99556fcea",
|
|
"pattern": "[file:hashes.SHA1 = 'd37052d0389088105fa5bfab6f86f07763771212']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795802-db0c-4b50-b0aa-4a54950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:42.000Z",
|
|
"modified": "2015-12-22T14:02:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c690907c3e8057c6da1947c619483373d8878a2765d1736d47ed4a7dd95e83db/analysis/1446814386/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795803-f920-4303-b655-4fea950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:43.000Z",
|
|
"modified": "2015-12-22T14:02:43.000Z",
|
|
"description": "- Xchecked via VT: ce005e2652ef51b1b549501080c588e1",
|
|
"pattern": "[file:hashes.SHA256 = '520a9fbf8bf5188c9bd717e6361d7e407a4dddbe6c8deb75115d4177ec7fb0d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795803-f2a8-4c49-82e6-4ad0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:43.000Z",
|
|
"modified": "2015-12-22T14:02:43.000Z",
|
|
"description": "- Xchecked via VT: ce005e2652ef51b1b549501080c588e1",
|
|
"pattern": "[file:hashes.SHA1 = '08ecc22a090913f6b263ccc736502ac42aafb674']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795803-6854-4e3c-b2f4-4db8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:43.000Z",
|
|
"modified": "2015-12-22T14:02:43.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/520a9fbf8bf5188c9bd717e6361d7e407a4dddbe6c8deb75115d4177ec7fb0d0/analysis/1447690136/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795804-16bc-4b8b-8743-4e22950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:44.000Z",
|
|
"modified": "2015-12-22T14:02:44.000Z",
|
|
"description": "- Xchecked via VT: 4c823202db8c1e81719abba4f387e694",
|
|
"pattern": "[file:hashes.SHA256 = '77028b2917f6a0817f4f4e80614c1df32ea9a6051a44e42bd9a7aa7b602f5fcc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795804-ea3c-4e86-9846-46b7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:44.000Z",
|
|
"modified": "2015-12-22T14:02:44.000Z",
|
|
"description": "- Xchecked via VT: 4c823202db8c1e81719abba4f387e694",
|
|
"pattern": "[file:hashes.SHA1 = 'f6ca16da1a2c6ef1ebcc1f901e4aaacd6a4b174a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795804-81d4-4740-bdf3-481c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:44.000Z",
|
|
"modified": "2015-12-22T14:02:44.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/77028b2917f6a0817f4f4e80614c1df32ea9a6051a44e42bd9a7aa7b602f5fcc/analysis/1446813473/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795805-9c54-41bb-9952-4590950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:45.000Z",
|
|
"modified": "2015-12-22T14:02:45.000Z",
|
|
"description": "- Xchecked via VT: adeeeb322d2001e50404948c1e5d054f",
|
|
"pattern": "[file:hashes.SHA256 = 'c538689394f4f5201be87ae1c3d5d1681fc45f095fd12d9f20f31d1012e997ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795805-7b68-4e4b-9654-468c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:45.000Z",
|
|
"modified": "2015-12-22T14:02:45.000Z",
|
|
"description": "- Xchecked via VT: adeeeb322d2001e50404948c1e5d054f",
|
|
"pattern": "[file:hashes.SHA1 = '7835b7598b3bcb1eabea89f325953fcfffa0cbe5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795805-ac84-46ab-a972-430e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:45.000Z",
|
|
"modified": "2015-12-22T14:02:45.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c538689394f4f5201be87ae1c3d5d1681fc45f095fd12d9f20f31d1012e997ed/analysis/1450761138/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795805-a7e8-4f99-b852-4ef6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:45.000Z",
|
|
"modified": "2015-12-22T14:02:45.000Z",
|
|
"description": "- Xchecked via VT: aee5b8a559dc7b83d9ebb526f63c27be",
|
|
"pattern": "[file:hashes.SHA256 = '9a6920d0f3ad61fad64f46964f725902921fb884f90054a20bc45581071f572c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795806-2bdc-4636-bda8-4b87950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:46.000Z",
|
|
"modified": "2015-12-22T14:02:46.000Z",
|
|
"description": "- Xchecked via VT: aee5b8a559dc7b83d9ebb526f63c27be",
|
|
"pattern": "[file:hashes.SHA1 = '336e591de92fdd02708635f271e0b08fc7e21afe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795806-2778-4c3c-b287-4b33950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:46.000Z",
|
|
"modified": "2015-12-22T14:02:46.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9a6920d0f3ad61fad64f46964f725902921fb884f90054a20bc45581071f572c/analysis/1446904520/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795806-29b8-4854-a7f1-4b96950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:46.000Z",
|
|
"modified": "2015-12-22T14:02:46.000Z",
|
|
"description": "- Xchecked via VT: 9aa4ed7d47cca9ffb7d3c847dbb2bd0d",
|
|
"pattern": "[file:hashes.SHA256 = '44f0d7bec502112e70fce6c2212c55dfee08ed8115584dd30b49708c5158b15b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795807-e0b4-4745-b228-4b86950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:47.000Z",
|
|
"modified": "2015-12-22T14:02:47.000Z",
|
|
"description": "- Xchecked via VT: 9aa4ed7d47cca9ffb7d3c847dbb2bd0d",
|
|
"pattern": "[file:hashes.SHA1 = 'dfe54d206503fd177c07b560917a72f8389035e0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795807-a260-43f8-93c3-4f03950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:47.000Z",
|
|
"modified": "2015-12-22T14:02:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/44f0d7bec502112e70fce6c2212c55dfee08ed8115584dd30b49708c5158b15b/analysis/1445940348/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795807-29ec-4058-a56c-4adc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:47.000Z",
|
|
"modified": "2015-12-22T14:02:47.000Z",
|
|
"description": "- Xchecked via VT: 4cc6cc9be6208f5e48c71f81157c9eb0",
|
|
"pattern": "[file:hashes.SHA256 = 'd9cff87c6846a468660f87fa6193f43f080407ee9aa403cef4133f8da1c39bc1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795807-01f8-4b6d-8b10-4a5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:47.000Z",
|
|
"modified": "2015-12-22T14:02:47.000Z",
|
|
"description": "- Xchecked via VT: 4cc6cc9be6208f5e48c71f81157c9eb0",
|
|
"pattern": "[file:hashes.SHA1 = '363358002e823af5d63807f40fe67a5a6627bb40']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795808-bc14-4763-ad4e-4fd0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:48.000Z",
|
|
"modified": "2015-12-22T14:02:48.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d9cff87c6846a468660f87fa6193f43f080407ee9aa403cef4133f8da1c39bc1/analysis/1445946454/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795808-530c-4d71-bb38-44a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:48.000Z",
|
|
"modified": "2015-12-22T14:02:48.000Z",
|
|
"description": "- Xchecked via VT: f583e3e4564a8a96cd4430f0caecb134",
|
|
"pattern": "[file:hashes.SHA256 = '6f1dcfbb6bab544f4ff9ab6c549919e20651b47ac9498b3c6735fa35eb8566fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795808-ec34-434e-9cee-48bc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:48.000Z",
|
|
"modified": "2015-12-22T14:02:48.000Z",
|
|
"description": "- Xchecked via VT: f583e3e4564a8a96cd4430f0caecb134",
|
|
"pattern": "[file:hashes.SHA1 = '9ce051f437c4df865ac68546a404c40a0c4c93cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795809-9d78-43d7-a9ce-4b5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:49.000Z",
|
|
"modified": "2015-12-22T14:02:49.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6f1dcfbb6bab544f4ff9ab6c549919e20651b47ac9498b3c6735fa35eb8566fa/analysis/1445948473/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795809-e19c-4e58-be18-49a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:49.000Z",
|
|
"modified": "2015-12-22T14:02:49.000Z",
|
|
"description": "- Xchecked via VT: 07d17b9d0be845d0abda27e68ea0dcf8",
|
|
"pattern": "[file:hashes.SHA256 = 'e2ffe22f360c809f2e8293c8c859cad85f58b89ef49de7eba9d078b52967e2cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795809-1e94-40e8-8f1b-4369950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:49.000Z",
|
|
"modified": "2015-12-22T14:02:49.000Z",
|
|
"description": "- Xchecked via VT: 07d17b9d0be845d0abda27e68ea0dcf8",
|
|
"pattern": "[file:hashes.SHA1 = 'ba614074750eceba4097c9d51d1293eda3059db5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580a-8518-4357-8c29-4f8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:50.000Z",
|
|
"modified": "2015-12-22T14:02:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e2ffe22f360c809f2e8293c8c859cad85f58b89ef49de7eba9d078b52967e2cc/analysis/1450761197/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580a-eafc-4356-9dbf-44a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:50.000Z",
|
|
"modified": "2015-12-22T14:02:50.000Z",
|
|
"description": "- Xchecked via VT: df9c2e9708c9fe9f59a899a16342ffb1",
|
|
"pattern": "[file:hashes.SHA256 = '5e8be3fd592451bc4793d9a58e863bf120419c7871cc76800a0844968092d291']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580a-357c-456a-b8e2-4ebd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:50.000Z",
|
|
"modified": "2015-12-22T14:02:50.000Z",
|
|
"description": "- Xchecked via VT: df9c2e9708c9fe9f59a899a16342ffb1",
|
|
"pattern": "[file:hashes.SHA1 = '5a314141dbe2a0014fc0979c081a3ddc886706a5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580a-5dd0-4419-88a2-4755950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:50.000Z",
|
|
"modified": "2015-12-22T14:02:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5e8be3fd592451bc4793d9a58e863bf120419c7871cc76800a0844968092d291/analysis/1447601050/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580b-4ca0-4cee-99a2-49d2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:51.000Z",
|
|
"modified": "2015-12-22T14:02:51.000Z",
|
|
"description": "- Xchecked via VT: c06688b0c9a2b3a653bb9b4dacb07810",
|
|
"pattern": "[file:hashes.SHA256 = 'e7b4461b6a15f1baa268ae3176ad3447152ace09b9fb914ec203de444b0f9343']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580b-a258-456d-b1eb-4e43950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:51.000Z",
|
|
"modified": "2015-12-22T14:02:51.000Z",
|
|
"description": "- Xchecked via VT: c06688b0c9a2b3a653bb9b4dacb07810",
|
|
"pattern": "[file:hashes.SHA1 = '99419c0229299581890bfc934d76fabc60db895b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580b-ec10-4258-a44c-44cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:51.000Z",
|
|
"modified": "2015-12-22T14:02:51.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e7b4461b6a15f1baa268ae3176ad3447152ace09b9fb914ec203de444b0f9343/analysis/1444718997/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580c-f070-486d-a861-49e2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:52.000Z",
|
|
"modified": "2015-12-22T14:02:52.000Z",
|
|
"description": "- Xchecked via VT: 3657e992dd18a6c2b7319ea9f15407b4",
|
|
"pattern": "[file:hashes.SHA256 = 'ed7316c312d0a4996e8584018fa039cdca20b4de195851bfb0b22cb5e1759760']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580c-1318-45ac-bc27-4ac5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:52.000Z",
|
|
"modified": "2015-12-22T14:02:52.000Z",
|
|
"description": "- Xchecked via VT: 3657e992dd18a6c2b7319ea9f15407b4",
|
|
"pattern": "[file:hashes.SHA1 = '48b5cb94b2252369b7efd11c22760a1b9fef5c9c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580c-ffbc-4d15-95cb-4534950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:52.000Z",
|
|
"modified": "2015-12-22T14:02:52.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ed7316c312d0a4996e8584018fa039cdca20b4de195851bfb0b22cb5e1759760/analysis/1444862270/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580c-d6d4-4607-af6b-47a9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:52.000Z",
|
|
"modified": "2015-12-22T14:02:52.000Z",
|
|
"description": "- Xchecked via VT: c4845723d687c48f4f9b6deb120fab69",
|
|
"pattern": "[file:hashes.SHA256 = '4e9eade1fc1bbb0821b56003c8799dbd263c9086957a483686b7f214dcecd3d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580d-89cc-4fb7-9079-4d85950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:53.000Z",
|
|
"modified": "2015-12-22T14:02:53.000Z",
|
|
"description": "- Xchecked via VT: c4845723d687c48f4f9b6deb120fab69",
|
|
"pattern": "[file:hashes.SHA1 = '12388868a40e32515c04fff5d71d2f809cdcf7a4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580d-2c70-43c8-be46-420c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:53.000Z",
|
|
"modified": "2015-12-22T14:02:53.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/4e9eade1fc1bbb0821b56003c8799dbd263c9086957a483686b7f214dcecd3d7/analysis/1446814138/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580d-105c-4871-8d68-4bf1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:53.000Z",
|
|
"modified": "2015-12-22T14:02:53.000Z",
|
|
"description": "- Xchecked via VT: 2d012a6119325886c84a2742b3b4d7a5",
|
|
"pattern": "[file:hashes.SHA256 = '9063d269794d0b63f509b23eb783236ca667c12780344d49dd1ea49e4f670192']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580e-a260-4b27-aee9-4c61950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:54.000Z",
|
|
"modified": "2015-12-22T14:02:54.000Z",
|
|
"description": "- Xchecked via VT: 2d012a6119325886c84a2742b3b4d7a5",
|
|
"pattern": "[file:hashes.SHA1 = 'c52508219568880988328317d4c773c3cd193998']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580e-19cc-4c70-8f3f-4e94950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:54.000Z",
|
|
"modified": "2015-12-22T14:02:54.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9063d269794d0b63f509b23eb783236ca667c12780344d49dd1ea49e4f670192/analysis/1445244921/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580e-c6ec-4477-b48c-4e50950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:54.000Z",
|
|
"modified": "2015-12-22T14:02:54.000Z",
|
|
"description": "- Xchecked via VT: b585c430b052dfc82a3367a85e2fb4c2",
|
|
"pattern": "[file:hashes.SHA256 = '438cf7c934f81c855e5fe252a4017df26369c1f60190b24c1e22c94a63ff36cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580f-1330-40b2-bdad-4f00950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:55.000Z",
|
|
"modified": "2015-12-22T14:02:55.000Z",
|
|
"description": "- Xchecked via VT: b585c430b052dfc82a3367a85e2fb4c2",
|
|
"pattern": "[file:hashes.SHA1 = 'c8485e68947cbcd8e88b54d5c9bc34f67ec9db5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580f-7d00-4015-a677-4f20950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:55.000Z",
|
|
"modified": "2015-12-22T14:02:55.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/438cf7c934f81c855e5fe252a4017df26369c1f60190b24c1e22c94a63ff36cc/analysis/1445948472/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580f-b1f4-472a-a3e2-4e8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:55.000Z",
|
|
"modified": "2015-12-22T14:02:55.000Z",
|
|
"description": "- Xchecked via VT: 349edee80a63d009e076b5e70341093a",
|
|
"pattern": "[file:hashes.SHA256 = '2440915a45e7ec7f1e70d83e19482311444a355975bec0eaf95e9e73b95f36ec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679580f-6954-425b-b34f-4c43950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:55.000Z",
|
|
"modified": "2015-12-22T14:02:55.000Z",
|
|
"description": "- Xchecked via VT: 349edee80a63d009e076b5e70341093a",
|
|
"pattern": "[file:hashes.SHA1 = 'b14d0bd245a14e6726c17292f8f419b56fac50be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795810-c7e4-4129-91d6-4490950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:56.000Z",
|
|
"modified": "2015-12-22T14:02:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2440915a45e7ec7f1e70d83e19482311444a355975bec0eaf95e9e73b95f36ec/analysis/1447152341/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795810-3b04-432d-9c24-4290950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:56.000Z",
|
|
"modified": "2015-12-22T14:02:56.000Z",
|
|
"description": "- Xchecked via VT: 313bd26294600e92be1d479f76158444",
|
|
"pattern": "[file:hashes.SHA256 = '7f896c68b5a938ded22a93d9e0135cbe94ca0d63547e3f55a7d9e1168e3f2230']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795810-6bd0-4122-b1f4-433f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:56.000Z",
|
|
"modified": "2015-12-22T14:02:56.000Z",
|
|
"description": "- Xchecked via VT: 313bd26294600e92be1d479f76158444",
|
|
"pattern": "[file:hashes.SHA1 = '88b7c1d0e806ae18afd1e34fe948a46715f13f34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795810-e5ac-44b3-9c2f-4e57950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:56.000Z",
|
|
"modified": "2015-12-22T14:02:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7f896c68b5a938ded22a93d9e0135cbe94ca0d63547e3f55a7d9e1168e3f2230/analysis/1446113101/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795811-b300-4dcd-b469-4b8c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:57.000Z",
|
|
"modified": "2015-12-22T14:02:57.000Z",
|
|
"description": "- Xchecked via VT: aab7cfcf19c427cbb04efbe7c930413a",
|
|
"pattern": "[file:hashes.SHA256 = 'e45651f74ef85538d49a8b9a5aa0e384e3d36da85c227530b30a72f3dfbefa43']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795811-b8c8-42b8-b550-48ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:57.000Z",
|
|
"modified": "2015-12-22T14:02:57.000Z",
|
|
"description": "- Xchecked via VT: aab7cfcf19c427cbb04efbe7c930413a",
|
|
"pattern": "[file:hashes.SHA1 = '6762ccaf9e99c8efefd08a2a05fac2ad4e08c276']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795811-d3e8-49f4-a0ad-4d6d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:57.000Z",
|
|
"modified": "2015-12-22T14:02:57.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e45651f74ef85538d49a8b9a5aa0e384e3d36da85c227530b30a72f3dfbefa43/analysis/1444878689/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795812-4f18-442e-9366-45e1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:58.000Z",
|
|
"modified": "2015-12-22T14:02:58.000Z",
|
|
"description": "- Xchecked via VT: acd6bf813faa734f25abfc8d164d20a1",
|
|
"pattern": "[file:hashes.SHA256 = '014271423d010cb2090f79346ab8abaeb54390672d2393b9fa1ebb0d780e6b5c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795812-03f8-4eea-ab27-440a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:58.000Z",
|
|
"modified": "2015-12-22T14:02:58.000Z",
|
|
"description": "- Xchecked via VT: acd6bf813faa734f25abfc8d164d20a1",
|
|
"pattern": "[file:hashes.SHA1 = '81a4852fe8b4c06e8b61b1c6982989787500b37a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795812-9e28-44f1-aa69-42b6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:58.000Z",
|
|
"modified": "2015-12-22T14:02:58.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/014271423d010cb2090f79346ab8abaeb54390672d2393b9fa1ebb0d780e6b5c/analysis/1447787804/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795813-8e14-430b-a8a7-48b8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:59.000Z",
|
|
"modified": "2015-12-22T14:02:59.000Z",
|
|
"description": "- Xchecked via VT: 3cd02b51a59da276ecfb39fcebc5cebc",
|
|
"pattern": "[file:hashes.SHA256 = '14d2fbbda144a3a48e37624dafb688cbe9ad46042a2c860e3ba58b9d469a28bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795813-b070-4fe9-a5c3-4ab9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:59.000Z",
|
|
"modified": "2015-12-22T14:02:59.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/14d2fbbda144a3a48e37624dafb688cbe9ad46042a2c860e3ba58b9d469a28bf/analysis/1446022136/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795813-e05c-49e9-b06e-4a85950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:02:59.000Z",
|
|
"modified": "2015-12-22T14:02:59.000Z",
|
|
"description": "- Xchecked via VT: ae3084ae9df3477008f19bb1a80c7764",
|
|
"pattern": "[file:hashes.SHA256 = '2bf711ed80cb221597875ee652d135a50e5697c210c29606b8529202be13127d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:02:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795814-0c6c-4dfd-8d16-4872950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:00.000Z",
|
|
"modified": "2015-12-22T14:03:00.000Z",
|
|
"description": "- Xchecked via VT: ae3084ae9df3477008f19bb1a80c7764",
|
|
"pattern": "[file:hashes.SHA1 = '494c6d4fec73fe1b32449cbde7c0df8781d02ec1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795814-c3cc-48c4-affc-4a5b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:00.000Z",
|
|
"modified": "2015-12-22T14:03:00.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2bf711ed80cb221597875ee652d135a50e5697c210c29606b8529202be13127d/analysis/1450717496/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795814-bf88-4349-b7c7-4ff3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:00.000Z",
|
|
"modified": "2015-12-22T14:03:00.000Z",
|
|
"description": "- Xchecked via VT: 977b525027037206b59da2567fdf54ec",
|
|
"pattern": "[file:hashes.SHA256 = '09910b84c26e932d0c3e4fa6e096e133b093ba44853b9e273953bdeccf3e5bbd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795815-067c-4ebc-98c2-4d75950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:01.000Z",
|
|
"modified": "2015-12-22T14:03:01.000Z",
|
|
"description": "- Xchecked via VT: 977b525027037206b59da2567fdf54ec",
|
|
"pattern": "[file:hashes.SHA1 = '69a5cd8928a47a5cc35e6cb3b823f48dd9fa15a5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795815-32c4-4450-952b-4d15950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:01.000Z",
|
|
"modified": "2015-12-22T14:03:01.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/09910b84c26e932d0c3e4fa6e096e133b093ba44853b9e273953bdeccf3e5bbd/analysis/1445358189/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795815-3100-4728-b9d3-4b8f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:01.000Z",
|
|
"modified": "2015-12-22T14:03:01.000Z",
|
|
"description": "- Xchecked via VT: 750d28ef4eec9f70a7a43a31a47698c8",
|
|
"pattern": "[file:hashes.SHA256 = '97014ba2d6bb9a14a69ba9a72a80e861f9882d674c7e58cdd585878ba2677265']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795815-3a04-4414-a283-48b3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:01.000Z",
|
|
"modified": "2015-12-22T14:03:01.000Z",
|
|
"description": "- Xchecked via VT: 750d28ef4eec9f70a7a43a31a47698c8",
|
|
"pattern": "[file:hashes.SHA1 = 'cdbd594f2ef1228d95011631d94ff191622f914b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795815-f50c-445f-9600-4f13950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:01.000Z",
|
|
"modified": "2015-12-22T14:03:01.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/97014ba2d6bb9a14a69ba9a72a80e861f9882d674c7e58cdd585878ba2677265/analysis/1446814119/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795816-5a64-419d-b34a-4089950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:02.000Z",
|
|
"modified": "2015-12-22T14:03:02.000Z",
|
|
"description": "- Xchecked via VT: 38bed53c6ff35d1b2b574c491cddbb29",
|
|
"pattern": "[file:hashes.SHA256 = '19e8540ebc979613c9fc43a51882ac9bd45278d57a2cfe68c9b35686b0d3966f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795816-ea60-45fa-8108-4e6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:02.000Z",
|
|
"modified": "2015-12-22T14:03:02.000Z",
|
|
"description": "- Xchecked via VT: 38bed53c6ff35d1b2b574c491cddbb29",
|
|
"pattern": "[file:hashes.SHA1 = '107b2492ce6bbaf31b96f09fe1b254b6dcf7bac7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795816-1d40-4001-9f93-420e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:02.000Z",
|
|
"modified": "2015-12-22T14:03:02.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/19e8540ebc979613c9fc43a51882ac9bd45278d57a2cfe68c9b35686b0d3966f/analysis/1444966571/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795817-f280-48b9-92e3-4f3b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:03.000Z",
|
|
"modified": "2015-12-22T14:03:03.000Z",
|
|
"description": "- Xchecked via VT: 285b6edcd3e761534a6177c309f3c8c4",
|
|
"pattern": "[file:hashes.SHA256 = '9f9963cbfd1d7358b9dec9884f5f93c694ba0a635fd79f9b0a976d914ec78d1d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795817-692c-45fe-839e-41e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:03.000Z",
|
|
"modified": "2015-12-22T14:03:03.000Z",
|
|
"description": "- Xchecked via VT: 285b6edcd3e761534a6177c309f3c8c4",
|
|
"pattern": "[file:hashes.SHA1 = '9641d3db5079f9d24e1cf4e97a180d3aeb597c25']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795817-9b98-4619-892b-450a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:03.000Z",
|
|
"modified": "2015-12-22T14:03:03.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9f9963cbfd1d7358b9dec9884f5f93c694ba0a635fd79f9b0a976d914ec78d1d/analysis/1445933216/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795817-4300-454d-872c-40a9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:03.000Z",
|
|
"modified": "2015-12-22T14:03:03.000Z",
|
|
"description": "- Xchecked via VT: 33ec3e96e7a965260eb0cd79e7b695b0",
|
|
"pattern": "[file:hashes.SHA256 = '5a7c38acc3be1cde42b79837535b0af4fcbdef90a70d206bdbaa72f37a1ef532']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795818-95e0-4742-964b-4b92950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:04.000Z",
|
|
"modified": "2015-12-22T14:03:04.000Z",
|
|
"description": "- Xchecked via VT: 33ec3e96e7a965260eb0cd79e7b695b0",
|
|
"pattern": "[file:hashes.SHA1 = 'e90733d3762f5632749ddffe2ffde8042351941c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795818-edf0-4ab6-a51e-4965950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:04.000Z",
|
|
"modified": "2015-12-22T14:03:04.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5a7c38acc3be1cde42b79837535b0af4fcbdef90a70d206bdbaa72f37a1ef532/analysis/1445589997/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795818-7f08-41eb-a5dd-4ae9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:04.000Z",
|
|
"modified": "2015-12-22T14:03:04.000Z",
|
|
"description": "- Xchecked via VT: d4d78f6633ab47b53a5c59459d53904d",
|
|
"pattern": "[file:hashes.SHA256 = '9da060be439a114266d363e0dee48da242cd97097522b95e111acdb8d2ff4b0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795819-d734-4aac-a629-4a46950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:05.000Z",
|
|
"modified": "2015-12-22T14:03:05.000Z",
|
|
"description": "- Xchecked via VT: d4d78f6633ab47b53a5c59459d53904d",
|
|
"pattern": "[file:hashes.SHA1 = '0b4f9f78ddc052432e131cb54293a9e624023713']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795819-7b8c-4a59-94a6-4c6f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:05.000Z",
|
|
"modified": "2015-12-22T14:03:05.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9da060be439a114266d363e0dee48da242cd97097522b95e111acdb8d2ff4b0f/analysis/1445948417/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795819-1494-42d1-85a0-48a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:05.000Z",
|
|
"modified": "2015-12-22T14:03:05.000Z",
|
|
"description": "- Xchecked via VT: eb3ebc53c6dee33d5abc3e1ea13f48f3",
|
|
"pattern": "[file:hashes.SHA256 = '76fcd597ae7ccb52c18183a1866239cd5a564ac6f08b5469d1d68338b991ffd5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581a-3b10-4f8a-a216-4609950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:06.000Z",
|
|
"modified": "2015-12-22T14:03:06.000Z",
|
|
"description": "- Xchecked via VT: eb3ebc53c6dee33d5abc3e1ea13f48f3",
|
|
"pattern": "[file:hashes.SHA1 = 'a895daa8202827ccebd117019e85581d09664508']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581a-ab18-42ce-adda-4cb3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:06.000Z",
|
|
"modified": "2015-12-22T14:03:06.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/76fcd597ae7ccb52c18183a1866239cd5a564ac6f08b5469d1d68338b991ffd5/analysis/1443783922/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581a-4b6c-4b2f-b4fb-4c71950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:06.000Z",
|
|
"modified": "2015-12-22T14:03:06.000Z",
|
|
"description": "- Xchecked via VT: 42996c68855c217531126d6729e195dc",
|
|
"pattern": "[file:hashes.SHA256 = 'ce1e6aba5da1edd8a9217c0192f1134e6272702e372d705df1daf6cdfc48f862']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581a-b9c0-4634-b877-458a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:06.000Z",
|
|
"modified": "2015-12-22T14:03:06.000Z",
|
|
"description": "- Xchecked via VT: 42996c68855c217531126d6729e195dc",
|
|
"pattern": "[file:hashes.SHA1 = 'b1f1be6dc7f14ae6eadc6adb403108bc8e5c78cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581b-5c20-418f-8ae1-423d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:07.000Z",
|
|
"modified": "2015-12-22T14:03:07.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ce1e6aba5da1edd8a9217c0192f1134e6272702e372d705df1daf6cdfc48f862/analysis/1446813994/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581b-9a6c-4250-8f3d-4eb5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:07.000Z",
|
|
"modified": "2015-12-22T14:03:07.000Z",
|
|
"description": "- Xchecked via VT: 79765c626ab2b1fa0b5169cc4241595f",
|
|
"pattern": "[file:hashes.SHA256 = '386658d612a1ee621742454e750c68e8c5dc479a263b82068543b8caae29f16f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581b-d9cc-43a7-86fd-4308950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:07.000Z",
|
|
"modified": "2015-12-22T14:03:07.000Z",
|
|
"description": "- Xchecked via VT: 79765c626ab2b1fa0b5169cc4241595f",
|
|
"pattern": "[file:hashes.SHA1 = 'b94c8410940148d848fa0c1a844f805919f76cd8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581c-1728-41c2-a706-4fbf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:08.000Z",
|
|
"modified": "2015-12-22T14:03:08.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/386658d612a1ee621742454e750c68e8c5dc479a263b82068543b8caae29f16f/analysis/1449246865/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581c-b358-4b33-9dd4-4aea950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:08.000Z",
|
|
"modified": "2015-12-22T14:03:08.000Z",
|
|
"description": "- Xchecked via VT: 216a4ba002796e4d664c43f62cbd8e7e",
|
|
"pattern": "[file:hashes.SHA256 = '6946f9a8a4c962b4c173959da32fc61a5ae08cf27d70a5482dcc41f74d55dc6f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581c-2700-477a-93ff-437e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:08.000Z",
|
|
"modified": "2015-12-22T14:03:08.000Z",
|
|
"description": "- Xchecked via VT: 216a4ba002796e4d664c43f62cbd8e7e",
|
|
"pattern": "[file:hashes.SHA1 = '8de1ff6a94c553adcc340eb5c8e4e4d8a74ba139']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581c-dd40-4437-bc35-49d4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:08.000Z",
|
|
"modified": "2015-12-22T14:03:08.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6946f9a8a4c962b4c173959da32fc61a5ae08cf27d70a5482dcc41f74d55dc6f/analysis/1445237420/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581d-c268-4bc5-ba36-40f1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:09.000Z",
|
|
"modified": "2015-12-22T14:03:09.000Z",
|
|
"description": "- Xchecked via VT: 55f89bb173229718c7f4db7d0498b7e3",
|
|
"pattern": "[file:hashes.SHA256 = '74a4412c2d7c819a7b139b35bafbca2b245f96521fd9d00127b2e522bef5c574']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581d-d3a0-4a96-89b5-4fff950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:09.000Z",
|
|
"modified": "2015-12-22T14:03:09.000Z",
|
|
"description": "- Xchecked via VT: 55f89bb173229718c7f4db7d0498b7e3",
|
|
"pattern": "[file:hashes.SHA1 = 'cc22a8fbdd4e6bf0a2cc2fefa324f049331465c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581d-95b0-4066-8fda-460d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:09.000Z",
|
|
"modified": "2015-12-22T14:03:09.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/74a4412c2d7c819a7b139b35bafbca2b245f96521fd9d00127b2e522bef5c574/analysis/1443650736/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581e-d700-4a01-91fd-4f34950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:10.000Z",
|
|
"modified": "2015-12-22T14:03:10.000Z",
|
|
"description": "- Xchecked via VT: afa496ee1ffaba2ba17ddd50f9163bef",
|
|
"pattern": "[file:hashes.SHA256 = 'f97ea502099c1bea8eb36e2f90e94feabf1a79652cd5c0f4384f91f65410aa9f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581e-7154-420b-8206-49e7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:10.000Z",
|
|
"modified": "2015-12-22T14:03:10.000Z",
|
|
"description": "- Xchecked via VT: afa496ee1ffaba2ba17ddd50f9163bef",
|
|
"pattern": "[file:hashes.SHA1 = '9ef5bdf72e16d276cb26833de75708a056512462']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581e-9078-4585-8456-4c44950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:10.000Z",
|
|
"modified": "2015-12-22T14:03:10.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f97ea502099c1bea8eb36e2f90e94feabf1a79652cd5c0f4384f91f65410aa9f/analysis/1447152579/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581f-9148-41f7-839f-4fbf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:11.000Z",
|
|
"modified": "2015-12-22T14:03:11.000Z",
|
|
"description": "- Xchecked via VT: d8ebd38a000a1fddf7979ce8c6c84d98",
|
|
"pattern": "[file:hashes.SHA256 = 'a30a1038bfde5c0506eb08cad156502ebd63ac453fef295721d847368d84c1cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581f-f278-4fd3-8058-4b95950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:11.000Z",
|
|
"modified": "2015-12-22T14:03:11.000Z",
|
|
"description": "- Xchecked via VT: d8ebd38a000a1fddf7979ce8c6c84d98",
|
|
"pattern": "[file:hashes.SHA1 = 'af6d0770077e01ee29b4a3126dfdef30d4d9e85d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581f-aff4-483d-86d2-469b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:11.000Z",
|
|
"modified": "2015-12-22T14:03:11.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a30a1038bfde5c0506eb08cad156502ebd63ac453fef295721d847368d84c1cc/analysis/1445934979/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679581f-8cfc-4379-888c-43aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:11.000Z",
|
|
"modified": "2015-12-22T14:03:11.000Z",
|
|
"description": "- Xchecked via VT: cd2f0d8b5bbe982ac524aa4541c13333",
|
|
"pattern": "[file:hashes.SHA256 = '2d010757bf8b0c70b7d7ff6b41515132eebaa5b0fb644b2c86370738c0865718']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795820-821c-41c8-af36-4953950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:12.000Z",
|
|
"modified": "2015-12-22T14:03:12.000Z",
|
|
"description": "- Xchecked via VT: cd2f0d8b5bbe982ac524aa4541c13333",
|
|
"pattern": "[file:hashes.SHA1 = '2c4614a5424956086fa166e7ad96ce8a18fcaf74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795820-2878-4b8b-8e8f-4657950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:12.000Z",
|
|
"modified": "2015-12-22T14:03:12.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2d010757bf8b0c70b7d7ff6b41515132eebaa5b0fb644b2c86370738c0865718/analysis/1445944747/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795820-249c-425b-9130-4c12950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:12.000Z",
|
|
"modified": "2015-12-22T14:03:12.000Z",
|
|
"description": "- Xchecked via VT: 8c28bb9e17e58a4c9f2365f1d284943a",
|
|
"pattern": "[file:hashes.SHA256 = 'c2014d15154d19c1d270ab2ae3caaac2ed1d41e2621f5873883af01ed4db3c78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795821-96c4-47af-940e-497f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:13.000Z",
|
|
"modified": "2015-12-22T14:03:13.000Z",
|
|
"description": "- Xchecked via VT: 8c28bb9e17e58a4c9f2365f1d284943a",
|
|
"pattern": "[file:hashes.SHA1 = '29d8f3f84aadbf16a10820ce8fa59021418578e6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795821-1e68-40b6-9a89-4a2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:13.000Z",
|
|
"modified": "2015-12-22T14:03:13.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c2014d15154d19c1d270ab2ae3caaac2ed1d41e2621f5873883af01ed4db3c78/analysis/1445949654/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795821-b9bc-4ad5-bcb9-40c5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:13.000Z",
|
|
"modified": "2015-12-22T14:03:13.000Z",
|
|
"description": "- Xchecked via VT: 9da69ad5392c13aeaed98862684511b4",
|
|
"pattern": "[file:hashes.SHA256 = '035a25c9d9ec02a09cfcbcde33d577699685290044dc394df4393681f18fc377']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795821-2d88-40ef-b8fe-4c1e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:13.000Z",
|
|
"modified": "2015-12-22T14:03:13.000Z",
|
|
"description": "- Xchecked via VT: 9da69ad5392c13aeaed98862684511b4",
|
|
"pattern": "[file:hashes.SHA1 = 'a91c09ffad2ea7919cf1e64eed40255414c00a6c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795822-1770-4c2c-ac88-4c5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:14.000Z",
|
|
"modified": "2015-12-22T14:03:14.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/035a25c9d9ec02a09cfcbcde33d577699685290044dc394df4393681f18fc377/analysis/1448109902/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795822-0ba8-45a0-babc-498b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:14.000Z",
|
|
"modified": "2015-12-22T14:03:14.000Z",
|
|
"description": "- Xchecked via VT: 441f4d85a6790041a071e784404e45cf",
|
|
"pattern": "[file:hashes.SHA256 = '777497be96886dd60dc52aeff3e57114d868c7c6f7328850a6ee94fea15670f0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795822-dc48-4602-8110-488e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:14.000Z",
|
|
"modified": "2015-12-22T14:03:14.000Z",
|
|
"description": "- Xchecked via VT: 441f4d85a6790041a071e784404e45cf",
|
|
"pattern": "[file:hashes.SHA1 = '7b58697fec7ec1579442281794d096f97c44d5fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795823-a9ec-495b-aed1-4b5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:15.000Z",
|
|
"modified": "2015-12-22T14:03:15.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/777497be96886dd60dc52aeff3e57114d868c7c6f7328850a6ee94fea15670f0/analysis/1447152380/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795823-0290-4771-8aa9-4126950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:15.000Z",
|
|
"modified": "2015-12-22T14:03:15.000Z",
|
|
"description": "- Xchecked via VT: da12034435fc9e0982d8ed5f9b26e9be",
|
|
"pattern": "[file:hashes.SHA256 = '2a75a94e228d3d0d87e4521e874f44d266f9d52bc5bf8fe9414d81e1b52866f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795823-6f40-40b1-8df0-4792950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:15.000Z",
|
|
"modified": "2015-12-22T14:03:15.000Z",
|
|
"description": "- Xchecked via VT: da12034435fc9e0982d8ed5f9b26e9be",
|
|
"pattern": "[file:hashes.SHA1 = 'feb2ed38263b5c74a4a9531e8228b060585d5295']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795824-7930-43bf-9ca4-40d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:16.000Z",
|
|
"modified": "2015-12-22T14:03:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2a75a94e228d3d0d87e4521e874f44d266f9d52bc5bf8fe9414d81e1b52866f1/analysis/1444904665/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795824-8c44-4b58-9653-4fc7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:16.000Z",
|
|
"modified": "2015-12-22T14:03:16.000Z",
|
|
"description": "- Xchecked via VT: d851f0b10a520bfe72fca0a5796d7a03",
|
|
"pattern": "[file:hashes.SHA256 = 'b687469e3376626fe687a0930ad35c1dce0543da201f97354469c4410a24de5c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795824-f318-4420-9362-4a76950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:16.000Z",
|
|
"modified": "2015-12-22T14:03:16.000Z",
|
|
"description": "- Xchecked via VT: d851f0b10a520bfe72fca0a5796d7a03",
|
|
"pattern": "[file:hashes.SHA1 = '537867740c320f4be9c5e8ac4d9ae336f9de4910']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795824-9c70-424a-9087-4b43950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:16.000Z",
|
|
"modified": "2015-12-22T14:03:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b687469e3376626fe687a0930ad35c1dce0543da201f97354469c4410a24de5c/analysis/1447151709/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795825-2a60-458e-9abe-42fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:17.000Z",
|
|
"modified": "2015-12-22T14:03:17.000Z",
|
|
"description": "- Xchecked via VT: 0df43e770485b4cb5470117addc5d420",
|
|
"pattern": "[file:hashes.SHA256 = '3b3aa8fbe0a194b5744f6ec309485422b3049cc5552b450fefa1e1a860413cf9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795825-9210-4882-af17-4151950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:17.000Z",
|
|
"modified": "2015-12-22T14:03:17.000Z",
|
|
"description": "- Xchecked via VT: 0df43e770485b4cb5470117addc5d420",
|
|
"pattern": "[file:hashes.SHA1 = '3a10f1ac15d9ed4bac8b9102cb48c0155da97596']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795825-5f10-4338-a1bc-4460950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:17.000Z",
|
|
"modified": "2015-12-22T14:03:17.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3b3aa8fbe0a194b5744f6ec309485422b3049cc5552b450fefa1e1a860413cf9/analysis/1447603138/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795826-03bc-4df4-988d-48cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:18.000Z",
|
|
"modified": "2015-12-22T14:03:18.000Z",
|
|
"description": "- Xchecked via VT: 9e467563730bf637e66a30418a310574",
|
|
"pattern": "[file:hashes.SHA256 = '841945cf1080bfe8de52ee9ae8324872081db56f1a5ed020b11f331ac50b5050']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795826-f2f0-4e06-8911-4306950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:18.000Z",
|
|
"modified": "2015-12-22T14:03:18.000Z",
|
|
"description": "- Xchecked via VT: 9e467563730bf637e66a30418a310574",
|
|
"pattern": "[file:hashes.SHA1 = 'c4c9a8035ca1bb0e1aef9f7a1b9718daa2bfb3bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795826-2de0-4fa6-bc3c-4c20950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:18.000Z",
|
|
"modified": "2015-12-22T14:03:18.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/841945cf1080bfe8de52ee9ae8324872081db56f1a5ed020b11f331ac50b5050/analysis/1447585109/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795826-e630-41f4-881c-463b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:18.000Z",
|
|
"modified": "2015-12-22T14:03:18.000Z",
|
|
"description": "- Xchecked via VT: 8f836fc63550e96d55283936a530441a",
|
|
"pattern": "[file:hashes.SHA256 = 'c3479c1f3ab4a43f7142a796834e17b630efee2b9844381ac5ce1f2bb8dda702']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795827-9af8-4881-8d75-4d46950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:19.000Z",
|
|
"modified": "2015-12-22T14:03:19.000Z",
|
|
"description": "- Xchecked via VT: 8f836fc63550e96d55283936a530441a",
|
|
"pattern": "[file:hashes.SHA1 = 'da87fddaef84caad0962058b3308cccce527c166']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795827-4744-4dc4-89f2-42c9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:19.000Z",
|
|
"modified": "2015-12-22T14:03:19.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c3479c1f3ab4a43f7142a796834e17b630efee2b9844381ac5ce1f2bb8dda702/analysis/1450684972/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795827-a238-41ed-9f44-48fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:19.000Z",
|
|
"modified": "2015-12-22T14:03:19.000Z",
|
|
"description": "- Xchecked via VT: 04f327e84e2a3413613186e0e2dac5d4",
|
|
"pattern": "[file:hashes.SHA256 = 'a8a9cda5f319b10b53ef45e684ad6b243a0508e155adc2b9fb9c39429b08521f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795828-ec90-4659-ae89-481d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:20.000Z",
|
|
"modified": "2015-12-22T14:03:20.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a8a9cda5f319b10b53ef45e684ad6b243a0508e155adc2b9fb9c39429b08521f/analysis/1447152751/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795828-62ec-4136-bb88-48ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:20.000Z",
|
|
"modified": "2015-12-22T14:03:20.000Z",
|
|
"description": "- Xchecked via VT: ba64efc386518ae259bc57649ebd7645",
|
|
"pattern": "[file:hashes.SHA256 = '5c5f5715ce3748f4cce0e91b2edbff398eabfc7b930f608860fdafaf91a1a12c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795829-3db0-4307-b7d6-47b1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:21.000Z",
|
|
"modified": "2015-12-22T14:03:21.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5c5f5715ce3748f4cce0e91b2edbff398eabfc7b930f608860fdafaf91a1a12c/analysis/1445864321/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795829-106c-4f06-bb9b-445d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:21.000Z",
|
|
"modified": "2015-12-22T14:03:21.000Z",
|
|
"description": "- Xchecked via VT: 76b05fdf769c411546e285719fec612d",
|
|
"pattern": "[file:hashes.SHA256 = 'ed8f903dc0121aa649a689dc5e8fc7e285c5a58c26bebcb59bc5568cfecc51a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795829-623c-4b1a-8153-4021950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:21.000Z",
|
|
"modified": "2015-12-22T14:03:21.000Z",
|
|
"description": "- Xchecked via VT: 76b05fdf769c411546e285719fec612d",
|
|
"pattern": "[file:hashes.SHA1 = '1d19abeb60262b00839f5840b27ffc6175408ed4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582a-5d70-44f9-9c65-432e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:22.000Z",
|
|
"modified": "2015-12-22T14:03:22.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ed8f903dc0121aa649a689dc5e8fc7e285c5a58c26bebcb59bc5568cfecc51a7/analysis/1445354533/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582a-5f40-4713-8dbc-4c5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:22.000Z",
|
|
"modified": "2015-12-22T14:03:22.000Z",
|
|
"description": "- Xchecked via VT: de7e21e194b54a4ed8539c131f29d019",
|
|
"pattern": "[file:hashes.SHA256 = 'e7743164db33f024eb783390010781cf13f95e194726bdd0f8e5e98e5bab95c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582a-10c4-488b-ad0b-4890950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:22.000Z",
|
|
"modified": "2015-12-22T14:03:22.000Z",
|
|
"description": "- Xchecked via VT: de7e21e194b54a4ed8539c131f29d019",
|
|
"pattern": "[file:hashes.SHA1 = 'a2e585f39bf37e4c6331e71895901e5ace59b4b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582b-cae8-4031-834b-4962950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:23.000Z",
|
|
"modified": "2015-12-22T14:03:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e7743164db33f024eb783390010781cf13f95e194726bdd0f8e5e98e5bab95c9/analysis/1447152782/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582b-f7ec-4283-8266-47f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:23.000Z",
|
|
"modified": "2015-12-22T14:03:23.000Z",
|
|
"description": "- Xchecked via VT: fce7e921dfb86a357ead61514653dff7",
|
|
"pattern": "[file:hashes.SHA256 = 'c193ce1fc2136361ef70f196e9e7e753a69b240491e4847eaec8099223284dca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582b-5dd4-470c-9636-4fbb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:23.000Z",
|
|
"modified": "2015-12-22T14:03:23.000Z",
|
|
"description": "- Xchecked via VT: fce7e921dfb86a357ead61514653dff7",
|
|
"pattern": "[file:hashes.SHA1 = '690780273952fc44684380ab3146b25b64fe6f92']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582b-9490-46b3-a66e-4696950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:23.000Z",
|
|
"modified": "2015-12-22T14:03:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c193ce1fc2136361ef70f196e9e7e753a69b240491e4847eaec8099223284dca/analysis/1447103077/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582c-4ca0-4104-94c8-40c3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:24.000Z",
|
|
"modified": "2015-12-22T14:03:24.000Z",
|
|
"description": "- Xchecked via VT: 336562f4441b590ac0667e7659be73f4",
|
|
"pattern": "[file:hashes.SHA256 = '93ee58ea1eb6e30f09d69139304dc566ea9907c1a05eedbe81bfe62f44902118']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582c-55fc-4b5f-9926-428c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:24.000Z",
|
|
"modified": "2015-12-22T14:03:24.000Z",
|
|
"description": "- Xchecked via VT: 336562f4441b590ac0667e7659be73f4",
|
|
"pattern": "[file:hashes.SHA1 = '288a7074b855187549280390c351b0a6a1a92a10']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582c-e560-4955-8b7b-4cd0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:24.000Z",
|
|
"modified": "2015-12-22T14:03:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/93ee58ea1eb6e30f09d69139304dc566ea9907c1a05eedbe81bfe62f44902118/analysis/1447786987/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582c-70dc-4916-ad70-41fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:24.000Z",
|
|
"modified": "2015-12-22T14:03:24.000Z",
|
|
"description": "- Xchecked via VT: a2819272d2be53a19e0cce53d4932e42",
|
|
"pattern": "[file:hashes.SHA256 = '990464172674b17e1b3180b114131a4406c75305e5cedf1a3f4ed0504bd8de0e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582d-b73c-4d65-b0ef-474d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:25.000Z",
|
|
"modified": "2015-12-22T14:03:25.000Z",
|
|
"description": "- Xchecked via VT: a2819272d2be53a19e0cce53d4932e42",
|
|
"pattern": "[file:hashes.SHA1 = 'bcd0a66e26e0b0c738ca92690a7c9f2f6c189a21']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582d-da68-45bb-bc78-4c0f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:25.000Z",
|
|
"modified": "2015-12-22T14:03:25.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/990464172674b17e1b3180b114131a4406c75305e5cedf1a3f4ed0504bd8de0e/analysis/1443625692/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582d-a9f0-44b9-84c4-48ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:25.000Z",
|
|
"modified": "2015-12-22T14:03:25.000Z",
|
|
"description": "- Xchecked via VT: 88539e45c9853c52ef7349535dd4e41c",
|
|
"pattern": "[file:hashes.SHA256 = 'a1090f648e9807de409361e54beaa0fadf79d0064f0aeff932d9cb8572b80bbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582d-0ce8-4fae-a166-4a89950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:25.000Z",
|
|
"modified": "2015-12-22T14:03:25.000Z",
|
|
"description": "- Xchecked via VT: 88539e45c9853c52ef7349535dd4e41c",
|
|
"pattern": "[file:hashes.SHA1 = '73ea97914b8dbba71807f8d6993e2678ba53fff3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582e-0e20-42a0-9138-43d0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:26.000Z",
|
|
"modified": "2015-12-22T14:03:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a1090f648e9807de409361e54beaa0fadf79d0064f0aeff932d9cb8572b80bbf/analysis/1447602483/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582e-fbb4-43e1-963d-467b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:26.000Z",
|
|
"modified": "2015-12-22T14:03:26.000Z",
|
|
"description": "- Xchecked via VT: 5e9c33e553f94cdb691dc271184ce7c4",
|
|
"pattern": "[file:hashes.SHA256 = '0b42c73e8ac6141b6a69f85f78829174f1915e471a56a7a32e7d8f1fe7b40252']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582e-8c44-4f7f-aa80-40b1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:26.000Z",
|
|
"modified": "2015-12-22T14:03:26.000Z",
|
|
"description": "- Xchecked via VT: 5e9c33e553f94cdb691dc271184ce7c4",
|
|
"pattern": "[file:hashes.SHA1 = '7a56a5570780e6edcd4719dc8e6ae252d5b240c4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582e-b0a0-40f2-9180-45ad950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:26.000Z",
|
|
"modified": "2015-12-22T14:03:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/0b42c73e8ac6141b6a69f85f78829174f1915e471a56a7a32e7d8f1fe7b40252/analysis/1446200574/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582f-dd20-4246-ab55-42c7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:27.000Z",
|
|
"modified": "2015-12-22T14:03:27.000Z",
|
|
"description": "- Xchecked via VT: ed51cdb54b948db32f0398de58b0c0d7",
|
|
"pattern": "[file:hashes.SHA256 = 'bc2927e6cb67a563f584f6f20c89f83e851a0f81588b844e40886ad9def3ce91']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582f-3ac4-4293-9e10-4d29950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:27.000Z",
|
|
"modified": "2015-12-22T14:03:27.000Z",
|
|
"description": "- Xchecked via VT: ed51cdb54b948db32f0398de58b0c0d7",
|
|
"pattern": "[file:hashes.SHA1 = '18c589443c4c69d0242a9232ec4e4ecc50912752']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679582f-eb38-49a3-a691-4487950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:27.000Z",
|
|
"modified": "2015-12-22T14:03:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/bc2927e6cb67a563f584f6f20c89f83e851a0f81588b844e40886ad9def3ce91/analysis/1450717947/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795830-7f8c-4202-8d47-45a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:28.000Z",
|
|
"modified": "2015-12-22T14:03:28.000Z",
|
|
"description": "- Xchecked via VT: 220f38da5c162f274f809461c5dce3f4",
|
|
"pattern": "[file:hashes.SHA256 = '27c4039a6a252fadf0da26f6991715236e7399aa1b2f0fa8b66bc492fe40a924']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795830-b194-4536-9c9e-43aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:28.000Z",
|
|
"modified": "2015-12-22T14:03:28.000Z",
|
|
"description": "- Xchecked via VT: 220f38da5c162f274f809461c5dce3f4",
|
|
"pattern": "[file:hashes.SHA1 = 'a91476af8d020b1a2befd8eac926df1103f4bc75']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795830-56b4-4b3b-9363-4bdc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:28.000Z",
|
|
"modified": "2015-12-22T14:03:28.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/27c4039a6a252fadf0da26f6991715236e7399aa1b2f0fa8b66bc492fe40a924/analysis/1445310399/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795831-70e0-4d57-9a20-491a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:29.000Z",
|
|
"modified": "2015-12-22T14:03:29.000Z",
|
|
"description": "- Xchecked via VT: 8c8ebbf3c4747cb33bd6cb101491400d",
|
|
"pattern": "[file:hashes.SHA256 = '802fdb345e359f3fc8bc9e432713cf0e32ca7ed5ee855e2a05abbf78f7cbf18d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795831-56bc-47d6-a862-4c00950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:29.000Z",
|
|
"modified": "2015-12-22T14:03:29.000Z",
|
|
"description": "- Xchecked via VT: 8c8ebbf3c4747cb33bd6cb101491400d",
|
|
"pattern": "[file:hashes.SHA1 = '6b205a2ec74269d8d9465e2c23d64775e3112699']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795831-1744-4186-982b-483d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:29.000Z",
|
|
"modified": "2015-12-22T14:03:29.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/802fdb345e359f3fc8bc9e432713cf0e32ca7ed5ee855e2a05abbf78f7cbf18d/analysis/1445948570/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795831-2bd4-417b-8641-45e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:29.000Z",
|
|
"modified": "2015-12-22T14:03:29.000Z",
|
|
"description": "- Xchecked via VT: ac69d18d0e5730147d6dabb5a2c6a3d3",
|
|
"pattern": "[file:hashes.SHA256 = '1c8aa79b8a3dd29af172c136fceab4264d589546c5a6bcc5fc951ca62413b9ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795832-87c4-405c-a450-47d2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:30.000Z",
|
|
"modified": "2015-12-22T14:03:30.000Z",
|
|
"description": "- Xchecked via VT: ac69d18d0e5730147d6dabb5a2c6a3d3",
|
|
"pattern": "[file:hashes.SHA1 = '997869ec58187aef90aefc10d04e2858cb8c0748']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795832-d1e0-4390-9f6b-417a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:30.000Z",
|
|
"modified": "2015-12-22T14:03:30.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1c8aa79b8a3dd29af172c136fceab4264d589546c5a6bcc5fc951ca62413b9ce/analysis/1445864253/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795832-d724-4ce4-b9a0-4b8a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:30.000Z",
|
|
"modified": "2015-12-22T14:03:30.000Z",
|
|
"description": "- Xchecked via VT: ebd749c85483f8695fdde79309276f4e",
|
|
"pattern": "[file:hashes.SHA256 = 'c7f1066bc959358fc881cce95f0d5c1bf30b99a304357dc2289b47f0a6e7839b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795833-4d48-47b4-8eab-42ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:31.000Z",
|
|
"modified": "2015-12-22T14:03:31.000Z",
|
|
"description": "- Xchecked via VT: ebd749c85483f8695fdde79309276f4e",
|
|
"pattern": "[file:hashes.SHA1 = 'e30b7c24695474142afa11fc9e633360ff489d1c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795833-3c50-4a9c-a538-4006950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:31.000Z",
|
|
"modified": "2015-12-22T14:03:31.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c7f1066bc959358fc881cce95f0d5c1bf30b99a304357dc2289b47f0a6e7839b/analysis/1445295224/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795833-a748-4551-9da6-43bc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:31.000Z",
|
|
"modified": "2015-12-22T14:03:31.000Z",
|
|
"description": "- Xchecked via VT: 98d4d11676a2bddb4eddb5ec6469ccf0",
|
|
"pattern": "[file:hashes.SHA256 = '9a274c66c6ce1af652a86158ea05acaa6dc0e89acf9b1a0bf30ed15a0ca73c90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795834-9a18-447f-b389-4a49950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:32.000Z",
|
|
"modified": "2015-12-22T14:03:32.000Z",
|
|
"description": "- Xchecked via VT: 98d4d11676a2bddb4eddb5ec6469ccf0",
|
|
"pattern": "[file:hashes.SHA1 = '9bb0cdc8d51189f03a7f041df75528adc4504a78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795834-6e60-47a8-8b67-424e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:32.000Z",
|
|
"modified": "2015-12-22T14:03:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9a274c66c6ce1af652a86158ea05acaa6dc0e89acf9b1a0bf30ed15a0ca73c90/analysis/1446815990/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795834-a928-49bd-b44a-42ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:32.000Z",
|
|
"modified": "2015-12-22T14:03:32.000Z",
|
|
"description": "- Xchecked via VT: 8cf448ecfe6037529834106dcb104f6e",
|
|
"pattern": "[file:hashes.SHA256 = 'bdfd4b17a21bd65f246c5707282d8926ed74a16ba144f362728146c15a212387']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795834-7900-4c21-beaf-47f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:32.000Z",
|
|
"modified": "2015-12-22T14:03:32.000Z",
|
|
"description": "- Xchecked via VT: 8cf448ecfe6037529834106dcb104f6e",
|
|
"pattern": "[file:hashes.SHA1 = '1a731b1ec15d33fc353ca3ab13ed0a922be4f266']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795835-eedc-4ec3-a760-491b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:33.000Z",
|
|
"modified": "2015-12-22T14:03:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/bdfd4b17a21bd65f246c5707282d8926ed74a16ba144f362728146c15a212387/analysis/1445263765/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795835-5b34-4382-b437-411a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:33.000Z",
|
|
"modified": "2015-12-22T14:03:33.000Z",
|
|
"description": "- Xchecked via VT: a512b154ee4319ddcf45c789b933db4e",
|
|
"pattern": "[file:hashes.SHA256 = '3d14217b7558b1904635aef3cc67c82fe54d324048d4030e1831ffa60f992d62']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795835-9b70-4efd-ad64-4231950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:33.000Z",
|
|
"modified": "2015-12-22T14:03:33.000Z",
|
|
"description": "- Xchecked via VT: a512b154ee4319ddcf45c789b933db4e",
|
|
"pattern": "[file:hashes.SHA1 = '09da38fb8bc844c7b9bc2a6b4a2fb89fcac5075d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795836-c530-4264-bd73-4303950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:34.000Z",
|
|
"modified": "2015-12-22T14:03:34.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3d14217b7558b1904635aef3cc67c82fe54d324048d4030e1831ffa60f992d62/analysis/1444715122/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795836-3dc0-4ae8-9ae9-4003950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:34.000Z",
|
|
"modified": "2015-12-22T14:03:34.000Z",
|
|
"description": "- Xchecked via VT: 9c89728855aaf383f9a835b0ce175a90",
|
|
"pattern": "[file:hashes.SHA256 = '5f7bdd15652d06153059a6706f7082a3137b71c894686d3c7bf5d048f45b9db3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795836-365c-4fa8-9a8d-47a2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:34.000Z",
|
|
"modified": "2015-12-22T14:03:34.000Z",
|
|
"description": "- Xchecked via VT: 9c89728855aaf383f9a835b0ce175a90",
|
|
"pattern": "[file:hashes.SHA1 = '95b525c6c81fee339f5ff916d58dafb429c3b2e6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795836-5acc-431e-aa1b-4010950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:34.000Z",
|
|
"modified": "2015-12-22T14:03:34.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5f7bdd15652d06153059a6706f7082a3137b71c894686d3c7bf5d048f45b9db3/analysis/1443614476/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795837-89a4-46ee-91e7-4e93950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:35.000Z",
|
|
"modified": "2015-12-22T14:03:35.000Z",
|
|
"description": "- Xchecked via VT: 1babbc9f2fe42fdfb12ae4714d0575b7",
|
|
"pattern": "[file:hashes.SHA256 = '1ca4a1107b7149dcbb7ed08b5889c475a96e8937c8bf3632aa0cc38280de462f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795837-6a88-4065-9786-4948950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:35.000Z",
|
|
"modified": "2015-12-22T14:03:35.000Z",
|
|
"description": "- Xchecked via VT: 1babbc9f2fe42fdfb12ae4714d0575b7",
|
|
"pattern": "[file:hashes.SHA1 = 'e47de4c473e079e9019c5412d5bc2eb67372013e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795837-6644-41bf-9c7f-4a78950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:35.000Z",
|
|
"modified": "2015-12-22T14:03:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1ca4a1107b7149dcbb7ed08b5889c475a96e8937c8bf3632aa0cc38280de462f/analysis/1445938211/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795838-f410-4e56-9b17-408f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:36.000Z",
|
|
"modified": "2015-12-22T14:03:36.000Z",
|
|
"description": "- Xchecked via VT: c4e86df4da69199aa7fca10bcbe1284d",
|
|
"pattern": "[file:hashes.SHA256 = '063f0dac5847ec116b20cca45d57dc1aeb9a7ce2769d03605a4988ae6213be76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795838-2b50-4940-8b4f-4d5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:36.000Z",
|
|
"modified": "2015-12-22T14:03:36.000Z",
|
|
"description": "- Xchecked via VT: c4e86df4da69199aa7fca10bcbe1284d",
|
|
"pattern": "[file:hashes.SHA1 = '79f35f530b855fea13211120ce52ba2e9295d0be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795838-c5f4-4e8a-9b63-48ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:36.000Z",
|
|
"modified": "2015-12-22T14:03:36.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/063f0dac5847ec116b20cca45d57dc1aeb9a7ce2769d03605a4988ae6213be76/analysis/1446985056/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795839-1b30-412c-b6c3-46d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:37.000Z",
|
|
"modified": "2015-12-22T14:03:37.000Z",
|
|
"description": "- Xchecked via VT: 77021465ce3ed30ff3ff390d28157dbd",
|
|
"pattern": "[file:hashes.SHA256 = 'fbc885d0d46fb9d1724c651ea05efcf30118bb4934387007beed1e5a8d759330']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795839-df74-47dc-a598-4782950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:37.000Z",
|
|
"modified": "2015-12-22T14:03:37.000Z",
|
|
"description": "- Xchecked via VT: 77021465ce3ed30ff3ff390d28157dbd",
|
|
"pattern": "[file:hashes.SHA1 = 'ebe40e4d8d5127eb6eff996657ceaef86f8c1b6a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795839-6d00-4c65-a633-40fb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:37.000Z",
|
|
"modified": "2015-12-22T14:03:37.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/fbc885d0d46fb9d1724c651ea05efcf30118bb4934387007beed1e5a8d759330/analysis/1443776371/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795839-8350-4bef-9a28-4688950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:37.000Z",
|
|
"modified": "2015-12-22T14:03:37.000Z",
|
|
"description": "- Xchecked via VT: 0e851f71a562a9e5122a3de10c6c2bff",
|
|
"pattern": "[file:hashes.SHA256 = 'be40875184aecf5546e80b5d8be01fc56c37543411dbaba2ebd19b4276787195']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583a-50d0-40b8-8c9a-4a86950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:38.000Z",
|
|
"modified": "2015-12-22T14:03:38.000Z",
|
|
"description": "- Xchecked via VT: 0e851f71a562a9e5122a3de10c6c2bff",
|
|
"pattern": "[file:hashes.SHA1 = 'd6cc59b6c1abcc5e99ce02ed96c8d3ec9a072802']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583a-c0c0-4d01-8a60-4e0d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:38.000Z",
|
|
"modified": "2015-12-22T14:03:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/be40875184aecf5546e80b5d8be01fc56c37543411dbaba2ebd19b4276787195/analysis/1446375871/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583a-83dc-4b7e-9d36-4f77950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:38.000Z",
|
|
"modified": "2015-12-22T14:03:38.000Z",
|
|
"description": "- Xchecked via VT: a506e84ed9b8cf32109c31b5186b72d5",
|
|
"pattern": "[file:hashes.SHA256 = 'decddaafbfeda4df83cfc27c97dce402a891429eeca62dbaf58604d4e7c0fced']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583b-7788-44bf-a13c-447e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:39.000Z",
|
|
"modified": "2015-12-22T14:03:39.000Z",
|
|
"description": "- Xchecked via VT: a506e84ed9b8cf32109c31b5186b72d5",
|
|
"pattern": "[file:hashes.SHA1 = '0e23f69d3393b5279cbd8aa6c2f44c41c2b824b4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583b-08a0-44d5-9217-4155950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:39.000Z",
|
|
"modified": "2015-12-22T14:03:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/decddaafbfeda4df83cfc27c97dce402a891429eeca62dbaf58604d4e7c0fced/analysis/1446811914/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583b-f92c-4083-a33d-42a0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:39.000Z",
|
|
"modified": "2015-12-22T14:03:39.000Z",
|
|
"description": "- Xchecked via VT: 6a40640b358f58cab3be3ac9612d64c0",
|
|
"pattern": "[file:hashes.SHA256 = 'c128fb7a7e30b852891f6eccba3c178fc3dcf3b387e17e2a2eeaef32c6f4b794']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583b-50c4-4908-8716-4108950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:39.000Z",
|
|
"modified": "2015-12-22T14:03:39.000Z",
|
|
"description": "- Xchecked via VT: 6a40640b358f58cab3be3ac9612d64c0",
|
|
"pattern": "[file:hashes.SHA1 = 'f710b1b38d1581247104f6ba35be3e7eb5d977e2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583c-8020-4008-ab38-4772950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:40.000Z",
|
|
"modified": "2015-12-22T14:03:40.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c128fb7a7e30b852891f6eccba3c178fc3dcf3b387e17e2a2eeaef32c6f4b794/analysis/1446904338/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583c-0dec-49f2-813d-4a61950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:40.000Z",
|
|
"modified": "2015-12-22T14:03:40.000Z",
|
|
"description": "- Xchecked via VT: 218bb6e57a1f8b80fa0b55a50ea569e5",
|
|
"pattern": "[file:hashes.SHA256 = '139f832d27dbeeb5b0396195686bcad3d032944bfaab5aaca088cb941ca803ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583c-df4c-4937-93a2-4a05950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:40.000Z",
|
|
"modified": "2015-12-22T14:03:40.000Z",
|
|
"description": "- Xchecked via VT: 218bb6e57a1f8b80fa0b55a50ea569e5",
|
|
"pattern": "[file:hashes.SHA1 = '054cff8df564af90ad746c728970339da17aa922']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583d-cca8-4979-82a1-4adc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:41.000Z",
|
|
"modified": "2015-12-22T14:03:41.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/139f832d27dbeeb5b0396195686bcad3d032944bfaab5aaca088cb941ca803ce/analysis/1445935402/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583d-8d90-4669-9d46-4386950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:41.000Z",
|
|
"modified": "2015-12-22T14:03:41.000Z",
|
|
"description": "- Xchecked via VT: 5d53163c8e52d4d76de136a82ece4b59",
|
|
"pattern": "[file:hashes.SHA256 = 'ec315bd9b07019fd5e2e51f7b26bd6a0053578229c156b47fd4f74f55a19781b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583d-ab2c-45c4-8dda-4c0b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:41.000Z",
|
|
"modified": "2015-12-22T14:03:41.000Z",
|
|
"description": "- Xchecked via VT: 5d53163c8e52d4d76de136a82ece4b59",
|
|
"pattern": "[file:hashes.SHA1 = '5612d9bab64ebcb9cac3ce0de84898a2f461bc19']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583e-97d8-41ac-978c-44a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:42.000Z",
|
|
"modified": "2015-12-22T14:03:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ec315bd9b07019fd5e2e51f7b26bd6a0053578229c156b47fd4f74f55a19781b/analysis/1445261372/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583e-ed6c-47e2-8b8c-48d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:42.000Z",
|
|
"modified": "2015-12-22T14:03:42.000Z",
|
|
"description": "- Xchecked via VT: 059a3a1d39f774b5ef436a0df7b88547",
|
|
"pattern": "[file:hashes.SHA256 = 'd19506f1ae229855dd7273a14639bd741d58fe0ddd9c3dd70f32a570bacf9629']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583e-2550-41fb-90c0-4ba2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:42.000Z",
|
|
"modified": "2015-12-22T14:03:42.000Z",
|
|
"description": "- Xchecked via VT: 059a3a1d39f774b5ef436a0df7b88547",
|
|
"pattern": "[file:hashes.SHA1 = '4bf2a1eff2e0476d166ce561e348ffcf08ba14d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583e-1404-4731-ac2b-40de950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:42.000Z",
|
|
"modified": "2015-12-22T14:03:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d19506f1ae229855dd7273a14639bd741d58fe0ddd9c3dd70f32a570bacf9629/analysis/1445948967/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583f-2ce0-462d-ae31-4f45950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:43.000Z",
|
|
"modified": "2015-12-22T14:03:43.000Z",
|
|
"description": "- Xchecked via VT: 4ae80809ea5c1d4b6526316024c9353b",
|
|
"pattern": "[file:hashes.SHA256 = '9ed34e6f1d0d66350d806506ce3692346cecb1d52f8de03978e2e74ffeb51b97']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583f-4c58-43fe-8a3f-4c50950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:43.000Z",
|
|
"modified": "2015-12-22T14:03:43.000Z",
|
|
"description": "- Xchecked via VT: 4ae80809ea5c1d4b6526316024c9353b",
|
|
"pattern": "[file:hashes.SHA1 = 'ef4cb2ad64d0bdf18b38f550fbf45f371b362f25']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679583f-2cb0-4864-bea8-45a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:43.000Z",
|
|
"modified": "2015-12-22T14:03:43.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9ed34e6f1d0d66350d806506ce3692346cecb1d52f8de03978e2e74ffeb51b97/analysis/1445323911/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795840-520c-494e-919f-42b5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:44.000Z",
|
|
"modified": "2015-12-22T14:03:44.000Z",
|
|
"description": "- Xchecked via VT: bcf7995aae8894bb754c2e21ece8c57d",
|
|
"pattern": "[file:hashes.SHA256 = '7c3488ba8b66af3594e3566713288878fbbea96fcf691ba8020312a323165628']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795840-b5b0-4f17-9b78-4cf0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:44.000Z",
|
|
"modified": "2015-12-22T14:03:44.000Z",
|
|
"description": "- Xchecked via VT: bcf7995aae8894bb754c2e21ece8c57d",
|
|
"pattern": "[file:hashes.SHA1 = '3acbd6aedbb495d142dd9cf0220baed6c5b8dd1c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795840-bfbc-4c86-be61-4cb5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:44.000Z",
|
|
"modified": "2015-12-22T14:03:44.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7c3488ba8b66af3594e3566713288878fbbea96fcf691ba8020312a323165628/analysis/1447151938/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795840-f8f4-440b-b9d3-411a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:44.000Z",
|
|
"modified": "2015-12-22T14:03:44.000Z",
|
|
"description": "- Xchecked via VT: 4b6cbd1c36c46dc7ee24ec4e7457bbfa",
|
|
"pattern": "[file:hashes.SHA256 = 'e5c5ef44d6778d663894d0fe0ee5c7df72e392584528f2516f7ca93e18e93cba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795841-2350-463e-9e5c-428b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:45.000Z",
|
|
"modified": "2015-12-22T14:03:45.000Z",
|
|
"description": "- Xchecked via VT: 4b6cbd1c36c46dc7ee24ec4e7457bbfa",
|
|
"pattern": "[file:hashes.SHA1 = 'ffab8fd69a2a397732d87071af7c2b81cc4c6896']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795841-1c7c-4ca8-828d-452e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:45.000Z",
|
|
"modified": "2015-12-22T14:03:45.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e5c5ef44d6778d663894d0fe0ee5c7df72e392584528f2516f7ca93e18e93cba/analysis/1445850363/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795841-69c4-4b49-9827-42d2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:45.000Z",
|
|
"modified": "2015-12-22T14:03:45.000Z",
|
|
"description": "- Xchecked via VT: 8772a3e572787d30b19d2bd95aeb8de2",
|
|
"pattern": "[file:hashes.SHA256 = '40803c67ed563e5a4ab01958bcc9e5ad95e1f558161b9861a32a60a84fee498d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795842-06f8-4c55-ac49-4b73950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:46.000Z",
|
|
"modified": "2015-12-22T14:03:46.000Z",
|
|
"description": "- Xchecked via VT: 8772a3e572787d30b19d2bd95aeb8de2",
|
|
"pattern": "[file:hashes.SHA1 = '8d82af2ec699b4ed09768b6a66a3491fbdab96f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795842-85b4-4e21-b4f0-476e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:46.000Z",
|
|
"modified": "2015-12-22T14:03:46.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/40803c67ed563e5a4ab01958bcc9e5ad95e1f558161b9861a32a60a84fee498d/analysis/1450761075/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795842-c178-4727-9b54-4609950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:46.000Z",
|
|
"modified": "2015-12-22T14:03:46.000Z",
|
|
"description": "- Xchecked via VT: 7ab1f374ebd9908a3f15c9dd66213190",
|
|
"pattern": "[file:hashes.SHA256 = '7ed29c7ffd0819fb5f78fdfd93ee8294336a1a388804f3f03915b725b2541deb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795843-b734-4c74-aa2f-4eb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:47.000Z",
|
|
"modified": "2015-12-22T14:03:47.000Z",
|
|
"description": "- Xchecked via VT: 7ab1f374ebd9908a3f15c9dd66213190",
|
|
"pattern": "[file:hashes.SHA1 = 'beb13b83c495238dd05a61ea613cadb50828a7b4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795843-8d4c-4e9c-8d04-4934950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:47.000Z",
|
|
"modified": "2015-12-22T14:03:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7ed29c7ffd0819fb5f78fdfd93ee8294336a1a388804f3f03915b725b2541deb/analysis/1446113540/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795843-8ecc-41d7-ab66-42d2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:47.000Z",
|
|
"modified": "2015-12-22T14:03:47.000Z",
|
|
"description": "- Xchecked via VT: 1377fd18f2165fc6773e3e89799e5a70",
|
|
"pattern": "[file:hashes.SHA256 = '5c5ad02b95e2769d92d968e735e7d4e022df69bdecf6f666062ff0c6c1d1ba10']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795843-3be0-48e4-a5f2-4c0d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:47.000Z",
|
|
"modified": "2015-12-22T14:03:47.000Z",
|
|
"description": "- Xchecked via VT: 1377fd18f2165fc6773e3e89799e5a70",
|
|
"pattern": "[file:hashes.SHA1 = '83551877739f623330d170122526abc6a7f74575']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795844-3d48-45f0-ad8a-4528950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:48.000Z",
|
|
"modified": "2015-12-22T14:03:48.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5c5ad02b95e2769d92d968e735e7d4e022df69bdecf6f666062ff0c6c1d1ba10/analysis/1445942402/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795844-8268-453c-99a3-47b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:48.000Z",
|
|
"modified": "2015-12-22T14:03:48.000Z",
|
|
"description": "- Xchecked via VT: 98abaeb4104910feae3e5dbc9a1dfef5",
|
|
"pattern": "[file:hashes.SHA256 = '90ff2c650bb1f0381ff19b7c54ae52fdf1f9f03e54780b2786e2ce46823b612c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795844-0bc8-4dac-92bb-43ea950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:48.000Z",
|
|
"modified": "2015-12-22T14:03:48.000Z",
|
|
"description": "- Xchecked via VT: 98abaeb4104910feae3e5dbc9a1dfef5",
|
|
"pattern": "[file:hashes.SHA1 = 'c1f54a911f0a7b6d1921760540402ce20cb99bd1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795845-4474-4ee6-a9a5-4873950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:49.000Z",
|
|
"modified": "2015-12-22T14:03:49.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/90ff2c650bb1f0381ff19b7c54ae52fdf1f9f03e54780b2786e2ce46823b612c/analysis/1443623124/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795845-cb28-4a2a-8690-43b6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:49.000Z",
|
|
"modified": "2015-12-22T14:03:49.000Z",
|
|
"description": "- Xchecked via VT: b1c142463b540f0fea437aec5a546b3a",
|
|
"pattern": "[file:hashes.SHA256 = '924a17ac7b42ccabf6b79180670b2124fe038d1e1b48dc76777935395ab5a910']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795845-64a0-46bb-8e10-481f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:49.000Z",
|
|
"modified": "2015-12-22T14:03:49.000Z",
|
|
"description": "- Xchecked via VT: b1c142463b540f0fea437aec5a546b3a",
|
|
"pattern": "[file:hashes.SHA1 = '915a6568f95339a35a491cd2b16094bbffe41e7d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795845-11c8-45dd-8da3-4675950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:49.000Z",
|
|
"modified": "2015-12-22T14:03:49.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/924a17ac7b42ccabf6b79180670b2124fe038d1e1b48dc76777935395ab5a910/analysis/1450761356/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795846-87d4-45de-9849-4dae950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:50.000Z",
|
|
"modified": "2015-12-22T14:03:50.000Z",
|
|
"description": "- Xchecked via VT: 0ee6c0616e7042196c6d0aa5921479be",
|
|
"pattern": "[file:hashes.SHA256 = '8cfa7c2241be3e88b96ec14a298a913be22dcb3d76e3e2a09453c99a6b6970df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795846-ae24-4cfa-89bb-4261950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:50.000Z",
|
|
"modified": "2015-12-22T14:03:50.000Z",
|
|
"description": "- Xchecked via VT: 0ee6c0616e7042196c6d0aa5921479be",
|
|
"pattern": "[file:hashes.SHA1 = '247f86a1c15018da0de6c6f933550f252d52ffb6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795846-1bdc-4c89-8922-47f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:50.000Z",
|
|
"modified": "2015-12-22T14:03:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8cfa7c2241be3e88b96ec14a298a913be22dcb3d76e3e2a09453c99a6b6970df/analysis/1443613480/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795847-47dc-4236-b6ca-4479950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:51.000Z",
|
|
"modified": "2015-12-22T14:03:51.000Z",
|
|
"description": "- Xchecked via VT: ea532cd5d1764aa058d18dbcbca29748",
|
|
"pattern": "[file:hashes.SHA256 = 'eaa7f0567d872b8454c4d28067121ce153dc3788010de4a03396aa7a1eb00671']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795847-78dc-41d6-83c7-4331950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:51.000Z",
|
|
"modified": "2015-12-22T14:03:51.000Z",
|
|
"description": "- Xchecked via VT: ea532cd5d1764aa058d18dbcbca29748",
|
|
"pattern": "[file:hashes.SHA1 = 'b1840fead385a1280229f4892601d8094de5b242']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795847-77e4-45a6-ab27-4195950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:51.000Z",
|
|
"modified": "2015-12-22T14:03:51.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/eaa7f0567d872b8454c4d28067121ce153dc3788010de4a03396aa7a1eb00671/analysis/1445098037/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795848-ac68-49d6-bb0e-47ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:52.000Z",
|
|
"modified": "2015-12-22T14:03:52.000Z",
|
|
"description": "- Xchecked via VT: 1b00b7a8fc0001b69d163feea4f11916",
|
|
"pattern": "[file:hashes.SHA256 = '9b76170826a32481df923490a3ac97596c4ac97e9ef7a4ccae5470c4f0833ed8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795848-4a24-497f-8130-4f9f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:52.000Z",
|
|
"modified": "2015-12-22T14:03:52.000Z",
|
|
"description": "- Xchecked via VT: 1b00b7a8fc0001b69d163feea4f11916",
|
|
"pattern": "[file:hashes.SHA1 = '40917a559cf97c44f093a8faa4ca8c49c7873bee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795848-4324-4d59-96bb-4965950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:52.000Z",
|
|
"modified": "2015-12-22T14:03:52.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9b76170826a32481df923490a3ac97596c4ac97e9ef7a4ccae5470c4f0833ed8/analysis/1445007592/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795848-6c98-44ee-aa9d-42f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:52.000Z",
|
|
"modified": "2015-12-22T14:03:52.000Z",
|
|
"description": "- Xchecked via VT: f0e25b006584b9d2fe6cc4b7a765b3a6",
|
|
"pattern": "[file:hashes.SHA256 = '3f4eeaaf1cda13e1a7ee28456025d3fa0b99b7a72e1a14c7dfa18b12873f1efa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795849-efe0-4d22-9086-4670950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:53.000Z",
|
|
"modified": "2015-12-22T14:03:53.000Z",
|
|
"description": "- Xchecked via VT: f0e25b006584b9d2fe6cc4b7a765b3a6",
|
|
"pattern": "[file:hashes.SHA1 = '64615849b3f0abd12d1fe53499428818bc66056b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795849-a060-4759-a319-407a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:53.000Z",
|
|
"modified": "2015-12-22T14:03:53.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3f4eeaaf1cda13e1a7ee28456025d3fa0b99b7a72e1a14c7dfa18b12873f1efa/analysis/1446815597/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795849-72b8-479b-af37-4c3b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:53.000Z",
|
|
"modified": "2015-12-22T14:03:53.000Z",
|
|
"description": "- Xchecked via VT: bce98010ac78697d6eefb64994700773",
|
|
"pattern": "[file:hashes.SHA256 = '8bef168bf2ad521050d4212e98ffcc9accaf908183c875ac1511a35210b69ac3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584a-0e6c-47ec-bbe1-4584950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:54.000Z",
|
|
"modified": "2015-12-22T14:03:54.000Z",
|
|
"description": "- Xchecked via VT: bce98010ac78697d6eefb64994700773",
|
|
"pattern": "[file:hashes.SHA1 = 'a7d1095dc023942de27a36922842acd42fd64378']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584a-9320-4ae2-9b95-4b94950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:54.000Z",
|
|
"modified": "2015-12-22T14:03:54.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8bef168bf2ad521050d4212e98ffcc9accaf908183c875ac1511a35210b69ac3/analysis/1446114228/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584a-4d64-4c44-8bd3-4c25950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:54.000Z",
|
|
"modified": "2015-12-22T14:03:54.000Z",
|
|
"description": "- Xchecked via VT: 9a785d616708afa0b8e59ee07cfa34e1",
|
|
"pattern": "[file:hashes.SHA256 = '554e4c803508f0e711f8356b577ffe23a16743d0f969feabf636c7ab65012595']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584a-120c-4e46-bba3-4572950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:54.000Z",
|
|
"modified": "2015-12-22T14:03:54.000Z",
|
|
"description": "- Xchecked via VT: 9a785d616708afa0b8e59ee07cfa34e1",
|
|
"pattern": "[file:hashes.SHA1 = 'b95bf4bb224716a9c18c3809d90c0206b7f12d5e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584b-15a8-471e-b32d-44ba950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:55.000Z",
|
|
"modified": "2015-12-22T14:03:55.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/554e4c803508f0e711f8356b577ffe23a16743d0f969feabf636c7ab65012595/analysis/1445934808/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584b-62dc-442c-8d2d-4541950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:55.000Z",
|
|
"modified": "2015-12-22T14:03:55.000Z",
|
|
"description": "- Xchecked via VT: d9df23dc092041a7bc571c37c987934e",
|
|
"pattern": "[file:hashes.SHA256 = '624b6bbf86d80f8f3ff367e9be1b35e0081439d6c9e4c46a88b1260deee6add7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584b-350c-46ec-ac30-4788950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:55.000Z",
|
|
"modified": "2015-12-22T14:03:55.000Z",
|
|
"description": "- Xchecked via VT: d9df23dc092041a7bc571c37c987934e",
|
|
"pattern": "[file:hashes.SHA1 = '704557b64f1c25ee768d2682a0e75b85b9fb6965']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584c-a158-4589-970f-4aa2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:56.000Z",
|
|
"modified": "2015-12-22T14:03:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/624b6bbf86d80f8f3ff367e9be1b35e0081439d6c9e4c46a88b1260deee6add7/analysis/1444788040/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584c-42c0-4dc8-b96f-4890950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:56.000Z",
|
|
"modified": "2015-12-22T14:03:56.000Z",
|
|
"description": "- Xchecked via VT: dc02b80f0f9a54c19d61ff522ee22842",
|
|
"pattern": "[file:hashes.SHA256 = '7e8d7df020bc21dea79f2cd9abcce3545d27b1890a005e2247feae61a4840c80']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584c-64c4-4b77-b525-4d9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:56.000Z",
|
|
"modified": "2015-12-22T14:03:56.000Z",
|
|
"description": "- Xchecked via VT: dc02b80f0f9a54c19d61ff522ee22842",
|
|
"pattern": "[file:hashes.SHA1 = '1895d4e66ab61ec19418dd353fcfd93237461dd4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584d-94f4-45b8-b9fc-429b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:57.000Z",
|
|
"modified": "2015-12-22T14:03:57.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7e8d7df020bc21dea79f2cd9abcce3545d27b1890a005e2247feae61a4840c80/analysis/1445269423/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584d-8c4c-4134-b0d2-4e3b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:57.000Z",
|
|
"modified": "2015-12-22T14:03:57.000Z",
|
|
"description": "- Xchecked via VT: ba76e0a0ce0ed84fea0601c1431853f5",
|
|
"pattern": "[file:hashes.SHA256 = 'e9a3377baed3ae4f25e5daf48ae92f77444cfdf70ed7dbd4cce04a90d5bdea7a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584d-feec-4b8b-943e-4851950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:57.000Z",
|
|
"modified": "2015-12-22T14:03:57.000Z",
|
|
"description": "- Xchecked via VT: ba76e0a0ce0ed84fea0601c1431853f5",
|
|
"pattern": "[file:hashes.SHA1 = '78e72a48bb03bddb7579ed1f5b8daab3bcd6172d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584d-d888-46cc-a192-44ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:57.000Z",
|
|
"modified": "2015-12-22T14:03:57.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e9a3377baed3ae4f25e5daf48ae92f77444cfdf70ed7dbd4cce04a90d5bdea7a/analysis/1445509770/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584e-3274-44a8-a060-4e56950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:58.000Z",
|
|
"modified": "2015-12-22T14:03:58.000Z",
|
|
"description": "- Xchecked via VT: 88253664fb130bf45637a946b82d8eb2",
|
|
"pattern": "[file:hashes.SHA256 = '55adf343e086820b35790c9756d49aaaca508747e7f8d3b8a9d2343defdd842e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584e-1e7c-473c-8de4-4e56950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:58.000Z",
|
|
"modified": "2015-12-22T14:03:58.000Z",
|
|
"description": "- Xchecked via VT: 88253664fb130bf45637a946b82d8eb2",
|
|
"pattern": "[file:hashes.SHA1 = 'ccfef6f71ee6af3a0c66264685de88ad1c0e1ab3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584e-3508-4ef0-ba70-4f23950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:58.000Z",
|
|
"modified": "2015-12-22T14:03:58.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/55adf343e086820b35790c9756d49aaaca508747e7f8d3b8a9d2343defdd842e/analysis/1443730570/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584f-e8cc-4360-8413-4bc3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:59.000Z",
|
|
"modified": "2015-12-22T14:03:59.000Z",
|
|
"description": "- Xchecked via VT: 9201de2b446784b1cfe32e767e36a5f1",
|
|
"pattern": "[file:hashes.SHA256 = '04fe2072a7b8e6e901ef636cc37f7bc785a9d4e18e9c6d390258a3cbbd7acdef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584f-a3ec-4be6-bb33-4c4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:59.000Z",
|
|
"modified": "2015-12-22T14:03:59.000Z",
|
|
"description": "- Xchecked via VT: 9201de2b446784b1cfe32e767e36a5f1",
|
|
"pattern": "[file:hashes.SHA1 = 'ebfcd48a50993ee8f333f941e3737a255756d0bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584f-1a88-4295-9adb-463c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:59.000Z",
|
|
"modified": "2015-12-22T14:03:59.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/04fe2072a7b8e6e901ef636cc37f7bc785a9d4e18e9c6d390258a3cbbd7acdef/analysis/1448460772/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679584f-43f8-4ec6-b234-4d5b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:03:59.000Z",
|
|
"modified": "2015-12-22T14:03:59.000Z",
|
|
"description": "- Xchecked via VT: 3a5d60f2b8a1b6ebe763865ae493a42d",
|
|
"pattern": "[file:hashes.SHA256 = '3e9bf6a7305ccdf1d251f4ab412460317a4ac6d55382a77d99eca4220af93c8c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:03:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795850-7c5c-4ffd-8882-4709950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:00.000Z",
|
|
"modified": "2015-12-22T14:04:00.000Z",
|
|
"description": "- Xchecked via VT: 3a5d60f2b8a1b6ebe763865ae493a42d",
|
|
"pattern": "[file:hashes.SHA1 = '60969fcc8a2e031914d81e14f724959cf3655397']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795850-b2b4-4976-9cd3-4227950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:00.000Z",
|
|
"modified": "2015-12-22T14:04:00.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3e9bf6a7305ccdf1d251f4ab412460317a4ac6d55382a77d99eca4220af93c8c/analysis/1447726843/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795850-4c1c-4e8e-8c9b-4af1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:00.000Z",
|
|
"modified": "2015-12-22T14:04:00.000Z",
|
|
"description": "- Xchecked via VT: 046737a5ba9fce124c3403db0c5efcb1",
|
|
"pattern": "[file:hashes.SHA256 = '7ab0db6f18c7fdb058ff7e0d079121b16a9a45502a27a15d3c0451901e464012']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795850-0678-4ee3-8a07-4c86950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:00.000Z",
|
|
"modified": "2015-12-22T14:04:00.000Z",
|
|
"description": "- Xchecked via VT: 046737a5ba9fce124c3403db0c5efcb1",
|
|
"pattern": "[file:hashes.SHA1 = '241a459a20618f44490f15371ff1386c86e7c679']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795851-2e74-4a51-b235-4fd1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:01.000Z",
|
|
"modified": "2015-12-22T14:04:01.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7ab0db6f18c7fdb058ff7e0d079121b16a9a45502a27a15d3c0451901e464012/analysis/1450689802/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795851-6e50-4583-92b1-464c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:01.000Z",
|
|
"modified": "2015-12-22T14:04:01.000Z",
|
|
"description": "- Xchecked via VT: 737d2c13ebc18392b8cf6897f3c84482",
|
|
"pattern": "[file:hashes.SHA256 = '937d916ab5856c46e1b0e57d1c48792859ce4cd300e0bd24e2697197a137c22d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795851-dc80-4c89-a099-4521950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:01.000Z",
|
|
"modified": "2015-12-22T14:04:01.000Z",
|
|
"description": "- Xchecked via VT: 737d2c13ebc18392b8cf6897f3c84482",
|
|
"pattern": "[file:hashes.SHA1 = '3d9f3ea6ee318debc0c03b981b1bf1d5b17b4ade']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795852-8bc8-435d-83bc-4721950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:02.000Z",
|
|
"modified": "2015-12-22T14:04:02.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/937d916ab5856c46e1b0e57d1c48792859ce4cd300e0bd24e2697197a137c22d/analysis/1445948429/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795852-7978-4ce2-b0d7-417c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:02.000Z",
|
|
"modified": "2015-12-22T14:04:02.000Z",
|
|
"description": "- Xchecked via VT: 0d19c7a1ff7766d011d0749f0a760029",
|
|
"pattern": "[file:hashes.SHA256 = '996032ea7bb3f32ab162603add691e7a84b35e3cdb9eb3ced756762f1249c1be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795852-411c-4aed-8854-406d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:02.000Z",
|
|
"modified": "2015-12-22T14:04:02.000Z",
|
|
"description": "- Xchecked via VT: 0d19c7a1ff7766d011d0749f0a760029",
|
|
"pattern": "[file:hashes.SHA1 = '0f0ba2c8f0eec7ab03dc9e401822cd2a78d7ae5a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795852-80c8-48a3-9ad9-4959950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:02.000Z",
|
|
"modified": "2015-12-22T14:04:02.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/996032ea7bb3f32ab162603add691e7a84b35e3cdb9eb3ced756762f1249c1be/analysis/1450689866/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795853-2010-488a-93fe-4dc4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:03.000Z",
|
|
"modified": "2015-12-22T14:04:03.000Z",
|
|
"description": "- Xchecked via VT: af610db8b8f2f4cb6159a2978e2f8682",
|
|
"pattern": "[file:hashes.SHA256 = 'ae1ddeb338f432d8facd87b08ae677bf622dc500fed5564109ee888427f8ea8b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795853-f9ac-4d37-96ac-438e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:03.000Z",
|
|
"modified": "2015-12-22T14:04:03.000Z",
|
|
"description": "- Xchecked via VT: af610db8b8f2f4cb6159a2978e2f8682",
|
|
"pattern": "[file:hashes.SHA1 = '0da1baf677712deb66068d792e1a27de5f5dda53']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795853-7d98-43bc-ac2f-4763950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:03.000Z",
|
|
"modified": "2015-12-22T14:04:03.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ae1ddeb338f432d8facd87b08ae677bf622dc500fed5564109ee888427f8ea8b/analysis/1444922854/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795854-f970-4c21-ae2b-4939950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:04.000Z",
|
|
"modified": "2015-12-22T14:04:04.000Z",
|
|
"description": "- Xchecked via VT: fd384d5aba0869d7e8f9adf1a0c04913",
|
|
"pattern": "[file:hashes.SHA256 = 'f47660fe982076bd8485db72636c44cd43c49844e70852a58d0b025ec065dc60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795854-81e8-47a4-8a0e-45f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:04.000Z",
|
|
"modified": "2015-12-22T14:04:04.000Z",
|
|
"description": "- Xchecked via VT: fd384d5aba0869d7e8f9adf1a0c04913",
|
|
"pattern": "[file:hashes.SHA1 = '50257b8be6f2267dfd4340f532967e71a5b460ae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795854-6610-421d-83da-4240950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:04.000Z",
|
|
"modified": "2015-12-22T14:04:04.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f47660fe982076bd8485db72636c44cd43c49844e70852a58d0b025ec065dc60/analysis/1447152774/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795855-6e10-4669-a9b1-4621950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:05.000Z",
|
|
"modified": "2015-12-22T14:04:05.000Z",
|
|
"description": "- Xchecked via VT: 9f5a4db5d6752b2e183d63e9a2ab5e77",
|
|
"pattern": "[file:hashes.SHA256 = '7c2318497532ccf94d83f261ed48ab43e345dfd388699b60914163c5104b50f8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795855-3ac8-43af-9133-4305950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:05.000Z",
|
|
"modified": "2015-12-22T14:04:05.000Z",
|
|
"description": "- Xchecked via VT: 9f5a4db5d6752b2e183d63e9a2ab5e77",
|
|
"pattern": "[file:hashes.SHA1 = '4db633bc0682746159c192133a2a0e382adf37d9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795855-2038-4afe-b3cb-49eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:05.000Z",
|
|
"modified": "2015-12-22T14:04:05.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7c2318497532ccf94d83f261ed48ab43e345dfd388699b60914163c5104b50f8/analysis/1445074475/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795855-f1f4-4be6-ac9c-4e05950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:05.000Z",
|
|
"modified": "2015-12-22T14:04:05.000Z",
|
|
"description": "- Xchecked via VT: e3671165cd1d3dd6394cf431e432ca58",
|
|
"pattern": "[file:hashes.SHA256 = 'a47ace5053983cbbc911e15bc955d86f03ee5098e4775fbc421699ef463fafee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795856-2998-4ddc-9c1c-4827950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:06.000Z",
|
|
"modified": "2015-12-22T14:04:06.000Z",
|
|
"description": "- Xchecked via VT: e3671165cd1d3dd6394cf431e432ca58",
|
|
"pattern": "[file:hashes.SHA1 = 'b45324314b155c2702e9e81d03c790303f7df56e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795856-2274-4dea-a96d-4c84950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:06.000Z",
|
|
"modified": "2015-12-22T14:04:06.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a47ace5053983cbbc911e15bc955d86f03ee5098e4775fbc421699ef463fafee/analysis/1447582334/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795856-e1a8-41ba-acd4-4a3c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:06.000Z",
|
|
"modified": "2015-12-22T14:04:06.000Z",
|
|
"description": "- Xchecked via VT: c795cf4f7b1a194b2dfed402850b6fe3",
|
|
"pattern": "[file:hashes.SHA256 = '13e308bca87fd26c3be59b35b1341b1ba494e1c7db18e741a37a6413c6de6d65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795857-c0b4-4a71-9107-4473950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:07.000Z",
|
|
"modified": "2015-12-22T14:04:07.000Z",
|
|
"description": "- Xchecked via VT: c795cf4f7b1a194b2dfed402850b6fe3",
|
|
"pattern": "[file:hashes.SHA1 = 'dce74178c249a26793d99588449055bb535c5451']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795857-2c84-411a-9b34-4078950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:07.000Z",
|
|
"modified": "2015-12-22T14:04:07.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/13e308bca87fd26c3be59b35b1341b1ba494e1c7db18e741a37a6413c6de6d65/analysis/1443627116/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795857-e258-49a0-8006-4f49950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:07.000Z",
|
|
"modified": "2015-12-22T14:04:07.000Z",
|
|
"description": "- Xchecked via VT: 0c59a489430322152a9a3f87149b78e3",
|
|
"pattern": "[file:hashes.SHA256 = '5f53d70430f88876ec930ea42ff40f9f964cdbfcfbcf28081bef6fc7f30fb5ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795857-ff00-4ad7-8550-426b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:07.000Z",
|
|
"modified": "2015-12-22T14:04:07.000Z",
|
|
"description": "- Xchecked via VT: 0c59a489430322152a9a3f87149b78e3",
|
|
"pattern": "[file:hashes.SHA1 = 'c7f3040bb612638f4bd3f04428f16ac682d52b11']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795858-fae8-4aa0-b92a-4466950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:08.000Z",
|
|
"modified": "2015-12-22T14:04:08.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5f53d70430f88876ec930ea42ff40f9f964cdbfcfbcf28081bef6fc7f30fb5ed/analysis/1447072296/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795858-f580-4070-bc38-48ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:08.000Z",
|
|
"modified": "2015-12-22T14:04:08.000Z",
|
|
"description": "- Xchecked via VT: 85952c0e83bad7b71cb5793fbf2af35a",
|
|
"pattern": "[file:hashes.SHA256 = 'cb987445c2db6d6c4dac6de998f97216efbf3d24790cdf530f51fc5fe622d9ae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795858-39e4-4e8d-953b-4257950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:08.000Z",
|
|
"modified": "2015-12-22T14:04:08.000Z",
|
|
"description": "- Xchecked via VT: 85952c0e83bad7b71cb5793fbf2af35a",
|
|
"pattern": "[file:hashes.SHA1 = '040efb9294e397804d67992ec5495b80d426fadc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795859-3e9c-4e76-91a0-4716950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:09.000Z",
|
|
"modified": "2015-12-22T14:04:09.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/cb987445c2db6d6c4dac6de998f97216efbf3d24790cdf530f51fc5fe622d9ae/analysis/1445935429/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795859-8970-446e-8216-4cbc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:09.000Z",
|
|
"modified": "2015-12-22T14:04:09.000Z",
|
|
"description": "- Xchecked via VT: b001844775597a3487c9964222fe1f14",
|
|
"pattern": "[file:hashes.SHA256 = 'a2c284210ff6bb44cf35bab4e722c60e031125bb1aac94085a72a51a00d5edae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795859-70f8-4fca-9e85-4de8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:09.000Z",
|
|
"modified": "2015-12-22T14:04:09.000Z",
|
|
"description": "- Xchecked via VT: b001844775597a3487c9964222fe1f14",
|
|
"pattern": "[file:hashes.SHA1 = 'd15f68a760d2e35ac1c97b58d11361ad615e14ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585a-ce9c-4bd0-b225-413b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:09.000Z",
|
|
"modified": "2015-12-22T14:04:09.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a2c284210ff6bb44cf35bab4e722c60e031125bb1aac94085a72a51a00d5edae/analysis/1450721327/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585a-6c9c-456b-b655-4e79950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:10.000Z",
|
|
"modified": "2015-12-22T14:04:10.000Z",
|
|
"description": "- Xchecked via VT: 11d2f38c8dadef4702d0a8d91c0919a8",
|
|
"pattern": "[file:hashes.SHA256 = '9242d1347f3a35bd72d8ee4fc77f6983c02126ed1ab72cee9f1f9f45a88279b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585a-b4a0-4e65-85e9-4fb3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:10.000Z",
|
|
"modified": "2015-12-22T14:04:10.000Z",
|
|
"description": "- Xchecked via VT: 11d2f38c8dadef4702d0a8d91c0919a8",
|
|
"pattern": "[file:hashes.SHA1 = '3a33c0a7b9b9472b4f8b91b385151a1ee6c77bfc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585a-e3ec-47e8-b23f-4474950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:10.000Z",
|
|
"modified": "2015-12-22T14:04:10.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9242d1347f3a35bd72d8ee4fc77f6983c02126ed1ab72cee9f1f9f45a88279b1/analysis/1450761258/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585b-86ac-43bb-ae99-4363950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:11.000Z",
|
|
"modified": "2015-12-22T14:04:11.000Z",
|
|
"description": "- Xchecked via VT: 62d102a1c8ee09d12ad9046316b428a8",
|
|
"pattern": "[file:hashes.SHA256 = '40ebd6a05c1afaefe9e4eac2932290d23761f4cdf9d93aac2931210b38546d06']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585b-54e0-4bb2-9db7-4e00950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:11.000Z",
|
|
"modified": "2015-12-22T14:04:11.000Z",
|
|
"description": "- Xchecked via VT: 62d102a1c8ee09d12ad9046316b428a8",
|
|
"pattern": "[file:hashes.SHA1 = 'bb3cdc08ddc50729b071d0873e42205f09887420']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585b-4510-413f-9758-4897950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:11.000Z",
|
|
"modified": "2015-12-22T14:04:11.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/40ebd6a05c1afaefe9e4eac2932290d23761f4cdf9d93aac2931210b38546d06/analysis/1446114521/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585c-8b48-4eac-b7c8-4761950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:12.000Z",
|
|
"modified": "2015-12-22T14:04:12.000Z",
|
|
"description": "- Xchecked via VT: fec7f191a33df62e733ebfecc7fb26a9",
|
|
"pattern": "[file:hashes.SHA256 = '89635632a546ae862742e9fa1db392eca61f06e73ee04eb495c0134fb9984529']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585c-d080-42df-adc5-4a6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:12.000Z",
|
|
"modified": "2015-12-22T14:04:12.000Z",
|
|
"description": "- Xchecked via VT: fec7f191a33df62e733ebfecc7fb26a9",
|
|
"pattern": "[file:hashes.SHA1 = 'f61f4891c5984dde4ccb8912f85c58744cbb26e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585c-afec-4914-a4ef-42cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:12.000Z",
|
|
"modified": "2015-12-22T14:04:12.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/89635632a546ae862742e9fa1db392eca61f06e73ee04eb495c0134fb9984529/analysis/1445948327/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585c-894c-402e-a61f-4b00950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:12.000Z",
|
|
"modified": "2015-12-22T14:04:12.000Z",
|
|
"description": "- Xchecked via VT: ca9b6e4e2dce9ec8b1e8d58d38ef063a",
|
|
"pattern": "[file:hashes.SHA256 = '9aeedf3e78ba3d525ec22f343e06cf1a7f2639033b74b9804213f91df09690eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585d-1dc4-43d6-b3e1-4578950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:13.000Z",
|
|
"modified": "2015-12-22T14:04:13.000Z",
|
|
"description": "- Xchecked via VT: ca9b6e4e2dce9ec8b1e8d58d38ef063a",
|
|
"pattern": "[file:hashes.SHA1 = 'a29fb5b9536a44084486be46e51fa469c127f563']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585d-f378-48dc-b91a-4ee5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:13.000Z",
|
|
"modified": "2015-12-22T14:04:13.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9aeedf3e78ba3d525ec22f343e06cf1a7f2639033b74b9804213f91df09690eb/analysis/1444887892/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585d-c41c-4500-8d22-4fba950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:13.000Z",
|
|
"modified": "2015-12-22T14:04:13.000Z",
|
|
"description": "- Xchecked via VT: 4b8c3ee0c2d53e40171a029eecf5fa4b",
|
|
"pattern": "[file:hashes.SHA256 = '99d4cfe46f294ca723c6099d8ee38c8b5d19ef676a1a471cdda7bd9a51147d7a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585e-2b58-4fb0-9a41-4b8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:14.000Z",
|
|
"modified": "2015-12-22T14:04:14.000Z",
|
|
"description": "- Xchecked via VT: 4b8c3ee0c2d53e40171a029eecf5fa4b",
|
|
"pattern": "[file:hashes.SHA1 = 'e5e6f6f3949e656a8cc4d1f14b62c66642277e4d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585e-e828-475c-b8ed-48fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:14.000Z",
|
|
"modified": "2015-12-22T14:04:14.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/99d4cfe46f294ca723c6099d8ee38c8b5d19ef676a1a471cdda7bd9a51147d7a/analysis/1450761114/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585e-631c-4ea2-b967-4929950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:14.000Z",
|
|
"modified": "2015-12-22T14:04:14.000Z",
|
|
"description": "- Xchecked via VT: ce5e2aa634b79e070794ca2f987c7d37",
|
|
"pattern": "[file:hashes.SHA256 = '6aa6efa022a0714e97060c6f627758f411bac85eb11db37bcda55bf3552e96ac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585e-987c-4876-b04b-4947950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:14.000Z",
|
|
"modified": "2015-12-22T14:04:14.000Z",
|
|
"description": "- Xchecked via VT: ce5e2aa634b79e070794ca2f987c7d37",
|
|
"pattern": "[file:hashes.SHA1 = '5c07b4b00ef1f706c0a10152b63007261dab202b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585f-30b8-4351-88d9-4417950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:15.000Z",
|
|
"modified": "2015-12-22T14:04:15.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6aa6efa022a0714e97060c6f627758f411bac85eb11db37bcda55bf3552e96ac/analysis/1445007075/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585f-8994-4756-8a5b-4285950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:15.000Z",
|
|
"modified": "2015-12-22T14:04:15.000Z",
|
|
"description": "- Xchecked via VT: 270a96c7dc60853604bb83e96e07ef78",
|
|
"pattern": "[file:hashes.SHA256 = 'e2a4579d010f984a4c3e758dbdd762d0cdcad726459d865a93ab95a0593e2b1a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679585f-8720-4e75-b999-4947950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:15.000Z",
|
|
"modified": "2015-12-22T14:04:15.000Z",
|
|
"description": "- Xchecked via VT: 270a96c7dc60853604bb83e96e07ef78",
|
|
"pattern": "[file:hashes.SHA1 = 'f54eeabd9d81b715ed15c6d0fe9750c6cf537c97']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795860-3d70-4a83-8835-422f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:16.000Z",
|
|
"modified": "2015-12-22T14:04:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e2a4579d010f984a4c3e758dbdd762d0cdcad726459d865a93ab95a0593e2b1a/analysis/1450721093/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795860-9f48-4424-a8ff-435c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:16.000Z",
|
|
"modified": "2015-12-22T14:04:16.000Z",
|
|
"description": "- Xchecked via VT: 89c2717e0902c0c3a8639c5682314c36",
|
|
"pattern": "[file:hashes.SHA256 = 'ccfa027f142763da320636528c7da57ee305808324cd065b683ef99ca34d93d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795860-286c-455f-b53a-401c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:16.000Z",
|
|
"modified": "2015-12-22T14:04:16.000Z",
|
|
"description": "- Xchecked via VT: 89c2717e0902c0c3a8639c5682314c36",
|
|
"pattern": "[file:hashes.SHA1 = '034fbfb4b52835439644512f9073f4e01d281867']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795860-71c8-4014-b30b-4e63950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:16.000Z",
|
|
"modified": "2015-12-22T14:04:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ccfa027f142763da320636528c7da57ee305808324cd065b683ef99ca34d93d7/analysis/1444805154/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795861-5be0-4d9c-8eb9-4891950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:17.000Z",
|
|
"modified": "2015-12-22T14:04:17.000Z",
|
|
"description": "- Xchecked via VT: 6a35cf8737e3ee27f56cb7bd83d1c998",
|
|
"pattern": "[file:hashes.SHA256 = '7e54c34805082f8726e022f939e6e80014fff9152462ef7a6d08f8638a06dcbb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795861-e1d4-4ded-8453-4daf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:17.000Z",
|
|
"modified": "2015-12-22T14:04:17.000Z",
|
|
"description": "- Xchecked via VT: 6a35cf8737e3ee27f56cb7bd83d1c998",
|
|
"pattern": "[file:hashes.SHA1 = 'ef994cf4615bc855d42bed088aef464e7045ee0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795861-27f4-4239-b8d8-401c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:17.000Z",
|
|
"modified": "2015-12-22T14:04:17.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7e54c34805082f8726e022f939e6e80014fff9152462ef7a6d08f8638a06dcbb/analysis/1445354474/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795862-d594-4ee4-ba02-4df5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:18.000Z",
|
|
"modified": "2015-12-22T14:04:18.000Z",
|
|
"description": "- Xchecked via VT: c9d21f107132cdcbb1f38ad354c8987e",
|
|
"pattern": "[file:hashes.SHA256 = '830a54a985fbf126fb759824f05f1f60a09a0b9d9f6fa4f8dbc3fac62583d41c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795862-ae04-48ba-b94a-460d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:18.000Z",
|
|
"modified": "2015-12-22T14:04:18.000Z",
|
|
"description": "- Xchecked via VT: c9d21f107132cdcbb1f38ad354c8987e",
|
|
"pattern": "[file:hashes.SHA1 = 'a4389a33e05053d121aaa6181848118dbb3345a1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795862-a2b0-4d91-af7d-476f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:18.000Z",
|
|
"modified": "2015-12-22T14:04:18.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/830a54a985fbf126fb759824f05f1f60a09a0b9d9f6fa4f8dbc3fac62583d41c/analysis/1450652572/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795862-4164-49d5-8d6a-47d2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:18.000Z",
|
|
"modified": "2015-12-22T14:04:18.000Z",
|
|
"description": "- Xchecked via VT: 18ecce0a5e6475f6477a078fd1dbefea",
|
|
"pattern": "[file:hashes.SHA256 = '865bbd576bf7d53e9ac4d3bb5e41c83906b499a670172b9ccbbcc3ae7c70c9ff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795863-f9f0-41f0-b22d-4ae5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:19.000Z",
|
|
"modified": "2015-12-22T14:04:19.000Z",
|
|
"description": "- Xchecked via VT: 18ecce0a5e6475f6477a078fd1dbefea",
|
|
"pattern": "[file:hashes.SHA1 = '38893b0abe0139d36c58643d177a28a264610a74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795863-bdc8-4970-b90c-4785950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:19.000Z",
|
|
"modified": "2015-12-22T14:04:19.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/865bbd576bf7d53e9ac4d3bb5e41c83906b499a670172b9ccbbcc3ae7c70c9ff/analysis/1450718285/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795863-bd94-4207-a233-4236950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:19.000Z",
|
|
"modified": "2015-12-22T14:04:19.000Z",
|
|
"description": "- Xchecked via VT: 0f984f6ed249128b2ae7c57f4290bf44",
|
|
"pattern": "[file:hashes.SHA256 = '3a424e77e1ef299d5a33c359d4fe019a8ddf05d17936fa3b34ae77bc3478cf63']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795864-b848-4949-a773-4a4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:20.000Z",
|
|
"modified": "2015-12-22T14:04:20.000Z",
|
|
"description": "- Xchecked via VT: 0f984f6ed249128b2ae7c57f4290bf44",
|
|
"pattern": "[file:hashes.SHA1 = 'f1f1736eb3047d18e2e7590b611e3faef82ab89b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795864-45b0-44f6-a160-4068950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:20.000Z",
|
|
"modified": "2015-12-22T14:04:20.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3a424e77e1ef299d5a33c359d4fe019a8ddf05d17936fa3b34ae77bc3478cf63/analysis/1445239703/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795864-afd8-4365-90ef-4aa9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:20.000Z",
|
|
"modified": "2015-12-22T14:04:20.000Z",
|
|
"description": "- Xchecked via VT: 73591e1ed55700b564cf3b67112ea418",
|
|
"pattern": "[file:hashes.SHA256 = '1d010c7f1b6d5412fa6f7e71a058bbad70e9ed9f295d606d867b84c9cc9a32e5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795865-2ea0-491d-a942-4055950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:21.000Z",
|
|
"modified": "2015-12-22T14:04:21.000Z",
|
|
"description": "- Xchecked via VT: 73591e1ed55700b564cf3b67112ea418",
|
|
"pattern": "[file:hashes.SHA1 = '5b60a5ecd52421627b6b1c28a5242116e1982c46']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795865-9c98-427b-bc17-4292950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:21.000Z",
|
|
"modified": "2015-12-22T14:04:21.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1d010c7f1b6d5412fa6f7e71a058bbad70e9ed9f295d606d867b84c9cc9a32e5/analysis/1445361570/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795865-7a78-4282-9ab8-4c98950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:21.000Z",
|
|
"modified": "2015-12-22T14:04:21.000Z",
|
|
"description": "- Xchecked via VT: 2552791e18f8d59793359d1a97fedadf",
|
|
"pattern": "[file:hashes.SHA256 = '820719eeb704e15abd825bc2977a51cc0298fc5dae09c2c6170a30d5cab369ae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795865-4c18-4362-8fbe-4ffb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:21.000Z",
|
|
"modified": "2015-12-22T14:04:21.000Z",
|
|
"description": "- Xchecked via VT: 2552791e18f8d59793359d1a97fedadf",
|
|
"pattern": "[file:hashes.SHA1 = '53957d8e4d98c58be84f241d9f1336b4d53ef60b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795866-d900-4e6c-8cf2-43e7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:22.000Z",
|
|
"modified": "2015-12-22T14:04:22.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/820719eeb704e15abd825bc2977a51cc0298fc5dae09c2c6170a30d5cab369ae/analysis/1446815512/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795866-7594-438e-b76e-4631950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:22.000Z",
|
|
"modified": "2015-12-22T14:04:22.000Z",
|
|
"description": "- Xchecked via VT: f2bed0b0bc0c6b9be3426d0f407c1ae6",
|
|
"pattern": "[file:hashes.SHA256 = '809682bfa18189c4e1c08175c36008e7d8bdfb56d90c1565594bcc0a3f45cf34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795866-63e4-4856-9a07-4091950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:22.000Z",
|
|
"modified": "2015-12-22T14:04:22.000Z",
|
|
"description": "- Xchecked via VT: f2bed0b0bc0c6b9be3426d0f407c1ae6",
|
|
"pattern": "[file:hashes.SHA1 = '8d76aeddc8d61ccd49cea27b734cd4c5134b6695']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795867-c7ec-4215-8f68-4372950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:23.000Z",
|
|
"modified": "2015-12-22T14:04:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/809682bfa18189c4e1c08175c36008e7d8bdfb56d90c1565594bcc0a3f45cf34/analysis/1443697810/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795867-0384-4918-8531-43b7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:23.000Z",
|
|
"modified": "2015-12-22T14:04:23.000Z",
|
|
"description": "- Xchecked via VT: 2b6f72d1d2bcc3bb5394d8aec51c2f8f",
|
|
"pattern": "[file:hashes.SHA256 = '216cebf3e73e4c32aa6522a166c4da3bb861ebcefdd0cc23ea7ff81525bdbc42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795867-4778-432f-9648-4332950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:23.000Z",
|
|
"modified": "2015-12-22T14:04:23.000Z",
|
|
"description": "- Xchecked via VT: 2b6f72d1d2bcc3bb5394d8aec51c2f8f",
|
|
"pattern": "[file:hashes.SHA1 = '7ee611cd602f2153c37934c80b561d0842fb8d79']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795867-6834-4574-b5b3-47b7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:23.000Z",
|
|
"modified": "2015-12-22T14:04:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/216cebf3e73e4c32aa6522a166c4da3bb861ebcefdd0cc23ea7ff81525bdbc42/analysis/1443884089/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795868-a50c-41f4-8c49-4cec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:24.000Z",
|
|
"modified": "2015-12-22T14:04:24.000Z",
|
|
"description": "- Xchecked via VT: f85c0620ccb8df3d9fb9de96bfe90248",
|
|
"pattern": "[file:hashes.SHA256 = '9ebbfedd4974598afa30e87d00c892d0ac8145b0ad3b68d383344db18b043018']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795868-a898-4bbb-9021-4265950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:24.000Z",
|
|
"modified": "2015-12-22T14:04:24.000Z",
|
|
"description": "- Xchecked via VT: f85c0620ccb8df3d9fb9de96bfe90248",
|
|
"pattern": "[file:hashes.SHA1 = 'c5baf8f1c2ef1329ab7045e39b8abea00a0c4e32']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795868-1654-45d9-9c23-4739950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:24.000Z",
|
|
"modified": "2015-12-22T14:04:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9ebbfedd4974598afa30e87d00c892d0ac8145b0ad3b68d383344db18b043018/analysis/1444357285/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795868-7554-4e01-a17a-4141950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:24.000Z",
|
|
"modified": "2015-12-22T14:04:24.000Z",
|
|
"description": "- Xchecked via VT: 13f636821e64bc586cbbb99f694fed00",
|
|
"pattern": "[file:hashes.SHA256 = 'c03181e7513df98d4cb64075d198d1eb46dc6eb9582de2f3d65a3d50c91a0b9c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795868-8a68-4afe-a189-4743950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:24.000Z",
|
|
"modified": "2015-12-22T14:04:24.000Z",
|
|
"description": "- Xchecked via VT: 13f636821e64bc586cbbb99f694fed00",
|
|
"pattern": "[file:hashes.SHA1 = '81fd066e173c312e2e8e6525c5164310fafad739']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795869-7730-4fde-a5d2-434d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:25.000Z",
|
|
"modified": "2015-12-22T14:04:25.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c03181e7513df98d4cb64075d198d1eb46dc6eb9582de2f3d65a3d50c91a0b9c/analysis/1445465929/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795869-6ed0-4bb7-83ba-45fb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:25.000Z",
|
|
"modified": "2015-12-22T14:04:25.000Z",
|
|
"description": "- Xchecked via VT: 4073d5fd3e1c241d80c815f6fc2b82ec",
|
|
"pattern": "[file:hashes.SHA256 = '4419e50012745a63c65bfdf0edcc1a742409e0c34e5eeb34dfe007f7a567e4cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795869-f258-4ef1-961f-451b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:25.000Z",
|
|
"modified": "2015-12-22T14:04:25.000Z",
|
|
"description": "- Xchecked via VT: 4073d5fd3e1c241d80c815f6fc2b82ec",
|
|
"pattern": "[file:hashes.SHA1 = '82f6f7e716a062cb27c59b6f6e1e1ac5e2e1fa2a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586a-4298-4d11-8fa9-4c5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:26.000Z",
|
|
"modified": "2015-12-22T14:04:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/4419e50012745a63c65bfdf0edcc1a742409e0c34e5eeb34dfe007f7a567e4cf/analysis/1445949930/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586a-9ef8-49e2-b530-48ee950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:26.000Z",
|
|
"modified": "2015-12-22T14:04:26.000Z",
|
|
"description": "- Xchecked via VT: 9dc1896e931dddc19dd479cf70da0845",
|
|
"pattern": "[file:hashes.SHA256 = 'd6bbdd4114223859c0f04d8a9cf963e67f38abe550dcb0a15ad1cea94b980117']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586a-47c0-4891-9c0f-4153950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:26.000Z",
|
|
"modified": "2015-12-22T14:04:26.000Z",
|
|
"description": "- Xchecked via VT: 9dc1896e931dddc19dd479cf70da0845",
|
|
"pattern": "[file:hashes.SHA1 = '242294fc0fd613c5f9d30fbdce7175111dc17573']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586a-ca1c-4041-9d63-40a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:26.000Z",
|
|
"modified": "2015-12-22T14:04:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d6bbdd4114223859c0f04d8a9cf963e67f38abe550dcb0a15ad1cea94b980117/analysis/1443602342/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586b-e928-41a6-9dc1-4fe4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:27.000Z",
|
|
"modified": "2015-12-22T14:04:27.000Z",
|
|
"description": "- Xchecked via VT: c67fe00db1af880bf19943df7d786c76",
|
|
"pattern": "[file:hashes.SHA256 = 'b42221f8045a7fe89d5aa7419bb5874b72676804670aed4fc12e4d58b79054a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586b-60b8-4914-9e9c-432f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:27.000Z",
|
|
"modified": "2015-12-22T14:04:27.000Z",
|
|
"description": "- Xchecked via VT: c67fe00db1af880bf19943df7d786c76",
|
|
"pattern": "[file:hashes.SHA1 = '25d047d7cf5e0fb376e6bad960695f2dd8b61ad1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586b-1fc4-42b1-9838-43cc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:27.000Z",
|
|
"modified": "2015-12-22T14:04:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b42221f8045a7fe89d5aa7419bb5874b72676804670aed4fc12e4d58b79054a3/analysis/1448607189/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586c-c40c-4fb1-bb70-459f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:28.000Z",
|
|
"modified": "2015-12-22T14:04:28.000Z",
|
|
"description": "- Xchecked via VT: e7b744d5a642cb1c9992fae127206aca",
|
|
"pattern": "[file:hashes.SHA256 = '7cffba18c0c1717f83945e81055e77ea6746f6bf0337ffe9f67530c564693e6a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586c-8a0c-4ae1-ad86-4df2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:28.000Z",
|
|
"modified": "2015-12-22T14:04:28.000Z",
|
|
"description": "- Xchecked via VT: e7b744d5a642cb1c9992fae127206aca",
|
|
"pattern": "[file:hashes.SHA1 = '10b451d44886398b77bfb24d2a499b848f6b1990']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586c-d7c4-4cc3-aec5-47d0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:28.000Z",
|
|
"modified": "2015-12-22T14:04:28.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7cffba18c0c1717f83945e81055e77ea6746f6bf0337ffe9f67530c564693e6a/analysis/1444934288/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586c-ad20-4082-a129-46d4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:28.000Z",
|
|
"modified": "2015-12-22T14:04:28.000Z",
|
|
"description": "- Xchecked via VT: 0cd5ebd100022c928e09145800d3a58a",
|
|
"pattern": "[file:hashes.SHA256 = 'd9a8175357b2d2c4a8823890e1fb41d76a59b7719bd3ea307c825bfcc28e4bf3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586d-3604-46d1-99b9-4024950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:29.000Z",
|
|
"modified": "2015-12-22T14:04:29.000Z",
|
|
"description": "- Xchecked via VT: 0cd5ebd100022c928e09145800d3a58a",
|
|
"pattern": "[file:hashes.SHA1 = 'a681007dd383219a720e4c0b04f57ab5e9f35c4f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586d-6dc4-4c79-8b2a-4739950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:29.000Z",
|
|
"modified": "2015-12-22T14:04:29.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d9a8175357b2d2c4a8823890e1fb41d76a59b7719bd3ea307c825bfcc28e4bf3/analysis/1444999626/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586d-4850-41da-b579-4c5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:29.000Z",
|
|
"modified": "2015-12-22T14:04:29.000Z",
|
|
"description": "- Xchecked via VT: be5ed7bec23581c268acee395811e4b9",
|
|
"pattern": "[file:hashes.SHA256 = '1e11f47a32c608f7ddbb9e5b84575759db939c04721173c7b9e2ffd0d0c7d77b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586e-10bc-466a-b857-4581950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:30.000Z",
|
|
"modified": "2015-12-22T14:04:30.000Z",
|
|
"description": "- Xchecked via VT: be5ed7bec23581c268acee395811e4b9",
|
|
"pattern": "[file:hashes.SHA1 = '636761bf3ee1cb6230207d4347b0f51c44dc5b89']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586e-3fe0-48be-8c4a-4d7f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:30.000Z",
|
|
"modified": "2015-12-22T14:04:30.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1e11f47a32c608f7ddbb9e5b84575759db939c04721173c7b9e2ffd0d0c7d77b/analysis/1444813425/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586e-02a8-4263-99d4-43d2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:30.000Z",
|
|
"modified": "2015-12-22T14:04:30.000Z",
|
|
"description": "- Xchecked via VT: 651f54989a9ab1e84b784cb1d11db33c",
|
|
"pattern": "[file:hashes.SHA256 = '528c5987d398e17ab751804c4c8a4e2d479c5e238243da3b146a3d941175d4af']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586f-d744-4942-ae43-4900950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:31.000Z",
|
|
"modified": "2015-12-22T14:04:31.000Z",
|
|
"description": "- Xchecked via VT: 651f54989a9ab1e84b784cb1d11db33c",
|
|
"pattern": "[file:hashes.SHA1 = 'cb0c3bb94d025f6fc6fc6126c6747473acb994e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586f-f484-4cf5-9a4b-4741950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:31.000Z",
|
|
"modified": "2015-12-22T14:04:31.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/528c5987d398e17ab751804c4c8a4e2d479c5e238243da3b146a3d941175d4af/analysis/1450718182/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586f-b884-495c-a4f9-4014950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:31.000Z",
|
|
"modified": "2015-12-22T14:04:31.000Z",
|
|
"description": "- Xchecked via VT: 864ce37676d85a15d6f84e30ea4bce33",
|
|
"pattern": "[file:hashes.SHA256 = 'b6de8e38dd34617201cbb67d6b39bfc1beddb476fe372800f2b360ce55dbfbcb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679586f-c700-4cf3-913f-45fe950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:31.000Z",
|
|
"modified": "2015-12-22T14:04:31.000Z",
|
|
"description": "- Xchecked via VT: 864ce37676d85a15d6f84e30ea4bce33",
|
|
"pattern": "[file:hashes.SHA1 = '80740dca8ba382d02356a50144e9e25207cd35a9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795870-5e00-4f41-bbbe-4326950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:32.000Z",
|
|
"modified": "2015-12-22T14:04:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b6de8e38dd34617201cbb67d6b39bfc1beddb476fe372800f2b360ce55dbfbcb/analysis/1445943589/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795870-ea40-456a-96f2-4d0e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:32.000Z",
|
|
"modified": "2015-12-22T14:04:32.000Z",
|
|
"description": "- Xchecked via VT: 0f2cde056639fc419d4e5b611961f235",
|
|
"pattern": "[file:hashes.SHA256 = 'b4fb6457274dd7eb883ba0a9e7e7da8ec5dd754d595f249d519c852dc3e87dbe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795870-9974-454b-9328-411e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:32.000Z",
|
|
"modified": "2015-12-22T14:04:32.000Z",
|
|
"description": "- Xchecked via VT: 0f2cde056639fc419d4e5b611961f235",
|
|
"pattern": "[file:hashes.SHA1 = 'c135c43e667ab33685e2f3551a6ac4eda298a2d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795870-322c-4596-930d-4d35950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:32.000Z",
|
|
"modified": "2015-12-22T14:04:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b4fb6457274dd7eb883ba0a9e7e7da8ec5dd754d595f249d519c852dc3e87dbe/analysis/1445434482/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795871-e26c-43cb-9cc5-4c2c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:33.000Z",
|
|
"modified": "2015-12-22T14:04:33.000Z",
|
|
"description": "- Xchecked via VT: 4e7cc7a7e79ee6914265774ed2243bf9",
|
|
"pattern": "[file:hashes.SHA256 = '5c27e2543047c026f9c3aaf4bf3921c29b9603111947f0529b675c5a02004481']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795871-7a8c-48b9-8b1e-4f7f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:33.000Z",
|
|
"modified": "2015-12-22T14:04:33.000Z",
|
|
"description": "- Xchecked via VT: 4e7cc7a7e79ee6914265774ed2243bf9",
|
|
"pattern": "[file:hashes.SHA1 = '41777324ef6a1d7c39bd98dba34f6f354901f306']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795871-4230-49ef-adfc-4477950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:33.000Z",
|
|
"modified": "2015-12-22T14:04:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5c27e2543047c026f9c3aaf4bf3921c29b9603111947f0529b675c5a02004481/analysis/1446904500/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795872-e1ac-4810-8e9f-4930950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:34.000Z",
|
|
"modified": "2015-12-22T14:04:34.000Z",
|
|
"description": "- Xchecked via VT: e40caf22393125ca9df0ca3e258798bf",
|
|
"pattern": "[file:hashes.SHA256 = 'e7deb9bf4b8bb43d14df97379032e74f7e57c16b8aa2f6ea0330d743c2cc1f44']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795872-5968-4299-ba2d-49f5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:34.000Z",
|
|
"modified": "2015-12-22T14:04:34.000Z",
|
|
"description": "- Xchecked via VT: e40caf22393125ca9df0ca3e258798bf",
|
|
"pattern": "[file:hashes.SHA1 = '2a2137b881d04698404263bf9a84ebda3e22e222']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795872-4c68-486e-b205-47b3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:34.000Z",
|
|
"modified": "2015-12-22T14:04:34.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e7deb9bf4b8bb43d14df97379032e74f7e57c16b8aa2f6ea0330d743c2cc1f44/analysis/1446815178/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795873-fa6c-452a-9a76-4633950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:35.000Z",
|
|
"modified": "2015-12-22T14:04:35.000Z",
|
|
"description": "- Xchecked via VT: 1a1f446fca92b54c42bdba4f835d51b0",
|
|
"pattern": "[file:hashes.SHA256 = '48ee4188546ad3cd15fbf695317f6a083895b24710518ec7170508723e4f0d94']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795873-d364-4e09-8946-4db7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:35.000Z",
|
|
"modified": "2015-12-22T14:04:35.000Z",
|
|
"description": "- Xchecked via VT: 1a1f446fca92b54c42bdba4f835d51b0",
|
|
"pattern": "[file:hashes.SHA1 = 'bda8797ac13a531650df43430f5036380a8ad66b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795873-26a0-4500-919d-4d67950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:35.000Z",
|
|
"modified": "2015-12-22T14:04:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/48ee4188546ad3cd15fbf695317f6a083895b24710518ec7170508723e4f0d94/analysis/1446113099/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795873-07c4-4817-ab18-44db950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:35.000Z",
|
|
"modified": "2015-12-22T14:04:35.000Z",
|
|
"description": "- Xchecked via VT: ff5ab5d563e91accb2db859df7ca7807",
|
|
"pattern": "[file:hashes.SHA256 = '6b15207f95037ff776facd810efc51049e597fd078f14b3983e6842be332211c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795874-8b0c-4dbd-bcb9-4d9c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:36.000Z",
|
|
"modified": "2015-12-22T14:04:36.000Z",
|
|
"description": "- Xchecked via VT: ff5ab5d563e91accb2db859df7ca7807",
|
|
"pattern": "[file:hashes.SHA1 = 'a5646ca47d568c5802355da9520b9e8ae62701bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795874-b04c-449d-8ead-4113950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:36.000Z",
|
|
"modified": "2015-12-22T14:04:36.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6b15207f95037ff776facd810efc51049e597fd078f14b3983e6842be332211c/analysis/1445261369/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795874-6eb0-47d0-b2d0-48fd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:36.000Z",
|
|
"modified": "2015-12-22T14:04:36.000Z",
|
|
"description": "- Xchecked via VT: 960fad6a2ceddd0abfb74302c7ae7420",
|
|
"pattern": "[file:hashes.SHA256 = 'ac1e8116fc009ce2601bd528e734a337bdd19838eb043bcb7e03fa89bf56ba8b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795875-3fc0-4d7d-bc07-4514950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:37.000Z",
|
|
"modified": "2015-12-22T14:04:37.000Z",
|
|
"description": "- Xchecked via VT: 960fad6a2ceddd0abfb74302c7ae7420",
|
|
"pattern": "[file:hashes.SHA1 = '42d29a2ed5f8b5e52ef36246e1a9fe558684b34d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795875-8cd0-4270-b4be-4cc1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:37.000Z",
|
|
"modified": "2015-12-22T14:04:37.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ac1e8116fc009ce2601bd528e734a337bdd19838eb043bcb7e03fa89bf56ba8b/analysis/1445358176/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795875-e354-4212-99a7-4e9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:37.000Z",
|
|
"modified": "2015-12-22T14:04:37.000Z",
|
|
"description": "- Xchecked via VT: a76dddc8669f5faae257edec9bdab1c7",
|
|
"pattern": "[file:hashes.SHA256 = 'd47f3eebb3837a483c1048361d60611611a1fe44414c1c9702889a92b689f6d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795875-05fc-4925-b04f-49e4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:37.000Z",
|
|
"modified": "2015-12-22T14:04:37.000Z",
|
|
"description": "- Xchecked via VT: a76dddc8669f5faae257edec9bdab1c7",
|
|
"pattern": "[file:hashes.SHA1 = '833c64ac627258f691c11b8e3e9d6bca2942aa68']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795876-1504-49bb-8e2b-4596950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:38.000Z",
|
|
"modified": "2015-12-22T14:04:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d47f3eebb3837a483c1048361d60611611a1fe44414c1c9702889a92b689f6d7/analysis/1444058071/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795876-0954-4e70-9e32-4841950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:38.000Z",
|
|
"modified": "2015-12-22T14:04:38.000Z",
|
|
"description": "- Xchecked via VT: f8c6add81b8ce52691ae650aff51c36b",
|
|
"pattern": "[file:hashes.SHA256 = '46c6b7541821eb4bbdc7960c718ec5b77a28feb5ee85433cf1f50f5edfadaa68']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795876-a1d8-482d-acb0-43f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:38.000Z",
|
|
"modified": "2015-12-22T14:04:38.000Z",
|
|
"description": "- Xchecked via VT: f8c6add81b8ce52691ae650aff51c36b",
|
|
"pattern": "[file:hashes.SHA1 = '4ff5f7b73603e84c5e607071ee975a3ec93bf7fd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795877-ad7c-4e20-a0ac-4bc0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:39.000Z",
|
|
"modified": "2015-12-22T14:04:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/46c6b7541821eb4bbdc7960c718ec5b77a28feb5ee85433cf1f50f5edfadaa68/analysis/1446815696/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795877-031c-4e39-8820-436c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:39.000Z",
|
|
"modified": "2015-12-22T14:04:39.000Z",
|
|
"description": "- Xchecked via VT: 90169688b969a9993c56ee516a330b67",
|
|
"pattern": "[file:hashes.SHA256 = '875d3cf73c60698e856bbf9671ca85d32072e7b1dfa597d491c3aff1ed07acfa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795877-36f4-4997-8517-4b52950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:39.000Z",
|
|
"modified": "2015-12-22T14:04:39.000Z",
|
|
"description": "- Xchecked via VT: 90169688b969a9993c56ee516a330b67",
|
|
"pattern": "[file:hashes.SHA1 = '361d1747999ec0d5b5e478cf2689585b2729099b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795877-a690-4a54-8cb6-4c8a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:39.000Z",
|
|
"modified": "2015-12-22T14:04:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/875d3cf73c60698e856bbf9671ca85d32072e7b1dfa597d491c3aff1ed07acfa/analysis/1444704307/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795878-3c38-4099-bda5-4d5e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:40.000Z",
|
|
"modified": "2015-12-22T14:04:40.000Z",
|
|
"description": "- Xchecked via VT: a756a58053b3348cc91569034362ddfa",
|
|
"pattern": "[file:hashes.SHA256 = '8be146fc181bd0ec84165ace1fe94db046e3354c99b72cb4e5d4586d0f1e1af8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795878-6600-48e3-ac3d-4f10950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:40.000Z",
|
|
"modified": "2015-12-22T14:04:40.000Z",
|
|
"description": "- Xchecked via VT: a756a58053b3348cc91569034362ddfa",
|
|
"pattern": "[file:hashes.SHA1 = '5cc0364981c173c495ed89ed2827547256ff4900']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795878-b480-4e9f-9740-40bb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:40.000Z",
|
|
"modified": "2015-12-22T14:04:40.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8be146fc181bd0ec84165ace1fe94db046e3354c99b72cb4e5d4586d0f1e1af8/analysis/1444762420/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795879-7038-49f2-a56c-45e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:41.000Z",
|
|
"modified": "2015-12-22T14:04:41.000Z",
|
|
"description": "- Xchecked via VT: 68641076d375255f818985cfaad52b39",
|
|
"pattern": "[file:hashes.SHA256 = '53d0197e7bfc44e218e824fbabbb58e90dc05ea3910b396a77ee4b3b100a753f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795879-71bc-4cd1-b847-4c6a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:41.000Z",
|
|
"modified": "2015-12-22T14:04:41.000Z",
|
|
"description": "- Xchecked via VT: 68641076d375255f818985cfaad52b39",
|
|
"pattern": "[file:hashes.SHA1 = 'ba6c04919e69258e5fde18fdbde508d7d3163b60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795879-9e3c-4ca9-ab6b-416d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:41.000Z",
|
|
"modified": "2015-12-22T14:04:41.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/53d0197e7bfc44e218e824fbabbb58e90dc05ea3910b396a77ee4b3b100a753f/analysis/1446806210/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587a-0078-4162-a9ff-4a45950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:42.000Z",
|
|
"modified": "2015-12-22T14:04:42.000Z",
|
|
"description": "- Xchecked via VT: 4de5878d18cf420f4a330a43ca6ba0be",
|
|
"pattern": "[file:hashes.SHA256 = '8b9b4f2569cdda67209706b8c3832e0553f388618ed9d0a8010bfa2c3919a835']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587a-7488-49ec-8d48-438e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:42.000Z",
|
|
"modified": "2015-12-22T14:04:42.000Z",
|
|
"description": "- Xchecked via VT: 4de5878d18cf420f4a330a43ca6ba0be",
|
|
"pattern": "[file:hashes.SHA1 = 'd8c6eaac49a509b00e6a97f0dc4839788c915f66']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587a-3f0c-499f-9ebd-4602950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:42.000Z",
|
|
"modified": "2015-12-22T14:04:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8b9b4f2569cdda67209706b8c3832e0553f388618ed9d0a8010bfa2c3919a835/analysis/1450760589/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587a-92d4-4522-ba52-418e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:42.000Z",
|
|
"modified": "2015-12-22T14:04:42.000Z",
|
|
"description": "- Xchecked via VT: ae787b8f97ed9bb7a7eb1fff4e0f5e4f",
|
|
"pattern": "[file:hashes.SHA256 = 'e0996f0c3eea904d78477dfc452885fff14b3c8f2a3665b01b17ff3097f4c818']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587b-7448-4ceb-a540-4b84950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:43.000Z",
|
|
"modified": "2015-12-22T14:04:43.000Z",
|
|
"description": "- Xchecked via VT: ae787b8f97ed9bb7a7eb1fff4e0f5e4f",
|
|
"pattern": "[file:hashes.SHA1 = 'b92568a8a233b94ce48e19de38f2a19673b99887']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587b-45f0-4539-8241-4705950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:43.000Z",
|
|
"modified": "2015-12-22T14:04:43.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e0996f0c3eea904d78477dfc452885fff14b3c8f2a3665b01b17ff3097f4c818/analysis/1447152267/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587b-5150-45b6-9662-4b4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:43.000Z",
|
|
"modified": "2015-12-22T14:04:43.000Z",
|
|
"description": "- Xchecked via VT: a449683b2bac104c4cff48a199d4f884",
|
|
"pattern": "[file:hashes.SHA256 = 'aa21dfe9a4c402063e2070045a9820aa0f80fb1d1feef92b12fa95eb6457be74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587c-35dc-4f9d-a12a-47a4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:44.000Z",
|
|
"modified": "2015-12-22T14:04:44.000Z",
|
|
"description": "- Xchecked via VT: a449683b2bac104c4cff48a199d4f884",
|
|
"pattern": "[file:hashes.SHA1 = '269f97929eb168a306e07298fa291d616ed2f2d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587c-c968-42cf-92ce-4375950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:44.000Z",
|
|
"modified": "2015-12-22T14:04:44.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/aa21dfe9a4c402063e2070045a9820aa0f80fb1d1feef92b12fa95eb6457be74/analysis/1446814189/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587c-164c-4024-83d5-464e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:44.000Z",
|
|
"modified": "2015-12-22T14:04:44.000Z",
|
|
"description": "- Xchecked via VT: c7524a17b32bde68f2aa9fad37751e50",
|
|
"pattern": "[file:hashes.SHA256 = 'b5660ed3f56f7990e1e984a5ac4eee4827749807dbf217a55e19056c8e927ef5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587c-08dc-4cfc-be3f-4308950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:44.000Z",
|
|
"modified": "2015-12-22T14:04:44.000Z",
|
|
"description": "- Xchecked via VT: c7524a17b32bde68f2aa9fad37751e50",
|
|
"pattern": "[file:hashes.SHA1 = '18c2cdd1db9407b2a1f7589a4e4a4ab5eaab92d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587d-74d0-475e-8ad3-44d8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:45.000Z",
|
|
"modified": "2015-12-22T14:04:45.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b5660ed3f56f7990e1e984a5ac4eee4827749807dbf217a55e19056c8e927ef5/analysis/1444868742/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587d-bb3c-46e3-8d9d-48c5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:45.000Z",
|
|
"modified": "2015-12-22T14:04:45.000Z",
|
|
"description": "- Xchecked via VT: 68a9e766feb1e342ac14bd07301f99fe",
|
|
"pattern": "[file:hashes.SHA256 = '6249270882b40a7f2f9909551aa07cee4db4add3d62a55ee8b31188d9855fcec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587d-a4d4-452c-88c1-46c5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:45.000Z",
|
|
"modified": "2015-12-22T14:04:45.000Z",
|
|
"description": "- Xchecked via VT: 68a9e766feb1e342ac14bd07301f99fe",
|
|
"pattern": "[file:hashes.SHA1 = '1551b6e9530c54b91c8289ee2a393b5c0a7aec0b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587e-8314-4e33-be60-4315950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:46.000Z",
|
|
"modified": "2015-12-22T14:04:46.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6249270882b40a7f2f9909551aa07cee4db4add3d62a55ee8b31188d9855fcec/analysis/1447828205/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587e-ace4-4631-b4b8-4d16950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:46.000Z",
|
|
"modified": "2015-12-22T14:04:46.000Z",
|
|
"description": "- Xchecked via VT: 65dcc596eb7642c485e097f20934ca20",
|
|
"pattern": "[file:hashes.SHA256 = '44a1f4ecc243e21261c2d434cba3009eca403e438aa78c92df7c9d4b05e74a09']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587e-3430-4ba0-9d7a-4aba950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:46.000Z",
|
|
"modified": "2015-12-22T14:04:46.000Z",
|
|
"description": "- Xchecked via VT: 65dcc596eb7642c485e097f20934ca20",
|
|
"pattern": "[file:hashes.SHA1 = '1c24c64cbfc268915770354e9194f4d5ac5325a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587f-db68-4fed-8914-437e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:47.000Z",
|
|
"modified": "2015-12-22T14:04:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/44a1f4ecc243e21261c2d434cba3009eca403e438aa78c92df7c9d4b05e74a09/analysis/1444765581/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587f-24a4-4e7d-bc46-4e8c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:47.000Z",
|
|
"modified": "2015-12-22T14:04:47.000Z",
|
|
"description": "- Xchecked via VT: fd5cdd41ade62f96d87cbd46eaf02e58",
|
|
"pattern": "[file:hashes.SHA256 = 'c173120d9bdb381bbf5f54076ca996dc61904a731f3edf9a09dc217e1e6b3fa3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587f-bf10-4899-842d-4142950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:47.000Z",
|
|
"modified": "2015-12-22T14:04:47.000Z",
|
|
"description": "- Xchecked via VT: fd5cdd41ade62f96d87cbd46eaf02e58",
|
|
"pattern": "[file:hashes.SHA1 = '1a25147c1ae6a1b6e9ba607bc9712f4a7bf9a66c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679587f-d3a8-4116-b09a-434a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:47.000Z",
|
|
"modified": "2015-12-22T14:04:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c173120d9bdb381bbf5f54076ca996dc61904a731f3edf9a09dc217e1e6b3fa3/analysis/1445325105/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795880-4a18-4503-9ec4-417d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:48.000Z",
|
|
"modified": "2015-12-22T14:04:48.000Z",
|
|
"description": "- Xchecked via VT: f337f4dfb3d37d4246f5fa403ac5a617",
|
|
"pattern": "[file:hashes.SHA256 = '51f0ecae2e14d18ae1a86e4a791a847525f703aed1b5193966bcd4f6792cbd25']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795880-0dd4-4087-a599-474d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:48.000Z",
|
|
"modified": "2015-12-22T14:04:48.000Z",
|
|
"description": "- Xchecked via VT: f337f4dfb3d37d4246f5fa403ac5a617",
|
|
"pattern": "[file:hashes.SHA1 = '5333e6ec4be21c5f74d9c274e4dd79b4fc61e432']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795880-0a20-4f5d-8e92-4c63950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:48.000Z",
|
|
"modified": "2015-12-22T14:04:48.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/51f0ecae2e14d18ae1a86e4a791a847525f703aed1b5193966bcd4f6792cbd25/analysis/1450760538/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795881-3318-4b5e-ab4b-463a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:49.000Z",
|
|
"modified": "2015-12-22T14:04:49.000Z",
|
|
"description": "- Xchecked via VT: b0d1a876caa3147aecf0ebd282a7c028",
|
|
"pattern": "[file:hashes.SHA256 = 'e51f144b82cdc94d21628329158884cccff6c4c57a67bdc58239af352afc3bfb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795881-bb20-46d8-b3b2-4c5e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:49.000Z",
|
|
"modified": "2015-12-22T14:04:49.000Z",
|
|
"description": "- Xchecked via VT: b0d1a876caa3147aecf0ebd282a7c028",
|
|
"pattern": "[file:hashes.SHA1 = '9d04d97714eb0377b55e8106f405d0db987a133b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795881-23c4-4379-92a7-4e4a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:49.000Z",
|
|
"modified": "2015-12-22T14:04:49.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e51f144b82cdc94d21628329158884cccff6c4c57a67bdc58239af352afc3bfb/analysis/1446904497/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795881-20d4-49d5-969d-49f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:49.000Z",
|
|
"modified": "2015-12-22T14:04:49.000Z",
|
|
"description": "- Xchecked via VT: 2933cbaad75718136faadebbdbec4cf2",
|
|
"pattern": "[file:hashes.SHA256 = '1c3abc8876852469cf0c2d1a31f3eedd5f191afe701ccb7a6b92e1e8f3f238f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795882-a8b8-4753-ab87-419f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:50.000Z",
|
|
"modified": "2015-12-22T14:04:50.000Z",
|
|
"description": "- Xchecked via VT: 2933cbaad75718136faadebbdbec4cf2",
|
|
"pattern": "[file:hashes.SHA1 = '837718ef5fa563b54db4654a5236a576dbb42374']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795882-3840-4e8c-9e4a-4f93950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:50.000Z",
|
|
"modified": "2015-12-22T14:04:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1c3abc8876852469cf0c2d1a31f3eedd5f191afe701ccb7a6b92e1e8f3f238f1/analysis/1450760927/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795882-0e80-4bd2-a164-45c7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:50.000Z",
|
|
"modified": "2015-12-22T14:04:50.000Z",
|
|
"description": "- Xchecked via VT: 5af9933f2e2195e596bd18bca8710390",
|
|
"pattern": "[file:hashes.SHA256 = 'fb4fa48937aa40f1d451cc92bebe9db175d8ac30bf8f5aaa65eebffdacaf79c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795883-6688-41d0-b030-4959950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:51.000Z",
|
|
"modified": "2015-12-22T14:04:51.000Z",
|
|
"description": "- Xchecked via VT: 5af9933f2e2195e596bd18bca8710390",
|
|
"pattern": "[file:hashes.SHA1 = '886e11c255b705cb8d6245fb90fcbb3db91d5d84']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795883-50e8-49da-9b57-489e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:51.000Z",
|
|
"modified": "2015-12-22T14:04:51.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/fb4fa48937aa40f1d451cc92bebe9db175d8ac30bf8f5aaa65eebffdacaf79c2/analysis/1445416516/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795883-ff34-4389-9518-4a87950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:51.000Z",
|
|
"modified": "2015-12-22T14:04:51.000Z",
|
|
"description": "- Xchecked via VT: f8c3fd2b568510d20ff458596b8a1772",
|
|
"pattern": "[file:hashes.SHA256 = 'da945f2d23316e638f36b58b72fec15d462d32364a25e585cf0f3c2e0069bc29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795884-bae8-4b48-bdf6-40ce950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:52.000Z",
|
|
"modified": "2015-12-22T14:04:52.000Z",
|
|
"description": "- Xchecked via VT: f8c3fd2b568510d20ff458596b8a1772",
|
|
"pattern": "[file:hashes.SHA1 = 'f8f106d40b3f22a759e8b905576d16ac3176cffc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795884-f290-4845-b3fa-4e54950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:52.000Z",
|
|
"modified": "2015-12-22T14:04:52.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/da945f2d23316e638f36b58b72fec15d462d32364a25e585cf0f3c2e0069bc29/analysis/1446805713/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795884-d8a8-434b-985a-4971950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:52.000Z",
|
|
"modified": "2015-12-22T14:04:52.000Z",
|
|
"description": "- Xchecked via VT: 7b862c0f2eacf215588d2543d686172e",
|
|
"pattern": "[file:hashes.SHA256 = '63c5f4fd199361dfa11bac7ff509fc137f6880ab1529917f2510870ac0aaf1fc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795884-0198-40eb-9a5b-444c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:52.000Z",
|
|
"modified": "2015-12-22T14:04:52.000Z",
|
|
"description": "- Xchecked via VT: 7b862c0f2eacf215588d2543d686172e",
|
|
"pattern": "[file:hashes.SHA1 = 'cad2152b611b6f6ae99385e90c43af101f029d85']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795885-636c-470b-952a-461d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:53.000Z",
|
|
"modified": "2015-12-22T14:04:53.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/63c5f4fd199361dfa11bac7ff509fc137f6880ab1529917f2510870ac0aaf1fc/analysis/1450688733/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795885-3560-40bb-ac44-4f68950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:53.000Z",
|
|
"modified": "2015-12-22T14:04:53.000Z",
|
|
"description": "- Xchecked via VT: 34318dbf1370711a81d4a0b05baee532",
|
|
"pattern": "[file:hashes.SHA256 = 'd17cfdf4329112dc5e18be25cdef1370b868abde6c81229fa1658884a72fdcfd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795885-429c-40d1-97e6-4745950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:53.000Z",
|
|
"modified": "2015-12-22T14:04:53.000Z",
|
|
"description": "- Xchecked via VT: 34318dbf1370711a81d4a0b05baee532",
|
|
"pattern": "[file:hashes.SHA1 = '1f2a06374793cbc6c36dc76c5a6b9a73cbb4d2d6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795886-9e84-4d7b-83ee-4761950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:54.000Z",
|
|
"modified": "2015-12-22T14:04:54.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d17cfdf4329112dc5e18be25cdef1370b868abde6c81229fa1658884a72fdcfd/analysis/1450721433/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795886-c348-403f-a410-4146950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:54.000Z",
|
|
"modified": "2015-12-22T14:04:54.000Z",
|
|
"description": "- Xchecked via VT: a6fe9b7abb184b091076372b121a79ac",
|
|
"pattern": "[file:hashes.SHA256 = 'c7c53a2656c6b70f84f60fbfcffa7c68a10eb994792ae5ea0403e1aa9bcb94f8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795886-cad8-462f-a71f-4316950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:54.000Z",
|
|
"modified": "2015-12-22T14:04:54.000Z",
|
|
"description": "- Xchecked via VT: a6fe9b7abb184b091076372b121a79ac",
|
|
"pattern": "[file:hashes.SHA1 = 'fdda794707092eb3203a02635271d03a8782d55c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795886-09a0-4a65-b829-4804950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:54.000Z",
|
|
"modified": "2015-12-22T14:04:54.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c7c53a2656c6b70f84f60fbfcffa7c68a10eb994792ae5ea0403e1aa9bcb94f8/analysis/1445233085/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795887-fd3c-40ae-b9ca-4bfe950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:55.000Z",
|
|
"modified": "2015-12-22T14:04:55.000Z",
|
|
"description": "- Xchecked via VT: 77fd95040a9d6d73c595d72d5b765673",
|
|
"pattern": "[file:hashes.SHA256 = '4f80e0d271804fe371cc3d6d96b32c31d4c6892f4de1404dde283ca0d1a10a83']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795887-b4b8-42da-a9de-4d77950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:55.000Z",
|
|
"modified": "2015-12-22T14:04:55.000Z",
|
|
"description": "- Xchecked via VT: 77fd95040a9d6d73c595d72d5b765673",
|
|
"pattern": "[file:hashes.SHA1 = '3c1ff6d1a9ca7701a7cf1ce60647a5dfaeab3878']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795887-8848-4598-9793-4451950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:55.000Z",
|
|
"modified": "2015-12-22T14:04:55.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/4f80e0d271804fe371cc3d6d96b32c31d4c6892f4de1404dde283ca0d1a10a83/analysis/1444735653/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795888-5fd8-4e0a-b5f1-4dba950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:56.000Z",
|
|
"modified": "2015-12-22T14:04:56.000Z",
|
|
"description": "- Xchecked via VT: 0af568fc82498359ddf295f72945b9ee",
|
|
"pattern": "[file:hashes.SHA256 = '23e1541dddf2f788abda05884aa4b9e4111465dde0b2092d910b29e1dc1530b7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795888-0148-4685-968c-4fbb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:56.000Z",
|
|
"modified": "2015-12-22T14:04:56.000Z",
|
|
"description": "- Xchecked via VT: 0af568fc82498359ddf295f72945b9ee",
|
|
"pattern": "[file:hashes.SHA1 = 'bbe34723881ba4fd2f2d08cc5dbfe590d88f0c73']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795888-2378-477d-a908-4660950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:56.000Z",
|
|
"modified": "2015-12-22T14:04:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/23e1541dddf2f788abda05884aa4b9e4111465dde0b2092d910b29e1dc1530b7/analysis/1446034810/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795889-66b4-44ec-b304-4d05950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:57.000Z",
|
|
"modified": "2015-12-22T14:04:57.000Z",
|
|
"description": "- Xchecked via VT: f555a9fb345cc302b45d7cc9e5140be7",
|
|
"pattern": "[file:hashes.SHA256 = '07085532b099674579f9482a4a8cd3c2aa8b8f655fe26fe2f51fe6b639ca0dff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795889-9258-4ee0-931b-45a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:57.000Z",
|
|
"modified": "2015-12-22T14:04:57.000Z",
|
|
"description": "- Xchecked via VT: f555a9fb345cc302b45d7cc9e5140be7",
|
|
"pattern": "[file:hashes.SHA1 = '0cf6d83bc90443537ab98ab76d2576aaed1683c6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795889-5578-41c4-9d75-4b4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:57.000Z",
|
|
"modified": "2015-12-22T14:04:57.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/07085532b099674579f9482a4a8cd3c2aa8b8f655fe26fe2f51fe6b639ca0dff/analysis/1447151710/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795889-3974-4bac-826a-413a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:57.000Z",
|
|
"modified": "2015-12-22T14:04:57.000Z",
|
|
"description": "- Xchecked via VT: 7ac493d7532d1c1f8bf6c78c7a338d48",
|
|
"pattern": "[file:hashes.SHA256 = '16e28721cd000b34a6f19142f09142fd87d04f44f1bc97093abc376b05b795a1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588a-15b8-4bda-a81d-494d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:58.000Z",
|
|
"modified": "2015-12-22T14:04:58.000Z",
|
|
"description": "- Xchecked via VT: 7ac493d7532d1c1f8bf6c78c7a338d48",
|
|
"pattern": "[file:hashes.SHA1 = '0ee84f17036562d2603a412d90c567b2d25cfb6b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588a-6ebc-44c1-8953-4802950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:58.000Z",
|
|
"modified": "2015-12-22T14:04:58.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/16e28721cd000b34a6f19142f09142fd87d04f44f1bc97093abc376b05b795a1/analysis/1446581486/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588a-9f5c-4261-9597-4cf6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:58.000Z",
|
|
"modified": "2015-12-22T14:04:58.000Z",
|
|
"description": "- Xchecked via VT: e2a3081a0f48ee51e84f0bc51013f947",
|
|
"pattern": "[file:hashes.SHA256 = '18c6cbf51536ab1372ad5fc772654c3aff977ce4ebe0306f3271c70de7898964']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588b-3dbc-4de0-80df-42b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:59.000Z",
|
|
"modified": "2015-12-22T14:04:59.000Z",
|
|
"description": "- Xchecked via VT: e2a3081a0f48ee51e84f0bc51013f947",
|
|
"pattern": "[file:hashes.SHA1 = '0b5c204190b3e483a811b8f8f9f23403599324f5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588b-9520-492a-9119-4fb9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:59.000Z",
|
|
"modified": "2015-12-22T14:04:59.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/18c6cbf51536ab1372ad5fc772654c3aff977ce4ebe0306f3271c70de7898964/analysis/1446553319/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588b-5134-444a-922a-4ea0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:59.000Z",
|
|
"modified": "2015-12-22T14:04:59.000Z",
|
|
"description": "- Xchecked via VT: 0aaaf25ad8f4a25c42c60698d27928d2",
|
|
"pattern": "[file:hashes.SHA256 = 'b91cabc3646707c5d5c5e6098634144b71e4aa15e0f1072eda6bc6407c584571']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588b-4fc0-47a9-ac34-4243950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:04:59.000Z",
|
|
"modified": "2015-12-22T14:04:59.000Z",
|
|
"description": "- Xchecked via VT: 0aaaf25ad8f4a25c42c60698d27928d2",
|
|
"pattern": "[file:hashes.SHA1 = 'c1f5ae83d02e540be49a8728767ecf2cf8709764']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:04:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588c-dba0-4769-89d6-44c6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:00.000Z",
|
|
"modified": "2015-12-22T14:05:00.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b91cabc3646707c5d5c5e6098634144b71e4aa15e0f1072eda6bc6407c584571/analysis/1444768021/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588c-58ac-4cec-bfb4-44df950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:00.000Z",
|
|
"modified": "2015-12-22T14:05:00.000Z",
|
|
"description": "- Xchecked via VT: e74b9b79e096861ce27da966a37c4862",
|
|
"pattern": "[file:hashes.SHA256 = '38ae09862b2b93c5cd3618b2cd7484eae908255042427ec05589b1aebe94685e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588c-5a78-4b6a-ae56-4ee2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:00.000Z",
|
|
"modified": "2015-12-22T14:05:00.000Z",
|
|
"description": "- Xchecked via VT: e74b9b79e096861ce27da966a37c4862",
|
|
"pattern": "[file:hashes.SHA1 = '7c10bec7d47ef0eee5876af341ca632a9eace51a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588d-30dc-4bfc-ba00-462c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:01.000Z",
|
|
"modified": "2015-12-22T14:05:01.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/38ae09862b2b93c5cd3618b2cd7484eae908255042427ec05589b1aebe94685e/analysis/1447687394/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588d-ad40-4f98-b9c6-4e14950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:01.000Z",
|
|
"modified": "2015-12-22T14:05:01.000Z",
|
|
"description": "- Xchecked via VT: db2df94485e7b453ad5d9fdfc9d0ff3b",
|
|
"pattern": "[file:hashes.SHA256 = 'cd76065391480a2353d68eb671a9d2a9d870ea4518871fd7d337a9f9f816f68e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588d-c3dc-4a51-b8e5-4de6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:01.000Z",
|
|
"modified": "2015-12-22T14:05:01.000Z",
|
|
"description": "- Xchecked via VT: db2df94485e7b453ad5d9fdfc9d0ff3b",
|
|
"pattern": "[file:hashes.SHA1 = '518b7888bb1294f38a1e61593a0ce95d4e597f32']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588d-1608-4409-8fcd-4080950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:01.000Z",
|
|
"modified": "2015-12-22T14:05:01.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/cd76065391480a2353d68eb671a9d2a9d870ea4518871fd7d337a9f9f816f68e/analysis/1444934278/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588e-4a24-4a63-826f-4318950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:02.000Z",
|
|
"modified": "2015-12-22T14:05:02.000Z",
|
|
"description": "- Xchecked via VT: b9f450b4ddb1faef1a0e4cead3135dcc",
|
|
"pattern": "[file:hashes.SHA256 = '2cdadcf534c939d47f47d87aa7d425b1f181c950b6109912be4acd758b7bf144']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588e-028c-43dd-96d2-4d59950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:02.000Z",
|
|
"modified": "2015-12-22T14:05:02.000Z",
|
|
"description": "- Xchecked via VT: b9f450b4ddb1faef1a0e4cead3135dcc",
|
|
"pattern": "[file:hashes.SHA1 = 'aa37094b0957153818600ab4c8a124510c71413e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588e-f680-40ee-9fdb-4f07950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:02.000Z",
|
|
"modified": "2015-12-22T14:05:02.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2cdadcf534c939d47f47d87aa7d425b1f181c950b6109912be4acd758b7bf144/analysis/1450638132/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588e-4884-4000-9c60-47f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:02.000Z",
|
|
"modified": "2015-12-22T14:05:02.000Z",
|
|
"description": "- Xchecked via VT: 34eb88dbe14ff2b7fbf4befc4dfc86ea",
|
|
"pattern": "[file:hashes.SHA256 = '633b7bf5777bb71eac86f4e31b5e596f47513e6b251f0b91849be52752f7c10b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588f-391c-49db-ad4f-4ed0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:03.000Z",
|
|
"modified": "2015-12-22T14:05:03.000Z",
|
|
"description": "- Xchecked via VT: 34eb88dbe14ff2b7fbf4befc4dfc86ea",
|
|
"pattern": "[file:hashes.SHA1 = '8f483ad0d3ed4f1a3ef6ea541e79015095b23a0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588f-eef8-4179-bdc7-4e49950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:03.000Z",
|
|
"modified": "2015-12-22T14:05:03.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/633b7bf5777bb71eac86f4e31b5e596f47513e6b251f0b91849be52752f7c10b/analysis/1446114241/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588f-74e4-44d9-a576-4d4e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:03.000Z",
|
|
"modified": "2015-12-22T14:05:03.000Z",
|
|
"description": "- Xchecked via VT: c327ad3ca111c388a928eec0d702f7c2",
|
|
"pattern": "[file:hashes.SHA256 = 'c836fadb924cc5960f473432eb0e44634d9ae9d1d4c3b61a09e4f555694ccae1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679588f-0750-47e7-bd91-4476950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:03.000Z",
|
|
"modified": "2015-12-22T14:05:03.000Z",
|
|
"description": "- Xchecked via VT: c327ad3ca111c388a928eec0d702f7c2",
|
|
"pattern": "[file:hashes.SHA1 = '64a43d9ad5b780ed5a4b81ec06ba3f832d8f28f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795890-3d14-4db3-8248-4166950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:04.000Z",
|
|
"modified": "2015-12-22T14:05:04.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c836fadb924cc5960f473432eb0e44634d9ae9d1d4c3b61a09e4f555694ccae1/analysis/1446114657/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795890-3778-4a02-a95a-4540950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:04.000Z",
|
|
"modified": "2015-12-22T14:05:04.000Z",
|
|
"description": "- Xchecked via VT: 9be850be8e8f78cf2e116ed375571dc1",
|
|
"pattern": "[file:hashes.SHA256 = 'cffcde8a1e1bc7b7a5d191768194792479facc86488b520cc51d33f2376eba65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795890-d844-4b8d-9296-4dd3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:04.000Z",
|
|
"modified": "2015-12-22T14:05:04.000Z",
|
|
"description": "- Xchecked via VT: 9be850be8e8f78cf2e116ed375571dc1",
|
|
"pattern": "[file:hashes.SHA1 = '88d56e6b88cea851eadebd3cb87a58c3c759bad8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795890-1450-4586-a12b-4216950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:04.000Z",
|
|
"modified": "2015-12-22T14:05:04.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/cffcde8a1e1bc7b7a5d191768194792479facc86488b520cc51d33f2376eba65/analysis/1446114098/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795891-8844-4982-851e-4987950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:05.000Z",
|
|
"modified": "2015-12-22T14:05:05.000Z",
|
|
"description": "- Xchecked via VT: d89e31c4a7e52a70f729d557590a215e",
|
|
"pattern": "[file:hashes.SHA256 = '861cef742e4aa9382bc7f2fce9a61f25e5a1a679a437ce4faf33bc2a256dcb0e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795891-6370-4d34-bba3-4610950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:05.000Z",
|
|
"modified": "2015-12-22T14:05:05.000Z",
|
|
"description": "- Xchecked via VT: d89e31c4a7e52a70f729d557590a215e",
|
|
"pattern": "[file:hashes.SHA1 = 'add296581c5981ee36ecc123b61611a8498b9579']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795891-4ac4-40cd-a5bb-4414950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:05.000Z",
|
|
"modified": "2015-12-22T14:05:05.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/861cef742e4aa9382bc7f2fce9a61f25e5a1a679a437ce4faf33bc2a256dcb0e/analysis/1445948297/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795891-176c-4fff-a55d-4a3c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:05.000Z",
|
|
"modified": "2015-12-22T14:05:05.000Z",
|
|
"description": "- Xchecked via VT: e4ff3d6825da0524ebbf511667029a59",
|
|
"pattern": "[file:hashes.SHA256 = '396e8f9c7f50c3a4e6519ab52b956f4dbb35814433c70045c8e874056fb05427']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795892-3a78-442a-901e-400d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:06.000Z",
|
|
"modified": "2015-12-22T14:05:06.000Z",
|
|
"description": "- Xchecked via VT: e4ff3d6825da0524ebbf511667029a59",
|
|
"pattern": "[file:hashes.SHA1 = '4c5f8299863a0a85f260be74769b6c363794c796']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795892-2414-4a37-9cd0-4323950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:06.000Z",
|
|
"modified": "2015-12-22T14:05:06.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/396e8f9c7f50c3a4e6519ab52b956f4dbb35814433c70045c8e874056fb05427/analysis/1447152467/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795892-40c0-4b33-8829-4d97950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:06.000Z",
|
|
"modified": "2015-12-22T14:05:06.000Z",
|
|
"description": "- Xchecked via VT: d479bc551a8ee2b0152e9c9aef884321",
|
|
"pattern": "[file:hashes.SHA256 = 'c42deea433b77119e198dfeae5bf041f5e5c476e6b0971617884b847ffb0fd49']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795892-0b74-44a5-b321-4e98950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:06.000Z",
|
|
"modified": "2015-12-22T14:05:06.000Z",
|
|
"description": "- Xchecked via VT: d479bc551a8ee2b0152e9c9aef884321",
|
|
"pattern": "[file:hashes.SHA1 = '6fcfd238a52b39be013537cf5bdb306f0871f922']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795893-7af8-4d60-8db8-4f63950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:07.000Z",
|
|
"modified": "2015-12-22T14:05:07.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c42deea433b77119e198dfeae5bf041f5e5c476e6b0971617884b847ffb0fd49/analysis/1447794597/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795893-c300-41a5-af2a-405f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:07.000Z",
|
|
"modified": "2015-12-22T14:05:07.000Z",
|
|
"description": "- Xchecked via VT: a9cf60dca213d6e8a9ce0ef0f230b3f3",
|
|
"pattern": "[file:hashes.SHA256 = '5f690144cb63872bc9a6aae7733fd96d3939ea023804075ed8df70232b3f60aa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795893-2d40-4ede-a5ab-465e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:07.000Z",
|
|
"modified": "2015-12-22T14:05:07.000Z",
|
|
"description": "- Xchecked via VT: a9cf60dca213d6e8a9ce0ef0f230b3f3",
|
|
"pattern": "[file:hashes.SHA1 = '2da270a61847efb6473743db6ed101a1a0c0c1c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795893-7e2c-4dc8-b46a-4738950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:07.000Z",
|
|
"modified": "2015-12-22T14:05:07.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5f690144cb63872bc9a6aae7733fd96d3939ea023804075ed8df70232b3f60aa/analysis/1446114292/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795894-7d30-4811-b538-447b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:08.000Z",
|
|
"modified": "2015-12-22T14:05:08.000Z",
|
|
"description": "- Xchecked via VT: bfb0b03538cc0166f4faf3062f6b4d28",
|
|
"pattern": "[file:hashes.SHA256 = '48f62bc40962d059b8b802e70dcf2da1d2eb0d77a31302da443ea13979d1c812']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795894-0cf8-4a7f-a055-4b49950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:08.000Z",
|
|
"modified": "2015-12-22T14:05:08.000Z",
|
|
"description": "- Xchecked via VT: bfb0b03538cc0166f4faf3062f6b4d28",
|
|
"pattern": "[file:hashes.SHA1 = '0a83dac7074a6a28774a8e617d8d34ce947f735e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795894-6f04-4ceb-9219-429a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:08.000Z",
|
|
"modified": "2015-12-22T14:05:08.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/48f62bc40962d059b8b802e70dcf2da1d2eb0d77a31302da443ea13979d1c812/analysis/1446023451/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795895-33d4-4439-998a-4f94950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:09.000Z",
|
|
"modified": "2015-12-22T14:05:09.000Z",
|
|
"description": "- Xchecked via VT: 570133001cd6417d895c7d500e301f36",
|
|
"pattern": "[file:hashes.SHA256 = '769e057c24a86a918d98fe8909cacf9f6917d6bb6c73bbec579d43b5b62bb3de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795895-dfbc-4149-aca0-4da2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:09.000Z",
|
|
"modified": "2015-12-22T14:05:09.000Z",
|
|
"description": "- Xchecked via VT: 570133001cd6417d895c7d500e301f36",
|
|
"pattern": "[file:hashes.SHA1 = 'a14ec6fc48e414169b0e7588d524c1e300b527a0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795895-67f4-4259-a5bf-497f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:09.000Z",
|
|
"modified": "2015-12-22T14:05:09.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/769e057c24a86a918d98fe8909cacf9f6917d6bb6c73bbec579d43b5b62bb3de/analysis/1446113578/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795895-935c-4f66-99a8-4eaf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:09.000Z",
|
|
"modified": "2015-12-22T14:05:09.000Z",
|
|
"description": "- Xchecked via VT: dd0f0f38dffbf0da3f328e8f94c48a0f",
|
|
"pattern": "[file:hashes.SHA256 = 'd01851c6c614ae1f2657d9a96c6c957e1e7135484313d40191c268ac4c132558']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795896-44bc-42bb-a733-4a59950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:10.000Z",
|
|
"modified": "2015-12-22T14:05:10.000Z",
|
|
"description": "- Xchecked via VT: dd0f0f38dffbf0da3f328e8f94c48a0f",
|
|
"pattern": "[file:hashes.SHA1 = '65244d57881d6cf66b28909ccf38f21d583dfc9e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795896-cd20-4855-8600-4c18950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:10.000Z",
|
|
"modified": "2015-12-22T14:05:10.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d01851c6c614ae1f2657d9a96c6c957e1e7135484313d40191c268ac4c132558/analysis/1446022590/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795896-299c-48fd-bcc6-49fe950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:10.000Z",
|
|
"modified": "2015-12-22T14:05:10.000Z",
|
|
"description": "- Xchecked via VT: 0c5284ad9af01923818e42b02dc7ee90",
|
|
"pattern": "[file:hashes.SHA256 = 'b31a64f66096c82f2c27a4bf642461a60eeb89d2c6c741df12e98f55c42ff93a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795897-3174-4761-bf08-4f02950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:11.000Z",
|
|
"modified": "2015-12-22T14:05:11.000Z",
|
|
"description": "- Xchecked via VT: 0c5284ad9af01923818e42b02dc7ee90",
|
|
"pattern": "[file:hashes.SHA1 = 'b809f9a872285306fb96c6bc61d849289c7d5ce9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795897-6b20-411c-8e0f-4399950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:11.000Z",
|
|
"modified": "2015-12-22T14:05:11.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b31a64f66096c82f2c27a4bf642461a60eeb89d2c6c741df12e98f55c42ff93a/analysis/1450688971/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795897-1a2c-489b-8a72-4cc8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:11.000Z",
|
|
"modified": "2015-12-22T14:05:11.000Z",
|
|
"description": "- Xchecked via VT: 3c54ed7ac559604a78c25e7100480604",
|
|
"pattern": "[file:hashes.SHA256 = 'cde726f500712239a05d1f46b090fd0d510cc741f2fb31173e1821259462bbd7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795897-66e0-49c1-981e-4f1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:11.000Z",
|
|
"modified": "2015-12-22T14:05:11.000Z",
|
|
"description": "- Xchecked via VT: 3c54ed7ac559604a78c25e7100480604",
|
|
"pattern": "[file:hashes.SHA1 = 'c9187be2c933ec509704f284f449ec6ff91d8a47']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795898-fab8-40dc-848b-46cc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:12.000Z",
|
|
"modified": "2015-12-22T14:05:12.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/cde726f500712239a05d1f46b090fd0d510cc741f2fb31173e1821259462bbd7/analysis/1447687470/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795898-2e14-432a-80ec-4e18950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:12.000Z",
|
|
"modified": "2015-12-22T14:05:12.000Z",
|
|
"description": "- Xchecked via VT: a804557ecc6d26d6c51ccfeb4111d855",
|
|
"pattern": "[file:hashes.SHA256 = 'd2e5c0ca44153efd6689500c34710fa518eb1faa47912d8c4015ef7a9f2e8473']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795898-b2b4-4618-892f-4175950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:12.000Z",
|
|
"modified": "2015-12-22T14:05:12.000Z",
|
|
"description": "- Xchecked via VT: a804557ecc6d26d6c51ccfeb4111d855",
|
|
"pattern": "[file:hashes.SHA1 = '0cc1e0452aa943710f082561714bb040bed44cbd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795899-2e6c-4751-8588-453e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:13.000Z",
|
|
"modified": "2015-12-22T14:05:13.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d2e5c0ca44153efd6689500c34710fa518eb1faa47912d8c4015ef7a9f2e8473/analysis/1445075789/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795899-3ab8-4b5d-87e6-46b7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:13.000Z",
|
|
"modified": "2015-12-22T14:05:13.000Z",
|
|
"description": "- Xchecked via VT: 1fad86143616549aa0a13571ea2d9985",
|
|
"pattern": "[file:hashes.SHA256 = '9d6f48a28982024de1ff0142822f1f2f4f676e4cf84fa06fe3f24bf822a38d9f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795899-0edc-4a3d-97d0-434a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:13.000Z",
|
|
"modified": "2015-12-22T14:05:13.000Z",
|
|
"description": "- Xchecked via VT: 1fad86143616549aa0a13571ea2d9985",
|
|
"pattern": "[file:hashes.SHA1 = '52ade8d797f5d1d7da8daaade25c43ba0a6bdb39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795899-7eb8-4310-924a-470b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:13.000Z",
|
|
"modified": "2015-12-22T14:05:13.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9d6f48a28982024de1ff0142822f1f2f4f676e4cf84fa06fe3f24bf822a38d9f/analysis/1445269387/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589a-f800-477d-94a6-454a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:14.000Z",
|
|
"modified": "2015-12-22T14:05:14.000Z",
|
|
"description": "- Xchecked via VT: e949cff852839886d8f75990e1da5b83",
|
|
"pattern": "[file:hashes.SHA256 = '36574e3afef6a9bf64a9b9407b6c12576f118a47da617d461523d822603b52b3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589a-632c-4bd9-ae2c-42c2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:14.000Z",
|
|
"modified": "2015-12-22T14:05:14.000Z",
|
|
"description": "- Xchecked via VT: e949cff852839886d8f75990e1da5b83",
|
|
"pattern": "[file:hashes.SHA1 = 'd99d248906940419cd54343937b0c46ffb65675c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589a-1aa0-4d14-b7b4-492f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:14.000Z",
|
|
"modified": "2015-12-22T14:05:14.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/36574e3afef6a9bf64a9b9407b6c12576f118a47da617d461523d822603b52b3/analysis/1450291020/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589b-44ec-42f4-8a4d-49ac950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:15.000Z",
|
|
"modified": "2015-12-22T14:05:15.000Z",
|
|
"description": "- Xchecked via VT: 4a2c981104cd77279b897fc0feb7485f",
|
|
"pattern": "[file:hashes.SHA256 = 'd16decf5ebcb42ed10bf15797f786880bba3226d8f5e70829b2f61c263df13de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589b-66cc-4301-a7db-4e40950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:15.000Z",
|
|
"modified": "2015-12-22T14:05:15.000Z",
|
|
"description": "- Xchecked via VT: 4a2c981104cd77279b897fc0feb7485f",
|
|
"pattern": "[file:hashes.SHA1 = 'f71b2b195dc2b55e7dc61ebf170385fe6de3f7ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589b-b0e0-4b64-93ed-4647950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:15.000Z",
|
|
"modified": "2015-12-22T14:05:15.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d16decf5ebcb42ed10bf15797f786880bba3226d8f5e70829b2f61c263df13de/analysis/1445940268/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589c-bd7c-41ba-af93-4871950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:16.000Z",
|
|
"modified": "2015-12-22T14:05:16.000Z",
|
|
"description": "- Xchecked via VT: 6579e9d43b9864cf13e7202808874e8e",
|
|
"pattern": "[file:hashes.SHA256 = 'e2bcf479e8041e39e650adfcc3adc6ad1f3cd939be0388ebedaa3420254d8372']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589c-9de0-4fc1-9dc4-44d4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:16.000Z",
|
|
"modified": "2015-12-22T14:05:16.000Z",
|
|
"description": "- Xchecked via VT: 6579e9d43b9864cf13e7202808874e8e",
|
|
"pattern": "[file:hashes.SHA1 = '054b8f609f0f28a31560eb7e95d86f38396343ab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589c-cb78-44fc-bc7d-4320950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:16.000Z",
|
|
"modified": "2015-12-22T14:05:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e2bcf479e8041e39e650adfcc3adc6ad1f3cd939be0388ebedaa3420254d8372/analysis/1447594094/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589c-ff14-4cf3-8d8f-4ed8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:16.000Z",
|
|
"modified": "2015-12-22T14:05:16.000Z",
|
|
"description": "- Xchecked via VT: fb38f8383214bfc545915e089ef6d18f",
|
|
"pattern": "[file:hashes.SHA256 = '05f47d70882cbd6dad8ec994210dff2d8d1dda5afe1c85c6f5e862c188667f96']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589d-b034-4cf0-88c1-43c2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:17.000Z",
|
|
"modified": "2015-12-22T14:05:17.000Z",
|
|
"description": "- Xchecked via VT: fb38f8383214bfc545915e089ef6d18f",
|
|
"pattern": "[file:hashes.SHA1 = '70594f40c40cc064233e06d4d4ff3eb5fb3acb21']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589d-c148-4147-8d50-4e35950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:17.000Z",
|
|
"modified": "2015-12-22T14:05:17.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/05f47d70882cbd6dad8ec994210dff2d8d1dda5afe1c85c6f5e862c188667f96/analysis/1444714361/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589d-c1c8-4424-b492-41cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:17.000Z",
|
|
"modified": "2015-12-22T14:05:17.000Z",
|
|
"description": "- Xchecked via VT: 2cb59b32bb4a6919b72492f8db1c97cf",
|
|
"pattern": "[file:hashes.SHA256 = '7f46683a39524f9f13a5c3b2ea3984e0041f29b7d2527547ca52e85f294639af']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589e-e1d8-4747-82f8-40c9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:18.000Z",
|
|
"modified": "2015-12-22T14:05:18.000Z",
|
|
"description": "- Xchecked via VT: 2cb59b32bb4a6919b72492f8db1c97cf",
|
|
"pattern": "[file:hashes.SHA1 = '204dc0888444f61943c874651dc990121468d6f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589e-8ba8-41f5-9025-476d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:18.000Z",
|
|
"modified": "2015-12-22T14:05:18.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7f46683a39524f9f13a5c3b2ea3984e0041f29b7d2527547ca52e85f294639af/analysis/1446904517/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589e-c060-4a4d-843a-4642950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:18.000Z",
|
|
"modified": "2015-12-22T14:05:18.000Z",
|
|
"description": "- Xchecked via VT: addb452b32b52f633a08c37b6f839079",
|
|
"pattern": "[file:hashes.SHA256 = 'c91911f34830b167623f94b9fc19ffae419a47aba62d2d502cae5933478cfa88']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589e-c5ac-4633-b44d-4775950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:18.000Z",
|
|
"modified": "2015-12-22T14:05:18.000Z",
|
|
"description": "- Xchecked via VT: addb452b32b52f633a08c37b6f839079",
|
|
"pattern": "[file:hashes.SHA1 = 'bc803a50d9def55a3ae2e220d78887b5004a971a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589f-2fd0-495c-a5d7-4a47950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:19.000Z",
|
|
"modified": "2015-12-22T14:05:19.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c91911f34830b167623f94b9fc19ffae419a47aba62d2d502cae5933478cfa88/analysis/1450717947/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589f-7c50-41df-a35e-4ea1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:19.000Z",
|
|
"modified": "2015-12-22T14:05:19.000Z",
|
|
"description": "- Xchecked via VT: a9a587d3f8ef1c0f04bb84e880d931d9",
|
|
"pattern": "[file:hashes.SHA256 = '6e27c458ffc8b433edb407bf705f46d7be48f94cc854587209a8b84e61bd9b4d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589f-b7cc-4a79-9f0f-4ca7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:19.000Z",
|
|
"modified": "2015-12-22T14:05:19.000Z",
|
|
"description": "- Xchecked via VT: a9a587d3f8ef1c0f04bb84e880d931d9",
|
|
"pattern": "[file:hashes.SHA1 = '2938700f8393bda5d8b85fa540e32614e99540d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679589f-2f34-4343-90ea-4d03950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:19.000Z",
|
|
"modified": "2015-12-22T14:05:19.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6e27c458ffc8b433edb407bf705f46d7be48f94cc854587209a8b84e61bd9b4d/analysis/1446812322/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a0-756c-4356-889a-4a68950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:20.000Z",
|
|
"modified": "2015-12-22T14:05:20.000Z",
|
|
"description": "- Xchecked via VT: 285ab8fd58ec97da658a0fed06836c5d",
|
|
"pattern": "[file:hashes.SHA256 = 'fec645ca84e375d50486af8f0d558e911489ca64abf351f2b22b74eea41b86fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a0-2c60-4e03-9a17-42fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:20.000Z",
|
|
"modified": "2015-12-22T14:05:20.000Z",
|
|
"description": "- Xchecked via VT: 285ab8fd58ec97da658a0fed06836c5d",
|
|
"pattern": "[file:hashes.SHA1 = 'bf29dff5b379fbda254fee5a79a7bd714e6956b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a0-d630-42dc-af56-4ffb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:20.000Z",
|
|
"modified": "2015-12-22T14:05:20.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/fec645ca84e375d50486af8f0d558e911489ca64abf351f2b22b74eea41b86fe/analysis/1445337849/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a1-b9b8-4403-a559-4ade950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:21.000Z",
|
|
"modified": "2015-12-22T14:05:21.000Z",
|
|
"description": "- Xchecked via VT: 410a1e1e02586b7af95ccf43b5bb61f9",
|
|
"pattern": "[file:hashes.SHA256 = '014d2f6af43b3006f4bedd7b0ac0a2d790dae778b9fa0cc91548fd1e6eaba147']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a1-7064-4129-acb2-4f48950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:21.000Z",
|
|
"modified": "2015-12-22T14:05:21.000Z",
|
|
"description": "- Xchecked via VT: 410a1e1e02586b7af95ccf43b5bb61f9",
|
|
"pattern": "[file:hashes.SHA1 = 'd68172f7874604064063b62ac4397e7c20d8df6d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a1-f968-4d32-a412-4b3e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:21.000Z",
|
|
"modified": "2015-12-22T14:05:21.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/014d2f6af43b3006f4bedd7b0ac0a2d790dae778b9fa0cc91548fd1e6eaba147/analysis/1447152170/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a1-b288-4e7c-971c-4a49950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:21.000Z",
|
|
"modified": "2015-12-22T14:05:21.000Z",
|
|
"description": "- Xchecked via VT: 9967bf8a17bf0bca5381261afa3a2593",
|
|
"pattern": "[file:hashes.SHA256 = '11301f7ee50250cb342ad08a3ca0e246577e6411a76f8315de8bcf92c438b78b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a2-a63c-4bfd-82cc-41f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:22.000Z",
|
|
"modified": "2015-12-22T14:05:22.000Z",
|
|
"description": "- Xchecked via VT: 9967bf8a17bf0bca5381261afa3a2593",
|
|
"pattern": "[file:hashes.SHA1 = '79f465e75127f282dcb2171f3008ea7239fb0664']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a2-374c-4e3f-8f46-4db7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:22.000Z",
|
|
"modified": "2015-12-22T14:05:22.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/11301f7ee50250cb342ad08a3ca0e246577e6411a76f8315de8bcf92c438b78b/analysis/1446985041/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a2-1ec8-4920-a3e0-4180950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:22.000Z",
|
|
"modified": "2015-12-22T14:05:22.000Z",
|
|
"description": "- Xchecked via VT: c7aeab8f97128b1f8c653c94d0a099e0",
|
|
"pattern": "[file:hashes.SHA256 = '202c1078ca03ccb4ecac64f963470775a3e60c39db2e9af142e66f334e1f0f69']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a3-cdd8-4c10-a06f-47da950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:23.000Z",
|
|
"modified": "2015-12-22T14:05:23.000Z",
|
|
"description": "- Xchecked via VT: c7aeab8f97128b1f8c653c94d0a099e0",
|
|
"pattern": "[file:hashes.SHA1 = 'f116d9e944eaf63a067febb026bb89bddf289eda']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a3-859c-4973-9ea0-4a83950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:23.000Z",
|
|
"modified": "2015-12-22T14:05:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/202c1078ca03ccb4ecac64f963470775a3e60c39db2e9af142e66f334e1f0f69/analysis/1450706527/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a3-0f0c-49c9-b7cf-4a7f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:23.000Z",
|
|
"modified": "2015-12-22T14:05:23.000Z",
|
|
"description": "- Xchecked via VT: 640e49904d84c198e42d6b4158cd6365",
|
|
"pattern": "[file:hashes.SHA256 = 'f836e9f7da643f4db76adab73ca1cfbab6b292d6b694d608370ea5fdd7f004c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a3-81ec-4ef8-b8e4-4a72950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:23.000Z",
|
|
"modified": "2015-12-22T14:05:23.000Z",
|
|
"description": "- Xchecked via VT: 640e49904d84c198e42d6b4158cd6365",
|
|
"pattern": "[file:hashes.SHA1 = 'c882f89a593cbeada9e933c14c479ea8f430ecdb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a4-03ac-4bca-b27d-4124950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:24.000Z",
|
|
"modified": "2015-12-22T14:05:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f836e9f7da643f4db76adab73ca1cfbab6b292d6b694d608370ea5fdd7f004c1/analysis/1446904496/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a4-7334-41f7-a055-43a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:24.000Z",
|
|
"modified": "2015-12-22T14:05:24.000Z",
|
|
"description": "- Xchecked via VT: 61bd6255734c79a478edb3933e757d07",
|
|
"pattern": "[file:hashes.SHA256 = '6bd9f5d247ce248f5424c0d03f09dca00d097ab64b33981979910e840ebfe702']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a4-1738-47c1-83de-4eb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:24.000Z",
|
|
"modified": "2015-12-22T14:05:24.000Z",
|
|
"description": "- Xchecked via VT: 61bd6255734c79a478edb3933e757d07",
|
|
"pattern": "[file:hashes.SHA1 = 'b681ed25cdd750635c9f483be1fad7014182fc2d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a5-864c-4050-94f0-4a94950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:25.000Z",
|
|
"modified": "2015-12-22T14:05:25.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6bd9f5d247ce248f5424c0d03f09dca00d097ab64b33981979910e840ebfe702/analysis/1445948933/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a5-2f28-4594-bf52-4f98950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:25.000Z",
|
|
"modified": "2015-12-22T14:05:25.000Z",
|
|
"description": "- Xchecked via VT: cc61048a27d543f342de7700f3b5d649",
|
|
"pattern": "[file:hashes.SHA256 = 'ee0866dec38bb9db58070439220cf08400550c6a00046539571ff2835023a73b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a5-4168-4901-abec-4adb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:25.000Z",
|
|
"modified": "2015-12-22T14:05:25.000Z",
|
|
"description": "- Xchecked via VT: cc61048a27d543f342de7700f3b5d649",
|
|
"pattern": "[file:hashes.SHA1 = '776d9d22ac4dac9e1907b26a6894ab0bdf506ae8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a6-7e58-41e1-aac1-46f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:26.000Z",
|
|
"modified": "2015-12-22T14:05:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ee0866dec38bb9db58070439220cf08400550c6a00046539571ff2835023a73b/analysis/1445007590/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a6-52e4-45d4-9276-4f03950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:26.000Z",
|
|
"modified": "2015-12-22T14:05:26.000Z",
|
|
"description": "- Xchecked via VT: 6e7533205ef18a55ad4ef384c152e181",
|
|
"pattern": "[file:hashes.SHA256 = '9cd0f4ad0b727cfe04cdabed95913affc092d29fc009a36c53d5e33a47bff1d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a6-4df4-4305-a074-4dab950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:26.000Z",
|
|
"modified": "2015-12-22T14:05:26.000Z",
|
|
"description": "- Xchecked via VT: 6e7533205ef18a55ad4ef384c152e181",
|
|
"pattern": "[file:hashes.SHA1 = '003a63b40dfe910f452f4a6db8ae061bb0825ca9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a6-8dd8-40c0-bd69-43aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:26.000Z",
|
|
"modified": "2015-12-22T14:05:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9cd0f4ad0b727cfe04cdabed95913affc092d29fc009a36c53d5e33a47bff1d5/analysis/1445863778/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a7-5d24-4467-aacf-4a6b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:27.000Z",
|
|
"modified": "2015-12-22T14:05:27.000Z",
|
|
"description": "- Xchecked via VT: e25c466d58ef2fdab393b61416dcea69",
|
|
"pattern": "[file:hashes.SHA256 = 'e5317699945a2bc106e68f2fdc6e7a63cb479ad602e16e24b2e3258d89f235cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a7-16a8-4feb-a69d-4935950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:27.000Z",
|
|
"modified": "2015-12-22T14:05:27.000Z",
|
|
"description": "- Xchecked via VT: e25c466d58ef2fdab393b61416dcea69",
|
|
"pattern": "[file:hashes.SHA1 = '7e8de4201adab81f3e1ca1161f7b4f59a997e036']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a7-d170-4b5b-bc54-4519950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:27.000Z",
|
|
"modified": "2015-12-22T14:05:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e5317699945a2bc106e68f2fdc6e7a63cb479ad602e16e24b2e3258d89f235cf/analysis/1445019568/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a8-90e4-4f30-972f-4b47950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:28.000Z",
|
|
"modified": "2015-12-22T14:05:28.000Z",
|
|
"description": "- Xchecked via VT: 3960b0027e8669ec7239ffc261c1a51d",
|
|
"pattern": "[file:hashes.SHA256 = '279edac5a43dce48946acdf24c721cdd0da370c54df9fbbd6d68e251a1cca32f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a8-9a28-466a-b0a2-46af950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:28.000Z",
|
|
"modified": "2015-12-22T14:05:28.000Z",
|
|
"description": "- Xchecked via VT: 3960b0027e8669ec7239ffc261c1a51d",
|
|
"pattern": "[file:hashes.SHA1 = '14069dd785a8f47812c5e2cb943d918c52424733']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a8-2bec-4fcf-a5bc-470b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:28.000Z",
|
|
"modified": "2015-12-22T14:05:28.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/279edac5a43dce48946acdf24c721cdd0da370c54df9fbbd6d68e251a1cca32f/analysis/1444763142/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a9-3af4-4a8d-96f6-482f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:29.000Z",
|
|
"modified": "2015-12-22T14:05:29.000Z",
|
|
"description": "- Xchecked via VT: 77b9050f81bf177f9f442d0f0f2ba6a1",
|
|
"pattern": "[file:hashes.SHA256 = '79bc5f5a08a4789ca12c5ec7a7559cc9318ec924635a24db8e7755c8d9a4666c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a9-b904-4b7e-8f92-40a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:29.000Z",
|
|
"modified": "2015-12-22T14:05:29.000Z",
|
|
"description": "- Xchecked via VT: 77b9050f81bf177f9f442d0f0f2ba6a1",
|
|
"pattern": "[file:hashes.SHA1 = '7823232c242dacc6ce6f62a071c2c5a550e6648d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a9-3398-477c-bb12-41c8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:29.000Z",
|
|
"modified": "2015-12-22T14:05:29.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/79bc5f5a08a4789ca12c5ec7a7559cc9318ec924635a24db8e7755c8d9a4666c/analysis/1446904340/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958a9-2734-46af-a1b3-4976950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:29.000Z",
|
|
"modified": "2015-12-22T14:05:29.000Z",
|
|
"description": "- Xchecked via VT: 150719079629d8d479fdd141a6862da3",
|
|
"pattern": "[file:hashes.SHA256 = 'ee0c5279207103e159cd0189dd5721f9020d047888bd3292968e36b59d179a8e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958aa-c0e4-4b7b-b4ae-48cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:30.000Z",
|
|
"modified": "2015-12-22T14:05:30.000Z",
|
|
"description": "- Xchecked via VT: 150719079629d8d479fdd141a6862da3",
|
|
"pattern": "[file:hashes.SHA1 = '9ac1c2a69c6f63c21d3f5f88e6085d61f156bb26']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958aa-0d58-4f76-ba5f-4720950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:30.000Z",
|
|
"modified": "2015-12-22T14:05:30.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ee0c5279207103e159cd0189dd5721f9020d047888bd3292968e36b59d179a8e/analysis/1447152439/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958aa-ea28-4cca-8932-4583950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:30.000Z",
|
|
"modified": "2015-12-22T14:05:30.000Z",
|
|
"description": "- Xchecked via VT: e0ff4de69f9e724a22f5628723d68f9e",
|
|
"pattern": "[file:hashes.SHA256 = '7bd0964c3f21be6a9c2f4304e461b3a10b7f324f2cc55d4ea0546ee5d24361f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ab-0648-4470-bf84-4e13950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:31.000Z",
|
|
"modified": "2015-12-22T14:05:31.000Z",
|
|
"description": "- Xchecked via VT: e0ff4de69f9e724a22f5628723d68f9e",
|
|
"pattern": "[file:hashes.SHA1 = '89c314dc347c4008aba4a54477d5f60ddd8aa4b4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ab-ad0c-4360-b71e-478c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:31.000Z",
|
|
"modified": "2015-12-22T14:05:31.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7bd0964c3f21be6a9c2f4304e461b3a10b7f324f2cc55d4ea0546ee5d24361f3/analysis/1445949254/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ab-b4bc-4f7f-a20c-4aac950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:31.000Z",
|
|
"modified": "2015-12-22T14:05:31.000Z",
|
|
"description": "- Xchecked via VT: 549ae1b2d7edb77af7f57c0b3a66b3c5",
|
|
"pattern": "[file:hashes.SHA256 = 'dd7ed57ad53bc227949d45780572e260f6349d1573b923cbe0abb50a10860067']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ab-34c0-4e65-9a13-4734950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:31.000Z",
|
|
"modified": "2015-12-22T14:05:31.000Z",
|
|
"description": "- Xchecked via VT: 549ae1b2d7edb77af7f57c0b3a66b3c5",
|
|
"pattern": "[file:hashes.SHA1 = '5ff5f323f410ab5398dfc8dccb02df89307f71bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ac-5d68-42a0-9422-4d7e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:32.000Z",
|
|
"modified": "2015-12-22T14:05:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/dd7ed57ad53bc227949d45780572e260f6349d1573b923cbe0abb50a10860067/analysis/1445863393/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ac-5944-4fd6-ad9a-4960950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:32.000Z",
|
|
"modified": "2015-12-22T14:05:32.000Z",
|
|
"description": "- Xchecked via VT: bfa1faf15d13b36c716d51ad90abd3d8",
|
|
"pattern": "[file:hashes.SHA256 = '5a6e0142963fade122957e7d9727026a1e91ac96c37effac4271460c2949cbe6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ac-26d4-425c-b543-4f2b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:32.000Z",
|
|
"modified": "2015-12-22T14:05:32.000Z",
|
|
"description": "- Xchecked via VT: bfa1faf15d13b36c716d51ad90abd3d8",
|
|
"pattern": "[file:hashes.SHA1 = '73553fe421552102fdb86a7e244e737fdd1286c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ad-4664-4675-9c54-4552950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:33.000Z",
|
|
"modified": "2015-12-22T14:05:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5a6e0142963fade122957e7d9727026a1e91ac96c37effac4271460c2949cbe6/analysis/1444953514/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ad-b04c-4e6a-bf2d-4fde950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:33.000Z",
|
|
"modified": "2015-12-22T14:05:33.000Z",
|
|
"description": "- Xchecked via VT: 116bb79e4e56c72eccde133fbd81b00f",
|
|
"pattern": "[file:hashes.SHA256 = '9b1fc9af1e605f259e03fbe20d1bec125d2750a476cef4530ad7c9e80c18f44a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ad-7ae4-4059-a1ba-4e1e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:33.000Z",
|
|
"modified": "2015-12-22T14:05:33.000Z",
|
|
"description": "- Xchecked via VT: 116bb79e4e56c72eccde133fbd81b00f",
|
|
"pattern": "[file:hashes.SHA1 = '6b035076370b692563c599a73da53edb1bf7afd6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ad-090c-4fa8-b7ba-4a60950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:33.000Z",
|
|
"modified": "2015-12-22T14:05:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9b1fc9af1e605f259e03fbe20d1bec125d2750a476cef4530ad7c9e80c18f44a/analysis/1446293704/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ae-01c0-4690-aa73-42c1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:34.000Z",
|
|
"modified": "2015-12-22T14:05:34.000Z",
|
|
"description": "- Xchecked via VT: 79470667af56594beaf46f3cf6149abc",
|
|
"pattern": "[file:hashes.SHA256 = '14fc6662b8e3a85a681f4f06711e0436e1b7abfd3a1c9a712c9410ea67d8d10c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ae-1a1c-409e-9f09-4b72950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:34.000Z",
|
|
"modified": "2015-12-22T14:05:34.000Z",
|
|
"description": "- Xchecked via VT: 79470667af56594beaf46f3cf6149abc",
|
|
"pattern": "[file:hashes.SHA1 = '8fb1c999fe9a1d5fb208b4f79c7b2d92d94293c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ae-a6cc-4bb8-a13b-47a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:34.000Z",
|
|
"modified": "2015-12-22T14:05:34.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/14fc6662b8e3a85a681f4f06711e0436e1b7abfd3a1c9a712c9410ea67d8d10c/analysis/1447078068/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958af-e078-4044-ab3a-427c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:35.000Z",
|
|
"modified": "2015-12-22T14:05:35.000Z",
|
|
"description": "- Xchecked via VT: 5945e2a97c18c9153141b40e48521927",
|
|
"pattern": "[file:hashes.SHA256 = '6f560cf61204d4b49d5966c494394d507671c06a145ae1c2647c3ac3bfccf8cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958af-9d08-4e3a-8373-413e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:35.000Z",
|
|
"modified": "2015-12-22T14:05:35.000Z",
|
|
"description": "- Xchecked via VT: 5945e2a97c18c9153141b40e48521927",
|
|
"pattern": "[file:hashes.SHA1 = '93453cf6a1068e777b7392aa0f33f0401910ced8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958af-e6c0-4f6d-b059-4928950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:35.000Z",
|
|
"modified": "2015-12-22T14:05:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6f560cf61204d4b49d5966c494394d507671c06a145ae1c2647c3ac3bfccf8cc/analysis/1444824942/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b0-e5c4-4e73-b058-48a7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:36.000Z",
|
|
"modified": "2015-12-22T14:05:36.000Z",
|
|
"description": "- Xchecked via VT: cfa88693d0d7c17f872dd36f21c01127",
|
|
"pattern": "[file:hashes.SHA256 = 'a6a758f0cef8b6dbb632fe40b2f52421c6bd01043acfe7b2f59a4c3c961ec9fd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b0-c6a8-46d8-ba70-4b72950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:36.000Z",
|
|
"modified": "2015-12-22T14:05:36.000Z",
|
|
"description": "- Xchecked via VT: cfa88693d0d7c17f872dd36f21c01127",
|
|
"pattern": "[file:hashes.SHA1 = 'c560fde75024e66ac5007c5b16083786f7d1dd60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b0-33c8-4624-88bb-4cbc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:36.000Z",
|
|
"modified": "2015-12-22T14:05:36.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a6a758f0cef8b6dbb632fe40b2f52421c6bd01043acfe7b2f59a4c3c961ec9fd/analysis/1446554978/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b0-ef70-4661-858e-4f2c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:36.000Z",
|
|
"modified": "2015-12-22T14:05:36.000Z",
|
|
"description": "- Xchecked via VT: 829ec2e0dd7eaf21e8e078c95f598835",
|
|
"pattern": "[file:hashes.SHA256 = '532459f3802837a2617c522fb23fdc1773d725ea1ae89ca90fb53be61b0c0c75']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b1-da70-4ceb-8af8-4b8b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:37.000Z",
|
|
"modified": "2015-12-22T14:05:37.000Z",
|
|
"description": "- Xchecked via VT: 829ec2e0dd7eaf21e8e078c95f598835",
|
|
"pattern": "[file:hashes.SHA1 = '557b4760c20f06b06f4431989e4eeeb0a7cb3e49']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b1-2e78-4322-85bf-42ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:37.000Z",
|
|
"modified": "2015-12-22T14:05:37.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/532459f3802837a2617c522fb23fdc1773d725ea1ae89ca90fb53be61b0c0c75/analysis/1446007061/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b1-8628-43ff-8d81-426b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:37.000Z",
|
|
"modified": "2015-12-22T14:05:37.000Z",
|
|
"description": "- Xchecked via VT: d869ff8e37a0653b1698f06c33c5eb77",
|
|
"pattern": "[file:hashes.SHA256 = '8b9b92714b2bd86d41b0f7a6b798020b0212acc6c2b8c0e1d42522bff74caf14']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b1-78b4-4772-9087-4ae7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:37.000Z",
|
|
"modified": "2015-12-22T14:05:37.000Z",
|
|
"description": "- Xchecked via VT: d869ff8e37a0653b1698f06c33c5eb77",
|
|
"pattern": "[file:hashes.SHA1 = '57b258ea22a6ccc92575ba30a972525c796d0733']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b2-f348-44e3-b276-421e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:38.000Z",
|
|
"modified": "2015-12-22T14:05:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8b9b92714b2bd86d41b0f7a6b798020b0212acc6c2b8c0e1d42522bff74caf14/analysis/1444972032/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b2-6c10-4edf-86fb-4b90950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:38.000Z",
|
|
"modified": "2015-12-22T14:05:38.000Z",
|
|
"description": "- Xchecked via VT: 335c7bec29c93fe18a2606634f4e0e8b",
|
|
"pattern": "[file:hashes.SHA256 = '00c869910d30eae996cee48ed3a0929fba6d8026934fb2824aee3c78dedf73f9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b2-5544-43b8-a288-4dd1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:38.000Z",
|
|
"modified": "2015-12-22T14:05:38.000Z",
|
|
"description": "- Xchecked via VT: 335c7bec29c93fe18a2606634f4e0e8b",
|
|
"pattern": "[file:hashes.SHA1 = '16bc690e040242cb37511b3738c45dbb8c3a98bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b2-5ac4-4680-9955-449c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:38.000Z",
|
|
"modified": "2015-12-22T14:05:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/00c869910d30eae996cee48ed3a0929fba6d8026934fb2824aee3c78dedf73f9/analysis/1447594449/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b3-8774-407f-bfdf-4645950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:39.000Z",
|
|
"modified": "2015-12-22T14:05:39.000Z",
|
|
"description": "- Xchecked via VT: 3e4c0b98671be918652f8006c351a705",
|
|
"pattern": "[file:hashes.SHA256 = 'a8a4d02e09b854fcf54738e828d0ff97234d8cf333948b89ac1c901faf9cf9a9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b3-ce30-4013-ba5d-405c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:39.000Z",
|
|
"modified": "2015-12-22T14:05:39.000Z",
|
|
"description": "- Xchecked via VT: 3e4c0b98671be918652f8006c351a705",
|
|
"pattern": "[file:hashes.SHA1 = '6a0255d733227f23ecdefc39e7e6576098c82ebe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b3-1b44-4e66-8533-4556950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:39.000Z",
|
|
"modified": "2015-12-22T14:05:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a8a4d02e09b854fcf54738e828d0ff97234d8cf333948b89ac1c901faf9cf9a9/analysis/1446811035/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b4-09bc-43d0-af6a-4604950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:40.000Z",
|
|
"modified": "2015-12-22T14:05:40.000Z",
|
|
"description": "- Xchecked via VT: 066affaebb03d3bfc432831cb41174c4",
|
|
"pattern": "[file:hashes.SHA256 = 'a3817dfb04f0c40d269d8449da0d7abf7524f476053eabeb593fb9545ce300ab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b4-5f0c-483b-adcc-4205950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:40.000Z",
|
|
"modified": "2015-12-22T14:05:40.000Z",
|
|
"description": "- Xchecked via VT: 066affaebb03d3bfc432831cb41174c4",
|
|
"pattern": "[file:hashes.SHA1 = 'eef9f4c34dd7efa49d6df07a06121ea5ea24188d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b4-8b30-4f06-af3b-4088950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:40.000Z",
|
|
"modified": "2015-12-22T14:05:40.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a3817dfb04f0c40d269d8449da0d7abf7524f476053eabeb593fb9545ce300ab/analysis/1447077736/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b5-5b30-491c-bd5a-432d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:41.000Z",
|
|
"modified": "2015-12-22T14:05:41.000Z",
|
|
"description": "- Xchecked via VT: 59da7a189e7dfb2d507b866e3324129d",
|
|
"pattern": "[file:hashes.SHA256 = '83da4803a31a9a6a4a0e8d46fbe6d8b6c14178528ec7b9080d1a09552754b972']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b5-bae4-49cd-aed6-49a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:41.000Z",
|
|
"modified": "2015-12-22T14:05:41.000Z",
|
|
"description": "- Xchecked via VT: 59da7a189e7dfb2d507b866e3324129d",
|
|
"pattern": "[file:hashes.SHA1 = '1d2a12c27fca13e0e6481fc30ef800d3c205ac2d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b5-5090-4a4c-8156-4f09950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:41.000Z",
|
|
"modified": "2015-12-22T14:05:41.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/83da4803a31a9a6a4a0e8d46fbe6d8b6c14178528ec7b9080d1a09552754b972/analysis/1446114676/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b5-143c-4a09-ab62-471a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:41.000Z",
|
|
"modified": "2015-12-22T14:05:41.000Z",
|
|
"description": "- Xchecked via VT: 1367924eb6c13ae349a14e7783ca7b14",
|
|
"pattern": "[file:hashes.SHA256 = '78702e9353a84002b3505979a3979e05faea014b8cedf9b2c7b0bfda475f4774']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b6-ce10-4bf4-97e4-4549950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:42.000Z",
|
|
"modified": "2015-12-22T14:05:42.000Z",
|
|
"description": "- Xchecked via VT: 1367924eb6c13ae349a14e7783ca7b14",
|
|
"pattern": "[file:hashes.SHA1 = '8d2bc2377f6e469b4b888fcf7a8122755662c76d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b6-5e04-4a95-8970-4245950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:42.000Z",
|
|
"modified": "2015-12-22T14:05:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/78702e9353a84002b3505979a3979e05faea014b8cedf9b2c7b0bfda475f4774/analysis/1445898166/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b6-4aec-4546-a18d-4b71950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:42.000Z",
|
|
"modified": "2015-12-22T14:05:42.000Z",
|
|
"description": "- Xchecked via VT: 887af1e37c8e437fd95cb17880926045",
|
|
"pattern": "[file:hashes.SHA256 = '3bb7762c03f402250b2a9b1add80073ed2c4852b0b54681c3749d52431547b1d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b7-0d18-4ebf-bc50-42aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:43.000Z",
|
|
"modified": "2015-12-22T14:05:43.000Z",
|
|
"description": "- Xchecked via VT: 887af1e37c8e437fd95cb17880926045",
|
|
"pattern": "[file:hashes.SHA1 = '7e3ee1dcbfd32bca17219841f8c44237b3859473']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b7-5d10-4130-8948-4463950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:43.000Z",
|
|
"modified": "2015-12-22T14:05:43.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3bb7762c03f402250b2a9b1add80073ed2c4852b0b54681c3749d52431547b1d/analysis/1447152624/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b7-d440-42dd-8b76-4c68950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:43.000Z",
|
|
"modified": "2015-12-22T14:05:43.000Z",
|
|
"description": "- Xchecked via VT: 87dd112052cf505463085613b4b59e3b",
|
|
"pattern": "[file:hashes.SHA256 = '12162ca776c3f5f2debc5d7482fceaf5d7c5d88f1f5513f40b53b156f644fdc5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b8-e9e0-4a60-b824-4953950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:44.000Z",
|
|
"modified": "2015-12-22T14:05:44.000Z",
|
|
"description": "- Xchecked via VT: 87dd112052cf505463085613b4b59e3b",
|
|
"pattern": "[file:hashes.SHA1 = '2ff6d44ef1d54521264a968675dbe471551e6948']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b8-22a8-482e-8ede-4cbe950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:44.000Z",
|
|
"modified": "2015-12-22T14:05:44.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/12162ca776c3f5f2debc5d7482fceaf5d7c5d88f1f5513f40b53b156f644fdc5/analysis/1446813618/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b8-0888-487a-aca2-4c1e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:44.000Z",
|
|
"modified": "2015-12-22T14:05:44.000Z",
|
|
"description": "- Xchecked via VT: 0314f4615e0814f776b2354e5c9064c5",
|
|
"pattern": "[file:hashes.SHA256 = '092ee379e1626e2078c05f5511bbd4ad960ff8c5031f702e8398994385a336f2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b8-5434-42d6-b7f7-4585950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:44.000Z",
|
|
"modified": "2015-12-22T14:05:44.000Z",
|
|
"description": "- Xchecked via VT: 0314f4615e0814f776b2354e5c9064c5",
|
|
"pattern": "[file:hashes.SHA1 = '564224f4f876d0d25b1a338ff02945881c3af8fc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b9-8854-499d-98c3-449b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:45.000Z",
|
|
"modified": "2015-12-22T14:05:45.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/092ee379e1626e2078c05f5511bbd4ad960ff8c5031f702e8398994385a336f2/analysis/1445331988/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b9-0d30-4872-b063-4263950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:45.000Z",
|
|
"modified": "2015-12-22T14:05:45.000Z",
|
|
"description": "- Xchecked via VT: 1ebf6415bb960b745305d1915841a521",
|
|
"pattern": "[file:hashes.SHA256 = '00c5b26645ab7a6b848a0c5b850482ae6d7412761af48b55fa0bef934c9f656b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958b9-a56c-4013-9703-484c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:45.000Z",
|
|
"modified": "2015-12-22T14:05:45.000Z",
|
|
"description": "- Xchecked via VT: 1ebf6415bb960b745305d1915841a521",
|
|
"pattern": "[file:hashes.SHA1 = 'd488369e65924daa9cbc1f9d72874a20620ade29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ba-286c-47cc-86b7-4c0b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:46.000Z",
|
|
"modified": "2015-12-22T14:05:46.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/00c5b26645ab7a6b848a0c5b850482ae6d7412761af48b55fa0bef934c9f656b/analysis/1445316510/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ba-4d0c-44fd-b860-428a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:46.000Z",
|
|
"modified": "2015-12-22T14:05:46.000Z",
|
|
"description": "- Xchecked via VT: 80c6d528958e847c33fce926a27f1f38",
|
|
"pattern": "[file:hashes.SHA256 = '3dce9dc2e154ab4efc1bfdb050501dc6fd909517e4faba716e1a6bae38b1f7d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ba-0e28-4499-9c7f-4419950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:46.000Z",
|
|
"modified": "2015-12-22T14:05:46.000Z",
|
|
"description": "- Xchecked via VT: 80c6d528958e847c33fce926a27f1f38",
|
|
"pattern": "[file:hashes.SHA1 = '8edef6e38eabdea7dd7fcefe570bafc18daa3262']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ba-ee44-4220-9d82-4f16950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:46.000Z",
|
|
"modified": "2015-12-22T14:05:46.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3dce9dc2e154ab4efc1bfdb050501dc6fd909517e4faba716e1a6bae38b1f7d0/analysis/1446113508/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bb-4ed4-4885-824c-4df8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:47.000Z",
|
|
"modified": "2015-12-22T14:05:47.000Z",
|
|
"description": "- Xchecked via VT: 517d1b33c7e00da706dc6bb1b0b9ed34",
|
|
"pattern": "[file:hashes.SHA256 = 'c752824ade659c6e2458a55e61ae7fcec6c5b0e49818e70f50785462a32709e2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bb-7220-4689-903a-410b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:47.000Z",
|
|
"modified": "2015-12-22T14:05:47.000Z",
|
|
"description": "- Xchecked via VT: 517d1b33c7e00da706dc6bb1b0b9ed34",
|
|
"pattern": "[file:hashes.SHA1 = '31a22bfdfaeff28266f384c3997fbe008b68561e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bb-73c8-4d87-a7ee-4807950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:47.000Z",
|
|
"modified": "2015-12-22T14:05:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c752824ade659c6e2458a55e61ae7fcec6c5b0e49818e70f50785462a32709e2/analysis/1446815615/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bc-0280-42e0-9963-44c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:48.000Z",
|
|
"modified": "2015-12-22T14:05:48.000Z",
|
|
"description": "- Xchecked via VT: e482685a6c332c20ba9a52ff1a172d7d",
|
|
"pattern": "[file:hashes.SHA256 = 'eca59e9c0d3175abddea6be9e6ee288387791243dbd4e0037af748bc66f5bc57']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bc-0d70-4a11-adaa-4834950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:48.000Z",
|
|
"modified": "2015-12-22T14:05:48.000Z",
|
|
"description": "- Xchecked via VT: e482685a6c332c20ba9a52ff1a172d7d",
|
|
"pattern": "[file:hashes.SHA1 = 'f32546bb33670a3be176f7efad6825b3617ce2fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bc-a160-4072-9503-4d43950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:48.000Z",
|
|
"modified": "2015-12-22T14:05:48.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/eca59e9c0d3175abddea6be9e6ee288387791243dbd4e0037af748bc66f5bc57/analysis/1447072340/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bd-6b34-4a5f-90ec-4297950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:49.000Z",
|
|
"modified": "2015-12-22T14:05:49.000Z",
|
|
"description": "- Xchecked via VT: 7485fcc37a7dc0b54479432fa9ae6ebc",
|
|
"pattern": "[file:hashes.SHA256 = 'ee2be695c89d140d5867c592c0be178994221123697e7f870c00c6b0fb61e7eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bd-dd5c-4dd9-b738-41ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:49.000Z",
|
|
"modified": "2015-12-22T14:05:49.000Z",
|
|
"description": "- Xchecked via VT: 7485fcc37a7dc0b54479432fa9ae6ebc",
|
|
"pattern": "[file:hashes.SHA1 = '60fcfda5c2f644ec230ae911ead30e37ed14eed9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bd-b988-4c35-aa2e-4fc0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:49.000Z",
|
|
"modified": "2015-12-22T14:05:49.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ee2be695c89d140d5867c592c0be178994221123697e7f870c00c6b0fb61e7eb/analysis/1450718143/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958be-85f0-4c26-bc88-4550950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:50.000Z",
|
|
"modified": "2015-12-22T14:05:50.000Z",
|
|
"description": "- Xchecked via VT: cf7959ed1b09d647ee85d13596cf6cd2",
|
|
"pattern": "[file:hashes.SHA256 = '24d7186fd3f0f755b416f85228de1ec94d040cb01821ded8f864c19983b44cf1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958be-7e44-4f22-a23f-4d3c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:50.000Z",
|
|
"modified": "2015-12-22T14:05:50.000Z",
|
|
"description": "- Xchecked via VT: cf7959ed1b09d647ee85d13596cf6cd2",
|
|
"pattern": "[file:hashes.SHA1 = 'e60ae869546905b9d863bcf9c64abdb292e4c25a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958be-b378-478d-a6f2-4e1a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:50.000Z",
|
|
"modified": "2015-12-22T14:05:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/24d7186fd3f0f755b416f85228de1ec94d040cb01821ded8f864c19983b44cf1/analysis/1447587023/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958be-16fc-4e53-bcaf-473e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:50.000Z",
|
|
"modified": "2015-12-22T14:05:50.000Z",
|
|
"description": "- Xchecked via VT: e5acd6ee0df1cad77e7fc60b40289f80",
|
|
"pattern": "[file:hashes.SHA256 = 'e30729c4b350a839845e947b9186fe1b7fa6b4192af5fda87b5cde15686f09eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bf-9638-4ac8-bd10-426c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:51.000Z",
|
|
"modified": "2015-12-22T14:05:51.000Z",
|
|
"description": "- Xchecked via VT: e5acd6ee0df1cad77e7fc60b40289f80",
|
|
"pattern": "[file:hashes.SHA1 = 'cca7eaaa7ea18d52f3652b08f6df1fb9bd17b4cb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bf-9e90-4c88-95c1-4e00950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:51.000Z",
|
|
"modified": "2015-12-22T14:05:51.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e30729c4b350a839845e947b9186fe1b7fa6b4192af5fda87b5cde15686f09eb/analysis/1446804291/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958bf-091c-4173-8ae2-4b47950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:51.000Z",
|
|
"modified": "2015-12-22T14:05:51.000Z",
|
|
"description": "- Xchecked via VT: f6869b30f236703d30c6887f38b3a455",
|
|
"pattern": "[file:hashes.SHA256 = 'db5188ce9a10768761b80ea3839bf07c0b51f1452564514015037a63598db7f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c0-fdac-4564-a120-4e52950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:52.000Z",
|
|
"modified": "2015-12-22T14:05:52.000Z",
|
|
"description": "- Xchecked via VT: f6869b30f236703d30c6887f38b3a455",
|
|
"pattern": "[file:hashes.SHA1 = 'dd038a59e71fce35a769719e0cc251a0b65a69a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c0-3ac0-4354-b916-4514950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:52.000Z",
|
|
"modified": "2015-12-22T14:05:52.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/db5188ce9a10768761b80ea3839bf07c0b51f1452564514015037a63598db7f3/analysis/1447152625/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c0-0204-49e6-b430-4c15950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:52.000Z",
|
|
"modified": "2015-12-22T14:05:52.000Z",
|
|
"description": "- Xchecked via VT: bb6ab62a3a0cfed8580a6e89c806738b",
|
|
"pattern": "[file:hashes.SHA256 = '469e42ab7d55ef8f1fdf860366bd11434217b9967d4ba23bc37cbf4d8bc98dff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c0-f43c-4b0e-a211-401b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:52.000Z",
|
|
"modified": "2015-12-22T14:05:52.000Z",
|
|
"description": "- Xchecked via VT: bb6ab62a3a0cfed8580a6e89c806738b",
|
|
"pattern": "[file:hashes.SHA1 = '05167d11f834d55218ecddda3ee755c65ed0f3cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c1-7f14-408e-b08f-4f33950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:53.000Z",
|
|
"modified": "2015-12-22T14:05:53.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/469e42ab7d55ef8f1fdf860366bd11434217b9967d4ba23bc37cbf4d8bc98dff/analysis/1444966350/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c1-dbfc-4be7-b1c7-43a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:53.000Z",
|
|
"modified": "2015-12-22T14:05:53.000Z",
|
|
"description": "- Xchecked via VT: e8576996331f260d554707b86c61a8c2",
|
|
"pattern": "[file:hashes.SHA256 = 'fa2399065b8b6387fa65951cc89a549654d38eb5ec87078606e5faa68561e65d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c1-9f94-4f81-b669-4c92950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:53.000Z",
|
|
"modified": "2015-12-22T14:05:53.000Z",
|
|
"description": "- Xchecked via VT: e8576996331f260d554707b86c61a8c2",
|
|
"pattern": "[file:hashes.SHA1 = '7db747245d11fc2d43fc45fe511c2a2f16c5dae1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c2-3dd0-47fe-ae74-480a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:54.000Z",
|
|
"modified": "2015-12-22T14:05:54.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/fa2399065b8b6387fa65951cc89a549654d38eb5ec87078606e5faa68561e65d/analysis/1447152463/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c2-173c-44df-b150-4b5f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:54.000Z",
|
|
"modified": "2015-12-22T14:05:54.000Z",
|
|
"description": "- Xchecked via VT: 81340026941739a74eb8a49bb1159449",
|
|
"pattern": "[file:hashes.SHA256 = 'a90f02138443de1acf81e9251e82f794ad3575361c0b513b7a2711e7a95c648a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c2-70fc-4c53-9d19-4e06950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:54.000Z",
|
|
"modified": "2015-12-22T14:05:54.000Z",
|
|
"description": "- Xchecked via VT: 81340026941739a74eb8a49bb1159449",
|
|
"pattern": "[file:hashes.SHA1 = 'cc3e3b6441b4013c190bfc95dae49bd8a1352641']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c3-643c-4252-9f7a-4fbb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:55.000Z",
|
|
"modified": "2015-12-22T14:05:55.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a90f02138443de1acf81e9251e82f794ad3575361c0b513b7a2711e7a95c648a/analysis/1446812366/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c3-1208-436e-8df2-44f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:55.000Z",
|
|
"modified": "2015-12-22T14:05:55.000Z",
|
|
"description": "- Xchecked via VT: d8183b4bb1129ed8b79528e7e3d6a715",
|
|
"pattern": "[file:hashes.SHA256 = '7678e5c337799de146d515d8ffbd10e9072b8b5b726f19716afd382a2d3e7550']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c3-5ebc-47a1-b79f-41e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:55.000Z",
|
|
"modified": "2015-12-22T14:05:55.000Z",
|
|
"description": "- Xchecked via VT: d8183b4bb1129ed8b79528e7e3d6a715",
|
|
"pattern": "[file:hashes.SHA1 = 'ec5f8b39460fdd61b1ab59081dd62fb19209c45d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c4-7598-4d9e-a351-4ef8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:56.000Z",
|
|
"modified": "2015-12-22T14:05:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7678e5c337799de146d515d8ffbd10e9072b8b5b726f19716afd382a2d3e7550/analysis/1444919095/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c4-8344-4b9a-9d2d-4d15950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:56.000Z",
|
|
"modified": "2015-12-22T14:05:56.000Z",
|
|
"description": "- Xchecked via VT: 2a1509b141e574b710c60c635133576f",
|
|
"pattern": "[file:hashes.SHA256 = 'b2c1f99081b8514923c2a42aacd2363c29f20f93b0d4e709029a39ed5a0eb9c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c4-ba3c-4887-bbd2-4351950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:56.000Z",
|
|
"modified": "2015-12-22T14:05:56.000Z",
|
|
"description": "- Xchecked via VT: 2a1509b141e574b710c60c635133576f",
|
|
"pattern": "[file:hashes.SHA1 = 'd16e20d539584e24a2398d7767c37530c66caf7f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c4-78e4-4df0-8005-46cc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:56.000Z",
|
|
"modified": "2015-12-22T14:05:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b2c1f99081b8514923c2a42aacd2363c29f20f93b0d4e709029a39ed5a0eb9c0/analysis/1445358219/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c5-2d44-494d-b232-4334950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:57.000Z",
|
|
"modified": "2015-12-22T14:05:57.000Z",
|
|
"description": "- Xchecked via VT: b2f891b14d0ce105fb6d7cc1fc2549ed",
|
|
"pattern": "[file:hashes.SHA256 = 'ac0f9e15f4410c9b5162e209bb05940c643146d62ef7a0bbe66a4ea1dd6f5579']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c5-193c-42b9-9264-4dca950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:57.000Z",
|
|
"modified": "2015-12-22T14:05:57.000Z",
|
|
"description": "- Xchecked via VT: b2f891b14d0ce105fb6d7cc1fc2549ed",
|
|
"pattern": "[file:hashes.SHA1 = '7d15f5abbaaf4c162e310b2c8f4dd6234e448b2e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c5-c818-4f14-8810-4e8f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:57.000Z",
|
|
"modified": "2015-12-22T14:05:57.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ac0f9e15f4410c9b5162e209bb05940c643146d62ef7a0bbe66a4ea1dd6f5579/analysis/1450706531/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c5-eb74-49fb-a7b5-4ae9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:57.000Z",
|
|
"modified": "2015-12-22T14:05:57.000Z",
|
|
"description": "- Xchecked via VT: 37740728d4efa25ac9dff7f3df13fe8c",
|
|
"pattern": "[file:hashes.SHA256 = 'a4709c49244bd473689fa0538ff6adb7ccfe5d224e74db36af82732b7b2b86cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c6-88bc-49f2-8e12-40b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:58.000Z",
|
|
"modified": "2015-12-22T14:05:58.000Z",
|
|
"description": "- Xchecked via VT: 37740728d4efa25ac9dff7f3df13fe8c",
|
|
"pattern": "[file:hashes.SHA1 = '4cd660e359b1371144419a95db9c44bb0b7b1c24']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c6-19e8-45a5-9a57-4b57950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:58.000Z",
|
|
"modified": "2015-12-22T14:05:58.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a4709c49244bd473689fa0538ff6adb7ccfe5d224e74db36af82732b7b2b86cf/analysis/1446813631/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c6-ae1c-4cf3-972a-4741950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:58.000Z",
|
|
"modified": "2015-12-22T14:05:58.000Z",
|
|
"description": "- Xchecked via VT: 2a98997a022b069ad576cfdbbf9b8465",
|
|
"pattern": "[file:hashes.SHA256 = '4d30f31ca1957af8dcbb6e6c7a01fcf58e83498aab088a313493a5181d7a7b5e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c7-841c-400e-a478-4e31950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:59.000Z",
|
|
"modified": "2015-12-22T14:05:59.000Z",
|
|
"description": "- Xchecked via VT: 2a98997a022b069ad576cfdbbf9b8465",
|
|
"pattern": "[file:hashes.SHA1 = '2a0c51fa4e7368497bc16e7dced8f3c74870caa9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c7-4948-491a-8458-4068950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:59.000Z",
|
|
"modified": "2015-12-22T14:05:59.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/4d30f31ca1957af8dcbb6e6c7a01fcf58e83498aab088a313493a5181d7a7b5e/analysis/1445341926/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c7-d430-40ca-978d-48df950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:05:59.000Z",
|
|
"modified": "2015-12-22T14:05:59.000Z",
|
|
"description": "- Xchecked via VT: 5c2feddcdb4a1cdaa90b46aaffedeb1d",
|
|
"pattern": "[file:hashes.SHA256 = '48d4f4b6544cd1bb68f7a3013528809e24c48cb88b07c6e17c03d2a61f6528ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:05:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c8-b498-4eab-bc0e-4e92950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:00.000Z",
|
|
"modified": "2015-12-22T14:06:00.000Z",
|
|
"description": "- Xchecked via VT: 5c2feddcdb4a1cdaa90b46aaffedeb1d",
|
|
"pattern": "[file:hashes.SHA1 = '23c1323d4f48957d7687cc73c79da734f36be03f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c8-4714-4e31-9484-4c37950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:00.000Z",
|
|
"modified": "2015-12-22T14:06:00.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/48d4f4b6544cd1bb68f7a3013528809e24c48cb88b07c6e17c03d2a61f6528ba/analysis/1444974314/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c8-ce00-44d5-a46e-4635950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:00.000Z",
|
|
"modified": "2015-12-22T14:06:00.000Z",
|
|
"description": "- Xchecked via VT: a996aa61c94026932c6bcc13a2c2bb1a",
|
|
"pattern": "[file:hashes.SHA256 = 'd7b0f394e0671703a38cca3bd3dddac8ab14b4183521f2baaf4cd574fb426f82']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c8-8130-4e2c-85b4-454b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:00.000Z",
|
|
"modified": "2015-12-22T14:06:00.000Z",
|
|
"description": "- Xchecked via VT: a996aa61c94026932c6bcc13a2c2bb1a",
|
|
"pattern": "[file:hashes.SHA1 = '4bee37b1911e597576d1f326eab8bd6f644d17ad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c9-68f8-4417-881d-4613950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:01.000Z",
|
|
"modified": "2015-12-22T14:06:01.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d7b0f394e0671703a38cca3bd3dddac8ab14b4183521f2baaf4cd574fb426f82/analysis/1444931740/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c9-b164-42fb-8226-428f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:01.000Z",
|
|
"modified": "2015-12-22T14:06:01.000Z",
|
|
"description": "- Xchecked via VT: a9fb5a02c9fad9baf4afcec177ed5b93",
|
|
"pattern": "[file:hashes.SHA256 = '476f4a0f286dba07fc73b1b05562759c9c0c9d4cc315d03a4f630eca32b47e7b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958c9-f608-429a-ab19-40fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:01.000Z",
|
|
"modified": "2015-12-22T14:06:01.000Z",
|
|
"description": "- Xchecked via VT: a9fb5a02c9fad9baf4afcec177ed5b93",
|
|
"pattern": "[file:hashes.SHA1 = '0d5be72cd4647c7235e069963117c28484eedcf8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ca-705c-4245-b382-4968950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:02.000Z",
|
|
"modified": "2015-12-22T14:06:02.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/476f4a0f286dba07fc73b1b05562759c9c0c9d4cc315d03a4f630eca32b47e7b/analysis/1446812277/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ca-14e4-4bf2-ba2a-43ee950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:02.000Z",
|
|
"modified": "2015-12-22T14:06:02.000Z",
|
|
"description": "- Xchecked via VT: 9e262c2e180ac4bb12ce3ecc0c0e37e3",
|
|
"pattern": "[file:hashes.SHA256 = 'fd3c0a559035110b62a0d42e9e05f6dcfd8deea7db5b6dabed92877afdd437fb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ca-5094-44e5-b8b2-4cbd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:02.000Z",
|
|
"modified": "2015-12-22T14:06:02.000Z",
|
|
"description": "- Xchecked via VT: 9e262c2e180ac4bb12ce3ecc0c0e37e3",
|
|
"pattern": "[file:hashes.SHA1 = '4ccda96f88d1d2e1db13000e1af5e1b07bb6af72']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cb-ec94-48b9-89f0-4f53950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:03.000Z",
|
|
"modified": "2015-12-22T14:06:03.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/fd3c0a559035110b62a0d42e9e05f6dcfd8deea7db5b6dabed92877afdd437fb/analysis/1445127342/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cb-1760-4412-873c-40dd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:03.000Z",
|
|
"modified": "2015-12-22T14:06:03.000Z",
|
|
"description": "- Xchecked via VT: d0faade2ae78c6057d1ffe3c1900c242",
|
|
"pattern": "[file:hashes.SHA256 = 'f3ddc90349d65681bcc48aaa7d6493f88f98a2a2ab6271cd8646196089d8a1bc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cb-2aa8-4dfc-8fd7-4af7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:03.000Z",
|
|
"modified": "2015-12-22T14:06:03.000Z",
|
|
"description": "- Xchecked via VT: d0faade2ae78c6057d1ffe3c1900c242",
|
|
"pattern": "[file:hashes.SHA1 = 'aab60dab24201b5e03a17f8da9d000b2cb7a105f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cb-a3a4-4f38-91c0-4ab0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:03.000Z",
|
|
"modified": "2015-12-22T14:06:03.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f3ddc90349d65681bcc48aaa7d6493f88f98a2a2ab6271cd8646196089d8a1bc/analysis/1445385105/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cc-3268-4e5f-84f3-456c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:04.000Z",
|
|
"modified": "2015-12-22T14:06:04.000Z",
|
|
"description": "- Xchecked via VT: 0682c69533d87d5295687f568db86c9f",
|
|
"pattern": "[file:hashes.SHA256 = '13f189a693a35c98ac7cfbb4c9533f8f1e77d5aabcd8f0f91eb14aebd0993496']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cc-6bf8-49db-b09c-42ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:04.000Z",
|
|
"modified": "2015-12-22T14:06:04.000Z",
|
|
"description": "- Xchecked via VT: 0682c69533d87d5295687f568db86c9f",
|
|
"pattern": "[file:hashes.SHA1 = '4d7e092759d385069cecb0334643afa0d66af516']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cc-3878-4764-8a37-4061950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:04.000Z",
|
|
"modified": "2015-12-22T14:06:04.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/13f189a693a35c98ac7cfbb4c9533f8f1e77d5aabcd8f0f91eb14aebd0993496/analysis/1447151913/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cd-7e4c-43ad-9e15-4b30950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:05.000Z",
|
|
"modified": "2015-12-22T14:06:05.000Z",
|
|
"description": "- Xchecked via VT: 13dbe7eba6c443594711bf3a13dae401",
|
|
"pattern": "[file:hashes.SHA256 = '834f0aa42502e7e63c368b00bf4001a7078455e67999d2629a36999917094f2b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cd-6da4-411b-8c59-47e1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:05.000Z",
|
|
"modified": "2015-12-22T14:06:05.000Z",
|
|
"description": "- Xchecked via VT: 13dbe7eba6c443594711bf3a13dae401",
|
|
"pattern": "[file:hashes.SHA1 = '536685fedc0170537bc4e08a416b0a1f3abfdfdd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cd-5aac-4845-8ff6-4402950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:05.000Z",
|
|
"modified": "2015-12-22T14:06:05.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/834f0aa42502e7e63c368b00bf4001a7078455e67999d2629a36999917094f2b/analysis/1446814433/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ce-0508-49ff-8ce3-4c3f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:06.000Z",
|
|
"modified": "2015-12-22T14:06:06.000Z",
|
|
"description": "- Xchecked via VT: b75af3a2eeeaf2a72160a1ec8da7ba45",
|
|
"pattern": "[file:hashes.SHA256 = 'c6eaf4cf20562281d06520bb701d38aaf84e070ff8f459f7fdea9488b72c3e9d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ce-0dc4-46be-9572-4e85950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:06.000Z",
|
|
"modified": "2015-12-22T14:06:06.000Z",
|
|
"description": "- Xchecked via VT: b75af3a2eeeaf2a72160a1ec8da7ba45",
|
|
"pattern": "[file:hashes.SHA1 = '54fee27d6fb227117bb74c4ec373deccc7fad231']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ce-e894-4cef-ac53-43c0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:06.000Z",
|
|
"modified": "2015-12-22T14:06:06.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c6eaf4cf20562281d06520bb701d38aaf84e070ff8f459f7fdea9488b72c3e9d/analysis/1450761568/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ce-b068-4b5a-98d0-4161950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:06.000Z",
|
|
"modified": "2015-12-22T14:06:06.000Z",
|
|
"description": "- Xchecked via VT: b22102d7917a83bc1a4ed7be403e28b0",
|
|
"pattern": "[file:hashes.SHA256 = '17627db665cf9cae528566a1ecd8f064cef56ea0e4f2495994a29cbf54a525c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cf-c284-4c56-8db3-47aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:07.000Z",
|
|
"modified": "2015-12-22T14:06:07.000Z",
|
|
"description": "- Xchecked via VT: b22102d7917a83bc1a4ed7be403e28b0",
|
|
"pattern": "[file:hashes.SHA1 = 'e29f78e34d3d560566881a9853afa66b4f3701c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cf-8a84-42da-b191-4833950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:07.000Z",
|
|
"modified": "2015-12-22T14:06:07.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/17627db665cf9cae528566a1ecd8f064cef56ea0e4f2495994a29cbf54a525c3/analysis/1443784488/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958cf-d828-4fdb-bd70-478a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:07.000Z",
|
|
"modified": "2015-12-22T14:06:07.000Z",
|
|
"description": "- Xchecked via VT: 5a76e8bab2debe52761d72f576f25022",
|
|
"pattern": "[file:hashes.SHA256 = '96c852edf23217437948106672bb77f7f2373001c9fdae54d2ace3514149f256']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d0-9454-44b9-a7d2-48e8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:08.000Z",
|
|
"modified": "2015-12-22T14:06:08.000Z",
|
|
"description": "- Xchecked via VT: 5a76e8bab2debe52761d72f576f25022",
|
|
"pattern": "[file:hashes.SHA1 = 'c7723b2ab7480557204176d659f91294a002d2f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d0-0944-4362-941e-42d0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:08.000Z",
|
|
"modified": "2015-12-22T14:06:08.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/96c852edf23217437948106672bb77f7f2373001c9fdae54d2ace3514149f256/analysis/1445863389/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d0-6c00-485b-9a80-43af950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:08.000Z",
|
|
"modified": "2015-12-22T14:06:08.000Z",
|
|
"description": "- Xchecked via VT: fd8d9711547faa26e60de9d6e4290d9c",
|
|
"pattern": "[file:hashes.SHA256 = 'd89a87d175a409c1092c76b39643ead0f83cb63ff6a8a752e0f2697fa41abb74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d1-f4dc-451c-9f85-4340950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:09.000Z",
|
|
"modified": "2015-12-22T14:06:09.000Z",
|
|
"description": "- Xchecked via VT: fd8d9711547faa26e60de9d6e4290d9c",
|
|
"pattern": "[file:hashes.SHA1 = 'cda486e35381d79279ca231be63bf73bc018e8f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d1-2b14-448a-89f4-4ad4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:09.000Z",
|
|
"modified": "2015-12-22T14:06:09.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d89a87d175a409c1092c76b39643ead0f83cb63ff6a8a752e0f2697fa41abb74/analysis/1444804939/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d1-957c-4993-a8cd-4af2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:09.000Z",
|
|
"modified": "2015-12-22T14:06:09.000Z",
|
|
"description": "- Xchecked via VT: 13595dd817727883c0d516db3f4e4c08",
|
|
"pattern": "[file:hashes.SHA256 = 'eb5281e1fa4cf6ec9dc38e09ecbdbdff0742dd37f2544a261c526c5898b7ee71']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d1-46ec-495a-a3f1-47cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:09.000Z",
|
|
"modified": "2015-12-22T14:06:09.000Z",
|
|
"description": "- Xchecked via VT: 13595dd817727883c0d516db3f4e4c08",
|
|
"pattern": "[file:hashes.SHA1 = 'a05647d3c155c7bceb341ca4ba7c5f09cacf0aed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d2-e834-4301-acdf-46f1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:10.000Z",
|
|
"modified": "2015-12-22T14:06:10.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/eb5281e1fa4cf6ec9dc38e09ecbdbdff0742dd37f2544a261c526c5898b7ee71/analysis/1446114278/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d2-6cf8-4cd5-b8de-4170950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:10.000Z",
|
|
"modified": "2015-12-22T14:06:10.000Z",
|
|
"description": "- Xchecked via VT: b64520a4d10e235ae70157647bbf024a",
|
|
"pattern": "[file:hashes.SHA256 = 'b8ea4022dc6d1c0890936293bdf8360eec1e4bb26f64bb4939cba9cb288a0aba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d2-5a54-42dc-8f20-456f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:10.000Z",
|
|
"modified": "2015-12-22T14:06:10.000Z",
|
|
"description": "- Xchecked via VT: b64520a4d10e235ae70157647bbf024a",
|
|
"pattern": "[file:hashes.SHA1 = '6199b5915daa17b90fb2c65bea4a42dbb410bbe4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d3-153c-4159-b40b-451a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:11.000Z",
|
|
"modified": "2015-12-22T14:06:11.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b8ea4022dc6d1c0890936293bdf8360eec1e4bb26f64bb4939cba9cb288a0aba/analysis/1447670961/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d3-0940-4b8b-afd0-4519950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:11.000Z",
|
|
"modified": "2015-12-22T14:06:11.000Z",
|
|
"description": "- Xchecked via VT: 9a9ab5d543ac44e4c08ec6d39e325001",
|
|
"pattern": "[file:hashes.SHA256 = '69f9e9bdb1f9e232c6baf018a61184fc0fe24d0ba207a70b2439f4245cab24ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d3-c448-4dbc-a0b6-4012950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:11.000Z",
|
|
"modified": "2015-12-22T14:06:11.000Z",
|
|
"description": "- Xchecked via VT: 9a9ab5d543ac44e4c08ec6d39e325001",
|
|
"pattern": "[file:hashes.SHA1 = 'f89967a882d3e3a3643eac9cf13bb446614b8d6d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d3-5e0c-400f-961d-41f4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:11.000Z",
|
|
"modified": "2015-12-22T14:06:11.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/69f9e9bdb1f9e232c6baf018a61184fc0fe24d0ba207a70b2439f4245cab24ba/analysis/1444967986/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d4-1c94-4278-ae88-4558950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:12.000Z",
|
|
"modified": "2015-12-22T14:06:12.000Z",
|
|
"description": "- Xchecked via VT: 26384fd1a54f44c32e1d2399662084ee",
|
|
"pattern": "[file:hashes.SHA256 = '0e1f83201899fecf3f50e60e0c896fb6f4bcc3d0ebf7dd72654e8343f2d30ddb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d4-51b4-4f7e-a8ea-4be7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:12.000Z",
|
|
"modified": "2015-12-22T14:06:12.000Z",
|
|
"description": "- Xchecked via VT: 26384fd1a54f44c32e1d2399662084ee",
|
|
"pattern": "[file:hashes.SHA1 = '04fef628a0761bc7d4a1c7db1d513161dfc24659']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d4-637c-49dd-8af6-4866950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:12.000Z",
|
|
"modified": "2015-12-22T14:06:12.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/0e1f83201899fecf3f50e60e0c896fb6f4bcc3d0ebf7dd72654e8343f2d30ddb/analysis/1445949730/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d5-12e0-4886-bb04-4e92950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:13.000Z",
|
|
"modified": "2015-12-22T14:06:13.000Z",
|
|
"description": "- Xchecked via VT: 077faedb359e66187539dba3b45f109b",
|
|
"pattern": "[file:hashes.SHA256 = 'c93cc0be09d54f8e769841cd7d3a65946dda1ee55297eb3c457dfa3b40f095ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d5-f960-4623-9cb3-4623950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:13.000Z",
|
|
"modified": "2015-12-22T14:06:13.000Z",
|
|
"description": "- Xchecked via VT: 077faedb359e66187539dba3b45f109b",
|
|
"pattern": "[file:hashes.SHA1 = 'e3a4636f4e975063275df08d35a04ca2a7a0f2ec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d5-e3e4-4e33-a759-4f99950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:13.000Z",
|
|
"modified": "2015-12-22T14:06:13.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c93cc0be09d54f8e769841cd7d3a65946dda1ee55297eb3c457dfa3b40f095ce/analysis/1444883314/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d5-1d78-4faa-bc83-4b25950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:13.000Z",
|
|
"modified": "2015-12-22T14:06:13.000Z",
|
|
"description": "- Xchecked via VT: eb107686113a9fef8856b64935e67512",
|
|
"pattern": "[file:hashes.SHA256 = '50069d0f43f2e60b252dfaebceb0edaf52f4cb1106b8c06748072d1b408cf277']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d6-3024-4a52-b1b3-4297950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:14.000Z",
|
|
"modified": "2015-12-22T14:06:14.000Z",
|
|
"description": "- Xchecked via VT: eb107686113a9fef8856b64935e67512",
|
|
"pattern": "[file:hashes.SHA1 = '55eb5dd5453f27e3c3dcd3f51fbaec63d5f948ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d6-cee0-473c-89e7-4734950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:14.000Z",
|
|
"modified": "2015-12-22T14:06:14.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/50069d0f43f2e60b252dfaebceb0edaf52f4cb1106b8c06748072d1b408cf277/analysis/1446814506/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d6-9a4c-4a6e-9d1b-4f7a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:14.000Z",
|
|
"modified": "2015-12-22T14:06:14.000Z",
|
|
"description": "- Xchecked via VT: 74cc60b17dff3dc22722e8bed28f9edf",
|
|
"pattern": "[file:hashes.SHA256 = '1da960759932ff0158f579573e2544aaa84331f5bee2152deb18010a01534668']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d7-73fc-4813-b4a2-48fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:15.000Z",
|
|
"modified": "2015-12-22T14:06:15.000Z",
|
|
"description": "- Xchecked via VT: 74cc60b17dff3dc22722e8bed28f9edf",
|
|
"pattern": "[file:hashes.SHA1 = '15fd0c0d3df3695cfccd0da73c95b9d8da2d195e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d7-d798-4c53-a56c-4d3b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:15.000Z",
|
|
"modified": "2015-12-22T14:06:15.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1da960759932ff0158f579573e2544aaa84331f5bee2152deb18010a01534668/analysis/1450631035/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d7-38a0-4c1a-a8c3-4fb3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:15.000Z",
|
|
"modified": "2015-12-22T14:06:15.000Z",
|
|
"description": "- Xchecked via VT: e35535cb826824c1487203fc5601e54f",
|
|
"pattern": "[file:hashes.SHA256 = '3c3083d9b43698b11fe0cefec60d33f4c9f057cf63e1afc52c0fe4375505eb11']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d8-8b28-4067-84b8-44d4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:16.000Z",
|
|
"modified": "2015-12-22T14:06:16.000Z",
|
|
"description": "- Xchecked via VT: e35535cb826824c1487203fc5601e54f",
|
|
"pattern": "[file:hashes.SHA1 = 'afbdbf7ce83f657b656a0844fcfbf78e7877b630']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d8-7ce4-4201-a778-48f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:16.000Z",
|
|
"modified": "2015-12-22T14:06:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3c3083d9b43698b11fe0cefec60d33f4c9f057cf63e1afc52c0fe4375505eb11/analysis/1446814139/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d8-a0bc-44b3-9339-4a3a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:16.000Z",
|
|
"modified": "2015-12-22T14:06:16.000Z",
|
|
"description": "- Xchecked via VT: f81942dc0d255be71a6578b6b24978d1",
|
|
"pattern": "[file:hashes.SHA256 = '39a84e38eedefd1e193b860f8bf879abc59572d311cda8c7b5e0bd2eef3646e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d8-7728-4796-89f7-4761950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:16.000Z",
|
|
"modified": "2015-12-22T14:06:16.000Z",
|
|
"description": "- Xchecked via VT: f81942dc0d255be71a6578b6b24978d1",
|
|
"pattern": "[file:hashes.SHA1 = '264474ffb214deef53acc0c69c18b84d14b7c404']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d9-b3ac-40a0-a0fe-47db950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:17.000Z",
|
|
"modified": "2015-12-22T14:06:17.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/39a84e38eedefd1e193b860f8bf879abc59572d311cda8c7b5e0bd2eef3646e9/analysis/1447729023/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d9-16e8-46b6-b6b2-444d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:17.000Z",
|
|
"modified": "2015-12-22T14:06:17.000Z",
|
|
"description": "- Xchecked via VT: 3b6ae9ba737630d71c32c21a8f84b461",
|
|
"pattern": "[file:hashes.SHA256 = '38d8366729df11afa4d6ee753550a89d6efc42f1d4bd7d86f75202174a6db521']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d9-6774-459f-8c8a-4f74950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:17.000Z",
|
|
"modified": "2015-12-22T14:06:17.000Z",
|
|
"description": "- Xchecked via VT: 3b6ae9ba737630d71c32c21a8f84b461",
|
|
"pattern": "[file:hashes.SHA1 = 'b1dae95beef7a878b01b34ee99c2e2cc8a5043c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958d9-047c-4871-ac0a-461e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:17.000Z",
|
|
"modified": "2015-12-22T14:06:17.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/38d8366729df11afa4d6ee753550a89d6efc42f1d4bd7d86f75202174a6db521/analysis/1449132305/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958da-6e24-4590-be6c-4c54950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:18.000Z",
|
|
"modified": "2015-12-22T14:06:18.000Z",
|
|
"description": "- Xchecked via VT: 922735d508ca7cfbe77fd5c0ca4dc409",
|
|
"pattern": "[file:hashes.SHA256 = '555b4a07a7105bbe44e40d4df26cf3e519b9dd063eac011763c2f279a1fa3e95']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958da-760c-4602-97d0-4d93950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:18.000Z",
|
|
"modified": "2015-12-22T14:06:18.000Z",
|
|
"description": "- Xchecked via VT: 922735d508ca7cfbe77fd5c0ca4dc409",
|
|
"pattern": "[file:hashes.SHA1 = 'c6f4b6549efd411ea17561f18dfadb43e2f29256']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958da-7800-402c-8786-460a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:18.000Z",
|
|
"modified": "2015-12-22T14:06:18.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/555b4a07a7105bbe44e40d4df26cf3e519b9dd063eac011763c2f279a1fa3e95/analysis/1446810526/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958db-5ca0-448d-b63b-40cb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:19.000Z",
|
|
"modified": "2015-12-22T14:06:19.000Z",
|
|
"description": "- Xchecked via VT: 0f283a8bc9bbde16820b68d9d46bab14",
|
|
"pattern": "[file:hashes.SHA256 = '8277bb2f026d9056b4b6d367754a776319e68d8932691c979ea309d7a4f7130f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958db-bbf8-426e-a331-4009950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:19.000Z",
|
|
"modified": "2015-12-22T14:06:19.000Z",
|
|
"description": "- Xchecked via VT: 0f283a8bc9bbde16820b68d9d46bab14",
|
|
"pattern": "[file:hashes.SHA1 = '3c81f6b3493fbb729d3f82d87333c5024b7e282f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958db-63b0-4746-b14c-4f0c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:19.000Z",
|
|
"modified": "2015-12-22T14:06:19.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8277bb2f026d9056b4b6d367754a776319e68d8932691c979ea309d7a4f7130f/analysis/1446812573/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958db-d094-4d09-a795-401a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:19.000Z",
|
|
"modified": "2015-12-22T14:06:19.000Z",
|
|
"description": "- Xchecked via VT: cbe03d0d209ed0017f8414230b1a87d9",
|
|
"pattern": "[file:hashes.SHA256 = '3cb582ce4b81f2bb738fe8eaa046638f75bb401921cd9a98f8a6c992b67ae94a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958dc-24d8-45ea-82dc-4c70950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:20.000Z",
|
|
"modified": "2015-12-22T14:06:20.000Z",
|
|
"description": "- Xchecked via VT: cbe03d0d209ed0017f8414230b1a87d9",
|
|
"pattern": "[file:hashes.SHA1 = 'df7f1c1b114bd3543e54bc96d1494d15b67851c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958dc-5fd4-4dd1-a0ed-4701950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:20.000Z",
|
|
"modified": "2015-12-22T14:06:20.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3cb582ce4b81f2bb738fe8eaa046638f75bb401921cd9a98f8a6c992b67ae94a/analysis/1444740755/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958dc-20fc-4dc6-a2a7-4a10950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:20.000Z",
|
|
"modified": "2015-12-22T14:06:20.000Z",
|
|
"description": "- Xchecked via VT: c8ec24cbd2dd6cfbe81b6809f30b5e4a",
|
|
"pattern": "[file:hashes.SHA256 = '2107761e7e0125157b73bb83ab0e6926237b4a425e3194f0d817a241bbcda29c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958dd-cd88-4f9c-8caf-4e32950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:21.000Z",
|
|
"modified": "2015-12-22T14:06:21.000Z",
|
|
"description": "- Xchecked via VT: c8ec24cbd2dd6cfbe81b6809f30b5e4a",
|
|
"pattern": "[file:hashes.SHA1 = '769923f95f770655a60b4789c4c98c3fd75c610f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958dd-6068-4382-84be-4cb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:21.000Z",
|
|
"modified": "2015-12-22T14:06:21.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2107761e7e0125157b73bb83ab0e6926237b4a425e3194f0d817a241bbcda29c/analysis/1445949069/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958dd-9700-4c98-9008-4637950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:21.000Z",
|
|
"modified": "2015-12-22T14:06:21.000Z",
|
|
"description": "- Xchecked via VT: 4885da6fdf0d0665925b233af7fab33c",
|
|
"pattern": "[file:hashes.SHA256 = '3fb594cd6025b3140a1bd25d664f429347cf5fa17abd0823da5e9c6544dd6372']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958de-43f0-4ab6-b496-4fbe950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:22.000Z",
|
|
"modified": "2015-12-22T14:06:22.000Z",
|
|
"description": "- Xchecked via VT: 4885da6fdf0d0665925b233af7fab33c",
|
|
"pattern": "[file:hashes.SHA1 = '390a261ae824aeed790b6db01094b6946e1af953']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958de-9acc-4586-b37f-42a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:22.000Z",
|
|
"modified": "2015-12-22T14:06:22.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3fb594cd6025b3140a1bd25d664f429347cf5fa17abd0823da5e9c6544dd6372/analysis/1445253812/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958de-d398-4c8f-bdd4-41be950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:22.000Z",
|
|
"modified": "2015-12-22T14:06:22.000Z",
|
|
"description": "- Xchecked via VT: 38c0328740ad6f20fec29a195fc8f5c1",
|
|
"pattern": "[file:hashes.SHA256 = '92c3b46fe15331985e9ba81fb0580bc0672a7d857ca3d8f465c04b2ca8ab19d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958de-bed8-4bd8-b2b7-4455950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:22.000Z",
|
|
"modified": "2015-12-22T14:06:22.000Z",
|
|
"description": "- Xchecked via VT: 38c0328740ad6f20fec29a195fc8f5c1",
|
|
"pattern": "[file:hashes.SHA1 = '6041c1052ba23dd40f266bdb5f2d70c9cba46c69']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958df-4110-43b1-bd23-49bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:23.000Z",
|
|
"modified": "2015-12-22T14:06:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/92c3b46fe15331985e9ba81fb0580bc0672a7d857ca3d8f465c04b2ca8ab19d8/analysis/1443679922/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958df-1680-480f-83a6-4740950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:23.000Z",
|
|
"modified": "2015-12-22T14:06:23.000Z",
|
|
"description": "- Xchecked via VT: afc43c0338de91126344c6c27518b01a",
|
|
"pattern": "[file:hashes.SHA256 = '90fe560948dd1b2699f452cc52ddbe1f16e88791128de36511d17d85e8264868']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958df-37f4-48bc-b39f-4683950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:23.000Z",
|
|
"modified": "2015-12-22T14:06:23.000Z",
|
|
"description": "- Xchecked via VT: afc43c0338de91126344c6c27518b01a",
|
|
"pattern": "[file:hashes.SHA1 = 'c237548a48f3f38b04c2b8441ccf57269aa2af1a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e0-02f8-4346-a0fe-4236950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:24.000Z",
|
|
"modified": "2015-12-22T14:06:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/90fe560948dd1b2699f452cc52ddbe1f16e88791128de36511d17d85e8264868/analysis/1450761096/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e0-a61c-48af-93fc-4db6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:24.000Z",
|
|
"modified": "2015-12-22T14:06:24.000Z",
|
|
"description": "- Xchecked via VT: 06a077550476f68d939234b6405a90eb",
|
|
"pattern": "[file:hashes.SHA256 = 'c119462d6cebc427287f5481545f6888ab86adb121758bac538e7db447c4d787']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e0-be64-41e2-92c1-4ec1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:24.000Z",
|
|
"modified": "2015-12-22T14:06:24.000Z",
|
|
"description": "- Xchecked via VT: 06a077550476f68d939234b6405a90eb",
|
|
"pattern": "[file:hashes.SHA1 = 'eb5d7e6dbf835ede8bc55ff54c38d2c377ddb724']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e0-0e90-4d09-b584-467c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:24.000Z",
|
|
"modified": "2015-12-22T14:06:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c119462d6cebc427287f5481545f6888ab86adb121758bac538e7db447c4d787/analysis/1450631011/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e1-b630-475b-8b0a-470a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:25.000Z",
|
|
"modified": "2015-12-22T14:06:25.000Z",
|
|
"description": "- Xchecked via VT: 8c3e1c43022d5ea35f32b8cdb8225073",
|
|
"pattern": "[file:hashes.SHA256 = 'c8e2e3ba273c9799943eae7bc8796a91433acb93df4ab5b5b67618ac1b8631c4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e1-3034-44ba-a9f1-4939950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:25.000Z",
|
|
"modified": "2015-12-22T14:06:25.000Z",
|
|
"description": "- Xchecked via VT: 8c3e1c43022d5ea35f32b8cdb8225073",
|
|
"pattern": "[file:hashes.SHA1 = 'e46f3d8202f4a65463c29f058c8b2e4bba3c2b47']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e1-1aa4-4736-ab76-457f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:25.000Z",
|
|
"modified": "2015-12-22T14:06:25.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c8e2e3ba273c9799943eae7bc8796a91433acb93df4ab5b5b67618ac1b8631c4/analysis/1443734721/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e2-a2bc-4045-8aa0-4c17950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:26.000Z",
|
|
"modified": "2015-12-22T14:06:26.000Z",
|
|
"description": "- Xchecked via VT: 58c1d5702dd14ed114b32088ed0305e2",
|
|
"pattern": "[file:hashes.SHA256 = '75baec701edde53414303a07242a8949801b70de37dba6b25b51e148f82baf19']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e2-adac-4179-9446-4120950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:26.000Z",
|
|
"modified": "2015-12-22T14:06:26.000Z",
|
|
"description": "- Xchecked via VT: 58c1d5702dd14ed114b32088ed0305e2",
|
|
"pattern": "[file:hashes.SHA1 = 'c4762964544180544c4bd944a8682be24b47e718']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e2-f164-48c7-b45d-4871950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:26.000Z",
|
|
"modified": "2015-12-22T14:06:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/75baec701edde53414303a07242a8949801b70de37dba6b25b51e148f82baf19/analysis/1446022623/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e3-c630-4750-9094-43ef950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:27.000Z",
|
|
"modified": "2015-12-22T14:06:27.000Z",
|
|
"description": "- Xchecked via VT: af464987877450d2a62dfcd746592948",
|
|
"pattern": "[file:hashes.SHA256 = 'ddb104fed9cbb63d5ee3c7c23a0c274683f771f91fb7e2e1b6d9973b57b29025']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e3-ae5c-46b0-bd58-4dd2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:27.000Z",
|
|
"modified": "2015-12-22T14:06:27.000Z",
|
|
"description": "- Xchecked via VT: af464987877450d2a62dfcd746592948",
|
|
"pattern": "[file:hashes.SHA1 = '474b82288dbd52ef43a6ab1399a5441f651a0c35']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e3-15a0-4c94-91e5-4d7c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:27.000Z",
|
|
"modified": "2015-12-22T14:06:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ddb104fed9cbb63d5ee3c7c23a0c274683f771f91fb7e2e1b6d9973b57b29025/analysis/1444932265/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e3-ecc4-45a2-9252-4c2f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:27.000Z",
|
|
"modified": "2015-12-22T14:06:27.000Z",
|
|
"description": "- Xchecked via VT: d80c61156bc6e535f90857024a66b207",
|
|
"pattern": "[file:hashes.SHA256 = '1d21027834689966b51864ef219a08c4deac31c49c3d81edd53f45aeef122300']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e4-992c-4f4f-8226-44e1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:28.000Z",
|
|
"modified": "2015-12-22T14:06:28.000Z",
|
|
"description": "- Xchecked via VT: d80c61156bc6e535f90857024a66b207",
|
|
"pattern": "[file:hashes.SHA1 = '86fa64acf4380d47849572858b727ad61bebe93d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e4-9210-4de8-8472-440e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:28.000Z",
|
|
"modified": "2015-12-22T14:06:28.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1d21027834689966b51864ef219a08c4deac31c49c3d81edd53f45aeef122300/analysis/1447078050/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e4-3d20-4ef8-aa59-403c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:28.000Z",
|
|
"modified": "2015-12-22T14:06:28.000Z",
|
|
"description": "- Xchecked via VT: eeac1aea13810d22c7d8a0e61fb07f58",
|
|
"pattern": "[file:hashes.SHA256 = '8d34dbcb6bcaf4aeb8b40396459206313249170145c3016c9cf36117d295bd09']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e5-abe0-463d-86c1-40e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:29.000Z",
|
|
"modified": "2015-12-22T14:06:29.000Z",
|
|
"description": "- Xchecked via VT: eeac1aea13810d22c7d8a0e61fb07f58",
|
|
"pattern": "[file:hashes.SHA1 = 'fdf951b8623421b7b207429972deecebb8bcb410']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e5-f114-4708-9248-4b29950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:29.000Z",
|
|
"modified": "2015-12-22T14:06:29.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8d34dbcb6bcaf4aeb8b40396459206313249170145c3016c9cf36117d295bd09/analysis/1446810612/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e5-fdbc-4dc8-82d4-4549950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:29.000Z",
|
|
"modified": "2015-12-22T14:06:29.000Z",
|
|
"description": "- Xchecked via VT: a2a9d9fb7103fce514988c20c8550ad7",
|
|
"pattern": "[file:hashes.SHA256 = '9dbd9329d093a1b4f1161f48bb95937d94cee2a0279004cb36ec6201b537045a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e5-4e4c-4ee9-8857-430f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:29.000Z",
|
|
"modified": "2015-12-22T14:06:29.000Z",
|
|
"description": "- Xchecked via VT: a2a9d9fb7103fce514988c20c8550ad7",
|
|
"pattern": "[file:hashes.SHA1 = '993216b7298d67a6f598062adbcb53cfb36dc203']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e6-b6a0-431e-a014-468a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:30.000Z",
|
|
"modified": "2015-12-22T14:06:30.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9dbd9329d093a1b4f1161f48bb95937d94cee2a0279004cb36ec6201b537045a/analysis/1447072346/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e6-a544-4d00-9f1b-4928950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:30.000Z",
|
|
"modified": "2015-12-22T14:06:30.000Z",
|
|
"description": "- Xchecked via VT: 140eadc7a0c443bf8a070a6c35509acb",
|
|
"pattern": "[file:hashes.SHA256 = '9c0b52b33b389701be306c22cfe7d2346ca697f39d166c4c5fd7f013a0e551c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e6-ced0-460a-859f-4052950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:30.000Z",
|
|
"modified": "2015-12-22T14:06:30.000Z",
|
|
"description": "- Xchecked via VT: 140eadc7a0c443bf8a070a6c35509acb",
|
|
"pattern": "[file:hashes.SHA1 = '752c028a0b6bf302236f37c2cc044f55dcd068ae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e7-87d0-4eac-b879-4025950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:31.000Z",
|
|
"modified": "2015-12-22T14:06:31.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9c0b52b33b389701be306c22cfe7d2346ca697f39d166c4c5fd7f013a0e551c9/analysis/1444980437/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e7-31c8-4ba4-9135-4bbd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:31.000Z",
|
|
"modified": "2015-12-22T14:06:31.000Z",
|
|
"description": "- Xchecked via VT: ee45cf72bb155eecbe217f58359919d8",
|
|
"pattern": "[file:hashes.SHA256 = '287b931880cf6eeb4b77419b8fa726635a3f1441cadde394873c99df04e2bb84']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e7-6ce8-4d31-b67d-4ea2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:31.000Z",
|
|
"modified": "2015-12-22T14:06:31.000Z",
|
|
"description": "- Xchecked via VT: ee45cf72bb155eecbe217f58359919d8",
|
|
"pattern": "[file:hashes.SHA1 = 'ee04abcce91310f66b0878a939c9f5737ccfebcd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e8-6460-495b-b075-4213950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:32.000Z",
|
|
"modified": "2015-12-22T14:06:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/287b931880cf6eeb4b77419b8fa726635a3f1441cadde394873c99df04e2bb84/analysis/1445007595/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e8-dbd0-4594-b243-477e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:32.000Z",
|
|
"modified": "2015-12-22T14:06:32.000Z",
|
|
"description": "- Xchecked via VT: 00fae81986029de180f47c8d0de85c9e",
|
|
"pattern": "[file:hashes.SHA256 = '292fdcafafb6b563723dad7356c98180e5f28e15e27b73f9beb4f30de039439f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e8-6e70-45cf-8e2d-466f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:32.000Z",
|
|
"modified": "2015-12-22T14:06:32.000Z",
|
|
"description": "- Xchecked via VT: 00fae81986029de180f47c8d0de85c9e",
|
|
"pattern": "[file:hashes.SHA1 = '54249999073be8e0d42017b100bd4c8ec0b68aac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e8-ad60-4ffe-8681-4d2c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:32.000Z",
|
|
"modified": "2015-12-22T14:06:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/292fdcafafb6b563723dad7356c98180e5f28e15e27b73f9beb4f30de039439f/analysis/1447078108/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e9-1a28-4b49-9af1-4f67950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:33.000Z",
|
|
"modified": "2015-12-22T14:06:33.000Z",
|
|
"description": "- Xchecked via VT: be9ebc1aa67eedca99a1d1e5659f741c",
|
|
"pattern": "[file:hashes.SHA256 = '00514c8f3475e773750136fc6b75537fc794512cb595650d53cb0693a52acb34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e9-1044-4969-8353-4a2e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:33.000Z",
|
|
"modified": "2015-12-22T14:06:33.000Z",
|
|
"description": "- Xchecked via VT: be9ebc1aa67eedca99a1d1e5659f741c",
|
|
"pattern": "[file:hashes.SHA1 = 'c9e266cd293990938ba3d3d9bff56028667cd4de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958e9-efd0-4399-bed6-4ae0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:33.000Z",
|
|
"modified": "2015-12-22T14:06:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/00514c8f3475e773750136fc6b75537fc794512cb595650d53cb0693a52acb34/analysis/1450760548/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ea-ba58-4e2d-a71b-45d0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:34.000Z",
|
|
"modified": "2015-12-22T14:06:34.000Z",
|
|
"description": "- Xchecked via VT: ae80b23eb36dcc1afeadcb64f9fecbf5",
|
|
"pattern": "[file:hashes.SHA256 = '4cc2246dc1cc6efee30621a5e408db677a251617efa153ac1ff60c7003760b93']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ea-cd4c-4486-b840-4d0f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:34.000Z",
|
|
"modified": "2015-12-22T14:06:34.000Z",
|
|
"description": "- Xchecked via VT: ae80b23eb36dcc1afeadcb64f9fecbf5",
|
|
"pattern": "[file:hashes.SHA1 = '445a3b40316712cacb18d656172cf748775e9568']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ea-f474-42ff-991f-4671950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:34.000Z",
|
|
"modified": "2015-12-22T14:06:34.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/4cc2246dc1cc6efee30621a5e408db677a251617efa153ac1ff60c7003760b93/analysis/1447234501/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958eb-ecd4-4ed5-8388-4496950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:35.000Z",
|
|
"modified": "2015-12-22T14:06:35.000Z",
|
|
"description": "- Xchecked via VT: 35670b2361a463d9b786a2167770d3f4",
|
|
"pattern": "[file:hashes.SHA256 = 'a0a799cb55e33dd7bafbcd14b54379ca029e0bb6da87cd168658cbf396c77aef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958eb-46d0-4f88-aa47-416e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:35.000Z",
|
|
"modified": "2015-12-22T14:06:35.000Z",
|
|
"description": "- Xchecked via VT: 35670b2361a463d9b786a2167770d3f4",
|
|
"pattern": "[file:hashes.SHA1 = '5b499f9d991167c6c19a99daea2827f38f0ed2e0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958eb-1170-4cd8-8b9e-49fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:35.000Z",
|
|
"modified": "2015-12-22T14:06:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a0a799cb55e33dd7bafbcd14b54379ca029e0bb6da87cd168658cbf396c77aef/analysis/1446109014/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958eb-6360-4340-9c98-46fd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:35.000Z",
|
|
"modified": "2015-12-22T14:06:35.000Z",
|
|
"description": "- Xchecked via VT: a8c1b306baeb315b815c8a4381924bdd",
|
|
"pattern": "[file:hashes.SHA256 = 'e0df7b43ad8fded50be99e5afaf065ef1de2d96cd976d7347c8c82b6f8c321f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ec-44cc-44dc-80c1-420e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:36.000Z",
|
|
"modified": "2015-12-22T14:06:36.000Z",
|
|
"description": "- Xchecked via VT: a8c1b306baeb315b815c8a4381924bdd",
|
|
"pattern": "[file:hashes.SHA1 = '1dad20b54ba9422d69afd92d5ad49c958f9ef941']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ec-9464-45fd-87e9-400e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:36.000Z",
|
|
"modified": "2015-12-22T14:06:36.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e0df7b43ad8fded50be99e5afaf065ef1de2d96cd976d7347c8c82b6f8c321f1/analysis/1445364372/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ec-1aec-4490-a081-4027950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:36.000Z",
|
|
"modified": "2015-12-22T14:06:36.000Z",
|
|
"description": "- Xchecked via VT: 2bb672c8af7f08b88b41e9750a9445d6",
|
|
"pattern": "[file:hashes.SHA256 = 'ca262d9a3a3cc4d0f816cd29910719fdcf0fc8b8f13fc39f5b93b74ed8a37424']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ed-19c0-42f1-9511-4704950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:37.000Z",
|
|
"modified": "2015-12-22T14:06:37.000Z",
|
|
"description": "- Xchecked via VT: 2bb672c8af7f08b88b41e9750a9445d6",
|
|
"pattern": "[file:hashes.SHA1 = '4b7ef2e683134bd85f7e5ba3fd8903f7aa210b01']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ed-cb3c-4cf4-90eb-4a21950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:37.000Z",
|
|
"modified": "2015-12-22T14:06:37.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ca262d9a3a3cc4d0f816cd29910719fdcf0fc8b8f13fc39f5b93b74ed8a37424/analysis/1446810820/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ed-b434-4883-ba6b-46c9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:37.000Z",
|
|
"modified": "2015-12-22T14:06:37.000Z",
|
|
"description": "- Xchecked via VT: 844b01e0e2383b76fafba9701788e046",
|
|
"pattern": "[file:hashes.SHA256 = '86534ffdf3a5cc165b263e3a0affd385cb71399f5eaa396c8dc2cb5105e60a59']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ee-3564-4eca-bf82-41e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:38.000Z",
|
|
"modified": "2015-12-22T14:06:38.000Z",
|
|
"description": "- Xchecked via VT: 844b01e0e2383b76fafba9701788e046",
|
|
"pattern": "[file:hashes.SHA1 = '5a05a2012f6bbf9cda51416b9f97f89ad8af290c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ee-26f8-48b9-a19b-46ee950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:38.000Z",
|
|
"modified": "2015-12-22T14:06:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/86534ffdf3a5cc165b263e3a0affd385cb71399f5eaa396c8dc2cb5105e60a59/analysis/1443625678/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ee-acb8-40da-9d67-4a1b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:38.000Z",
|
|
"modified": "2015-12-22T14:06:38.000Z",
|
|
"description": "- Xchecked via VT: 752ca561596ba94cf47a5f5c72461b7a",
|
|
"pattern": "[file:hashes.SHA256 = '08b88329b49c04539a4b57d2c1b87d3c04ad9a4c008d5805681bf5b319311f6c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ee-3420-4f4e-8333-4578950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:38.000Z",
|
|
"modified": "2015-12-22T14:06:38.000Z",
|
|
"description": "- Xchecked via VT: 752ca561596ba94cf47a5f5c72461b7a",
|
|
"pattern": "[file:hashes.SHA1 = 'fbeb477c66f777a055799d81fc1d62fdc40ebbf3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ef-55e4-45df-8160-4100950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:39.000Z",
|
|
"modified": "2015-12-22T14:06:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/08b88329b49c04539a4b57d2c1b87d3c04ad9a4c008d5805681bf5b319311f6c/analysis/1446108569/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ef-4c40-4863-9ac5-4915950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:39.000Z",
|
|
"modified": "2015-12-22T14:06:39.000Z",
|
|
"description": "- Xchecked via VT: 900b33c060ff0d10dff1cf9b756aa792",
|
|
"pattern": "[file:hashes.SHA256 = '458e21ba130e8808eaf6af0ba9964f19373dc47925c1563d6f2e62fabd7b19c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ef-de4c-417b-91a5-475c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:39.000Z",
|
|
"modified": "2015-12-22T14:06:39.000Z",
|
|
"description": "- Xchecked via VT: 900b33c060ff0d10dff1cf9b756aa792",
|
|
"pattern": "[file:hashes.SHA1 = 'ebbb5f2b68ad4a4deb54e5a3b11ecc83bfbbb857']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ef-1eb8-4c86-adfc-4309950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:39.000Z",
|
|
"modified": "2015-12-22T14:06:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/458e21ba130e8808eaf6af0ba9964f19373dc47925c1563d6f2e62fabd7b19c3/analysis/1445325782/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f0-0ab4-4d65-885c-4598950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:40.000Z",
|
|
"modified": "2015-12-22T14:06:40.000Z",
|
|
"description": "- Xchecked via VT: 8154f9a68f76a754abbc2786dcdb0540",
|
|
"pattern": "[file:hashes.SHA256 = 'dfd1289979ed0cbc77c0ca54b03fb6df07717183e4af9cbc2bfeee08c45c012c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f0-b898-4779-a559-4839950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:40.000Z",
|
|
"modified": "2015-12-22T14:06:40.000Z",
|
|
"description": "- Xchecked via VT: 8154f9a68f76a754abbc2786dcdb0540",
|
|
"pattern": "[file:hashes.SHA1 = 'b4ad0d858b55284866e13bab554fe2681635de35']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f0-ad38-4c9a-99f5-4ccc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:40.000Z",
|
|
"modified": "2015-12-22T14:06:40.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/dfd1289979ed0cbc77c0ca54b03fb6df07717183e4af9cbc2bfeee08c45c012c/analysis/1447151771/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f1-d688-4483-9106-4082950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:41.000Z",
|
|
"modified": "2015-12-22T14:06:41.000Z",
|
|
"description": "- Xchecked via VT: ea31aeb11480d1cec32d12a316cdf790",
|
|
"pattern": "[file:hashes.SHA256 = '5f0a075e5b6d4eb2395c289831b19a9fe5757859afbcfb40b65038b31d3e3e5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f1-5e38-4338-88ab-4494950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:41.000Z",
|
|
"modified": "2015-12-22T14:06:41.000Z",
|
|
"description": "- Xchecked via VT: ea31aeb11480d1cec32d12a316cdf790",
|
|
"pattern": "[file:hashes.SHA1 = 'ed7dc22001e3aa4ace091ff5a4c759e642aca817']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f1-eb3c-450d-991e-49cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:41.000Z",
|
|
"modified": "2015-12-22T14:06:41.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5f0a075e5b6d4eb2395c289831b19a9fe5757859afbcfb40b65038b31d3e3e5d/analysis/1447152372/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f1-137c-4f32-8d1e-4a70950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:41.000Z",
|
|
"modified": "2015-12-22T14:06:41.000Z",
|
|
"description": "- Xchecked via VT: c05e7c64f624e9219bb3f434629244a3",
|
|
"pattern": "[file:hashes.SHA256 = 'bfb89df4fe0d9fd00e4ac67857eb13e5bccb0234f5de397046372c5ed088f6fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f2-d978-4e58-ba03-4612950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:42.000Z",
|
|
"modified": "2015-12-22T14:06:42.000Z",
|
|
"description": "- Xchecked via VT: c05e7c64f624e9219bb3f434629244a3",
|
|
"pattern": "[file:hashes.SHA1 = 'dd54828ec75d5f0dd22db761010505a91122dae4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f2-a4d8-4889-a5a4-47af950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:42.000Z",
|
|
"modified": "2015-12-22T14:06:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/bfb89df4fe0d9fd00e4ac67857eb13e5bccb0234f5de397046372c5ed088f6fe/analysis/1445238284/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f2-b694-4a34-8608-4ab3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:42.000Z",
|
|
"modified": "2015-12-22T14:06:42.000Z",
|
|
"description": "- Xchecked via VT: 5f53d8920e8369b3f2911671ec35fe52",
|
|
"pattern": "[file:hashes.SHA256 = '932f8ea6d0adb4f434f945f03f8a6150da56525fd2a81bb644d8ad55b787c427']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f3-3dfc-40ac-a444-4ea5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:43.000Z",
|
|
"modified": "2015-12-22T14:06:43.000Z",
|
|
"description": "- Xchecked via VT: 5f53d8920e8369b3f2911671ec35fe52",
|
|
"pattern": "[file:hashes.SHA1 = 'b31ff8b7e3e3152f83967e7e3d67e5503f221e69']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f3-9d84-470f-8b11-4736950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:43.000Z",
|
|
"modified": "2015-12-22T14:06:43.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/932f8ea6d0adb4f434f945f03f8a6150da56525fd2a81bb644d8ad55b787c427/analysis/1450760624/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f3-e568-4c39-a4c0-4cb4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:43.000Z",
|
|
"modified": "2015-12-22T14:06:43.000Z",
|
|
"description": "- Xchecked via VT: 7e0f09aa3b47c760ec2ae586b97f283a",
|
|
"pattern": "[file:hashes.SHA256 = 'a34de4d0dac6e5b40609e1a156e66fcdb44094851eee88b636891b97ff57ea21']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f4-c584-456e-be81-448e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:44.000Z",
|
|
"modified": "2015-12-22T14:06:44.000Z",
|
|
"description": "- Xchecked via VT: 7e0f09aa3b47c760ec2ae586b97f283a",
|
|
"pattern": "[file:hashes.SHA1 = 'bbcca10917724d508bb2b0285b189c9d4522e541']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f4-227c-4a22-ba98-4727950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:44.000Z",
|
|
"modified": "2015-12-22T14:06:44.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a34de4d0dac6e5b40609e1a156e66fcdb44094851eee88b636891b97ff57ea21/analysis/1444896938/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f4-1f44-4b1b-9265-4f60950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:44.000Z",
|
|
"modified": "2015-12-22T14:06:44.000Z",
|
|
"description": "- Xchecked via VT: 5fe8431707940ee736801515274a8a18",
|
|
"pattern": "[file:hashes.SHA256 = 'f578e43e9cd69c7fce044336e771443a6dc9b123c6984b96a5bffe425351572f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f4-3524-45d3-815f-4ebd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:44.000Z",
|
|
"modified": "2015-12-22T14:06:44.000Z",
|
|
"description": "- Xchecked via VT: 5fe8431707940ee736801515274a8a18",
|
|
"pattern": "[file:hashes.SHA1 = 'a20d8ddcaeb29a868e17f344248aa8ee7e4a395b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f5-a500-4e20-b548-440e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:45.000Z",
|
|
"modified": "2015-12-22T14:06:45.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f578e43e9cd69c7fce044336e771443a6dc9b123c6984b96a5bffe425351572f/analysis/1444747866/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f5-045c-4630-b540-4ba8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:45.000Z",
|
|
"modified": "2015-12-22T14:06:45.000Z",
|
|
"description": "- Xchecked via VT: 354175be20ae6a5a8e3212485813897e",
|
|
"pattern": "[file:hashes.SHA256 = 'b22ea957171d7d39cb3e39ce1be378513d14502d5f77f41ff66fe8f6688b34d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f5-09f8-45ef-9fcb-4b17950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:45.000Z",
|
|
"modified": "2015-12-22T14:06:45.000Z",
|
|
"description": "- Xchecked via VT: 354175be20ae6a5a8e3212485813897e",
|
|
"pattern": "[file:hashes.SHA1 = 'f2b169f76a33c4dbc132990ac2d729d7614991c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f6-8b4c-413c-9875-4ada950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:46.000Z",
|
|
"modified": "2015-12-22T14:06:46.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b22ea957171d7d39cb3e39ce1be378513d14502d5f77f41ff66fe8f6688b34d7/analysis/1444885624/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f6-ab3c-415f-aadf-4446950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:46.000Z",
|
|
"modified": "2015-12-22T14:06:46.000Z",
|
|
"description": "- Xchecked via VT: 85c8efc9af9f8ea11844a578a1bedf16",
|
|
"pattern": "[file:hashes.SHA256 = 'b43507618f287ad5e6bf9c8d7010daaac69e060a59a8d1886b3c2fe9c0effd2c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f6-c958-4b56-8f57-46fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:46.000Z",
|
|
"modified": "2015-12-22T14:06:46.000Z",
|
|
"description": "- Xchecked via VT: 85c8efc9af9f8ea11844a578a1bedf16",
|
|
"pattern": "[file:hashes.SHA1 = '6042c0bcc90f1363c9e7a6aaa5ef31c699707391']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f7-ab7c-48cd-8f96-463d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:47.000Z",
|
|
"modified": "2015-12-22T14:06:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b43507618f287ad5e6bf9c8d7010daaac69e060a59a8d1886b3c2fe9c0effd2c/analysis/1445940367/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f7-b628-4860-99c5-44d2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:47.000Z",
|
|
"modified": "2015-12-22T14:06:47.000Z",
|
|
"description": "- Xchecked via VT: a59a2a47ed23e8c97c4d1d85ee8756f7",
|
|
"pattern": "[file:hashes.SHA256 = 'acea74496d0a2b3244f16d78be4d4473dc52be00a594f62b6fa50648ab97cd98']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f7-545c-4a49-9e18-464b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:47.000Z",
|
|
"modified": "2015-12-22T14:06:47.000Z",
|
|
"description": "- Xchecked via VT: a59a2a47ed23e8c97c4d1d85ee8756f7",
|
|
"pattern": "[file:hashes.SHA1 = '9968eb0c6b7ed91f8ce1a2e3fb39df811a2e1370']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f7-667c-4cb4-a89b-44ce950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:47.000Z",
|
|
"modified": "2015-12-22T14:06:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/acea74496d0a2b3244f16d78be4d4473dc52be00a594f62b6fa50648ab97cd98/analysis/1445948607/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f8-658c-41d1-88c0-49b5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:48.000Z",
|
|
"modified": "2015-12-22T14:06:48.000Z",
|
|
"description": "- Xchecked via VT: 8090ed11be5a4c6be90d2c36265528be",
|
|
"pattern": "[file:hashes.SHA256 = 'e9cc720b74f839c0fbfe9a1206b555223d206f027f3cb410b0f0ad979fed0084']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f8-e590-4553-893c-49df950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:48.000Z",
|
|
"modified": "2015-12-22T14:06:48.000Z",
|
|
"description": "- Xchecked via VT: 8090ed11be5a4c6be90d2c36265528be",
|
|
"pattern": "[file:hashes.SHA1 = '3097693e24c0606e2248bca59d2ad06725e1fa6f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f8-c9f0-412e-8060-485d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:48.000Z",
|
|
"modified": "2015-12-22T14:06:48.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e9cc720b74f839c0fbfe9a1206b555223d206f027f3cb410b0f0ad979fed0084/analysis/1446810559/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f8-a4f0-4c3d-9c42-4250950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:48.000Z",
|
|
"modified": "2015-12-22T14:06:48.000Z",
|
|
"description": "- Xchecked via VT: f8b3989d68a5ca8e66cd1e29c4d6613e",
|
|
"pattern": "[file:hashes.SHA256 = 'f195b314ace9867908cc9f35f3def1606f3ec4e761ba48c324645a602fb0d584']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f9-3efc-4faf-8003-4522950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:49.000Z",
|
|
"modified": "2015-12-22T14:06:49.000Z",
|
|
"description": "- Xchecked via VT: f8b3989d68a5ca8e66cd1e29c4d6613e",
|
|
"pattern": "[file:hashes.SHA1 = '7d6db36f957e6f1dd0d884c6fd8e35bc4e132fcc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f9-c450-4c74-8f74-4ffe950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:49.000Z",
|
|
"modified": "2015-12-22T14:06:49.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f195b314ace9867908cc9f35f3def1606f3ec4e761ba48c324645a602fb0d584/analysis/1445439019/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f9-b82c-40b3-b587-4f06950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:49.000Z",
|
|
"modified": "2015-12-22T14:06:49.000Z",
|
|
"description": "- Xchecked via VT: c85462e5f6656c91eff133f53d0c64df",
|
|
"pattern": "[file:hashes.SHA256 = '1e3876e8b7530c73929c66fa2348fc6bf13202440051dc79937ed80defae5d6a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958f9-9604-41b8-af7f-4372950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:49.000Z",
|
|
"modified": "2015-12-22T14:06:49.000Z",
|
|
"description": "- Xchecked via VT: c85462e5f6656c91eff133f53d0c64df",
|
|
"pattern": "[file:hashes.SHA1 = '1738062b305989e742e6a5831dfa30ba783b788b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fa-bee8-456d-ba9e-4fda950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:50.000Z",
|
|
"modified": "2015-12-22T14:06:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1e3876e8b7530c73929c66fa2348fc6bf13202440051dc79937ed80defae5d6a/analysis/1444172373/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fa-98c8-4ba1-865c-466b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:50.000Z",
|
|
"modified": "2015-12-22T14:06:50.000Z",
|
|
"description": "- Xchecked via VT: c9931f6dcec29a7aad5abf395381957c",
|
|
"pattern": "[file:hashes.SHA256 = '86411403a58577840c2e676f2a23d850bb272f4aa4a213aee55c6396e05a9792']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fa-eeb0-4a87-87db-4627950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:50.000Z",
|
|
"modified": "2015-12-22T14:06:50.000Z",
|
|
"description": "- Xchecked via VT: c9931f6dcec29a7aad5abf395381957c",
|
|
"pattern": "[file:hashes.SHA1 = '426217be2209b9bd2a4d8b830d5953a697869ae1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fa-1d64-418c-9e10-4212950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:50.000Z",
|
|
"modified": "2015-12-22T14:06:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/86411403a58577840c2e676f2a23d850bb272f4aa4a213aee55c6396e05a9792/analysis/1444776753/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fb-1de4-4f11-9942-40e7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:51.000Z",
|
|
"modified": "2015-12-22T14:06:51.000Z",
|
|
"description": "- Xchecked via VT: 2ee5c7e17fca4e95881af84c5dee7b6f",
|
|
"pattern": "[file:hashes.SHA256 = '6dca9dddbddde0a69304f0e76a0f6012fcebe8bcdb96353065676adaad85a864']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fb-f93c-41ac-93a1-4075950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:51.000Z",
|
|
"modified": "2015-12-22T14:06:51.000Z",
|
|
"description": "- Xchecked via VT: 2ee5c7e17fca4e95881af84c5dee7b6f",
|
|
"pattern": "[file:hashes.SHA1 = '200c4f941cc7c7c5d67eaa37e4efdc894abdd5bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fb-ec58-4fea-8e04-4535950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:51.000Z",
|
|
"modified": "2015-12-22T14:06:51.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6dca9dddbddde0a69304f0e76a0f6012fcebe8bcdb96353065676adaad85a864/analysis/1445938481/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fb-1d00-492a-af28-45fb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:51.000Z",
|
|
"modified": "2015-12-22T14:06:51.000Z",
|
|
"description": "- Xchecked via VT: d72c52a8653c6013ab923d364f5aa6a8",
|
|
"pattern": "[file:hashes.SHA256 = 'c716ac2c2461600df62d2074cfc89c2799bab1a62476ffd84adbf6be904ec9ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fc-6ccc-43e6-aa99-431f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:52.000Z",
|
|
"modified": "2015-12-22T14:06:52.000Z",
|
|
"description": "- Xchecked via VT: d72c52a8653c6013ab923d364f5aa6a8",
|
|
"pattern": "[file:hashes.SHA1 = '60229ecb564144e04dff0ab05dfd95286f0e033d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fc-ee3c-47a9-bee3-40ee950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:52.000Z",
|
|
"modified": "2015-12-22T14:06:52.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c716ac2c2461600df62d2074cfc89c2799bab1a62476ffd84adbf6be904ec9ba/analysis/1444932781/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fc-2600-4a7f-9a7e-41fe950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:52.000Z",
|
|
"modified": "2015-12-22T14:06:52.000Z",
|
|
"description": "- Xchecked via VT: ef931b306cbda2e6ef8e6abaf8ebdff4",
|
|
"pattern": "[file:hashes.SHA256 = '467577ff1aeb2c18116c2a2d720f9a04f315d7fb718e2d37261ba69773d93bf1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fd-0370-4645-929a-4cec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:53.000Z",
|
|
"modified": "2015-12-22T14:06:53.000Z",
|
|
"description": "- Xchecked via VT: ef931b306cbda2e6ef8e6abaf8ebdff4",
|
|
"pattern": "[file:hashes.SHA1 = '2f89d73cc2e0ad619559cfac23c25eb3706e3116']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fd-5fb4-4fa8-ad53-43b1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:53.000Z",
|
|
"modified": "2015-12-22T14:06:53.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/467577ff1aeb2c18116c2a2d720f9a04f315d7fb718e2d37261ba69773d93bf1/analysis/1445355253/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fd-d678-4a29-b4db-48d6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:53.000Z",
|
|
"modified": "2015-12-22T14:06:53.000Z",
|
|
"description": "- Xchecked via VT: 4cb7ce0e2d9ffd19ba431441f1f63c00",
|
|
"pattern": "[file:hashes.SHA256 = 'cf8134bf30d71aa9e346cf04693f85611a13a92450a07cd68856212128570be4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fd-187c-421b-9e7a-44a4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:53.000Z",
|
|
"modified": "2015-12-22T14:06:53.000Z",
|
|
"description": "- Xchecked via VT: 4cb7ce0e2d9ffd19ba431441f1f63c00",
|
|
"pattern": "[file:hashes.SHA1 = 'cce62857dc38d7a5437c7f12ca30b8deb9d6917e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fe-7620-48a6-a4d8-463d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:54.000Z",
|
|
"modified": "2015-12-22T14:06:54.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/cf8134bf30d71aa9e346cf04693f85611a13a92450a07cd68856212128570be4/analysis/1446814537/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fe-c148-4d81-aad1-4e48950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:54.000Z",
|
|
"modified": "2015-12-22T14:06:54.000Z",
|
|
"description": "- Xchecked via VT: fb0925a19169e38dc4f7927b5797ff46",
|
|
"pattern": "[file:hashes.SHA256 = '29620221b3737ae2330ec2f1313880c51b4383d290c169005e71d2a009348b07']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958fe-c69c-4782-b9b8-463d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:54.000Z",
|
|
"modified": "2015-12-22T14:06:54.000Z",
|
|
"description": "- Xchecked via VT: fb0925a19169e38dc4f7927b5797ff46",
|
|
"pattern": "[file:hashes.SHA1 = '4bc5426e272c7c1ff14653c01400f4e8b1a6d0d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ff-0234-4151-a603-4be3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:55.000Z",
|
|
"modified": "2015-12-22T14:06:55.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/29620221b3737ae2330ec2f1313880c51b4383d290c169005e71d2a009348b07/analysis/1444743785/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ff-8024-4de7-8823-4533950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:55.000Z",
|
|
"modified": "2015-12-22T14:06:55.000Z",
|
|
"description": "- Xchecked via VT: f200a6a77822148d9e006bcbe8d55ccf",
|
|
"pattern": "[file:hashes.SHA256 = 'b6e91622afff5652ca8dc966c46daaed0767ab01bdf2ea7b47397dda1defe924']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--567958ff-03e0-4bd1-be91-4f72950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:55.000Z",
|
|
"modified": "2015-12-22T14:06:55.000Z",
|
|
"description": "- Xchecked via VT: f200a6a77822148d9e006bcbe8d55ccf",
|
|
"pattern": "[file:hashes.SHA1 = 'f196f052ab1ca5f8ef9249c2738104cf5f7aea15']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795900-7408-4b67-8e49-4efc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:56.000Z",
|
|
"modified": "2015-12-22T14:06:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b6e91622afff5652ca8dc966c46daaed0767ab01bdf2ea7b47397dda1defe924/analysis/1446113100/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795900-76ac-4491-8030-4c6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:56.000Z",
|
|
"modified": "2015-12-22T14:06:56.000Z",
|
|
"description": "- Xchecked via VT: e27f491893a6ae4a775d2f0894db9bda",
|
|
"pattern": "[file:hashes.SHA256 = 'dec913f8aca4a44efc003ef25da0185539d091bcc9d41f5cb68b6e8b26ae8998']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795900-cf7c-44f8-b6e2-4a70950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:56.000Z",
|
|
"modified": "2015-12-22T14:06:56.000Z",
|
|
"description": "- Xchecked via VT: e27f491893a6ae4a775d2f0894db9bda",
|
|
"pattern": "[file:hashes.SHA1 = 'ac865ec5b4b8236920c5a5228024ffb454646793']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795900-7fa8-4dd2-88c5-48b0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:56.000Z",
|
|
"modified": "2015-12-22T14:06:56.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/dec913f8aca4a44efc003ef25da0185539d091bcc9d41f5cb68b6e8b26ae8998/analysis/1447689990/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795901-bd08-4c17-9465-47ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:57.000Z",
|
|
"modified": "2015-12-22T14:06:57.000Z",
|
|
"description": "- Xchecked via VT: 6fac7525cff3fc5d3dab00b756f9bc6b",
|
|
"pattern": "[file:hashes.SHA256 = 'afd3bf977a00da2f76eef45fb7aaa8bc7a26d3ae9cb727d6786ee19a5bb8d26c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795901-1fdc-4bf6-b9c2-446c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:57.000Z",
|
|
"modified": "2015-12-22T14:06:57.000Z",
|
|
"description": "- Xchecked via VT: 6fac7525cff3fc5d3dab00b756f9bc6b",
|
|
"pattern": "[file:hashes.SHA1 = '4a358f7f06e8ed9f6860866fe284c9fe41a04ce5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795901-b11c-4f04-a25e-482b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:57.000Z",
|
|
"modified": "2015-12-22T14:06:57.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/afd3bf977a00da2f76eef45fb7aaa8bc7a26d3ae9cb727d6786ee19a5bb8d26c/analysis/1447152459/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795902-0588-4335-9025-44aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:58.000Z",
|
|
"modified": "2015-12-22T14:06:58.000Z",
|
|
"description": "- Xchecked via VT: ac7edc1ed507635b6be79f64967f36f0",
|
|
"pattern": "[file:hashes.SHA256 = '8edd3576392548b84ceeb638e75b51a5aadafb7f395920e398ff726e252a8acb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795902-d9e0-40cd-bdd0-48cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:58.000Z",
|
|
"modified": "2015-12-22T14:06:58.000Z",
|
|
"description": "- Xchecked via VT: ac7edc1ed507635b6be79f64967f36f0",
|
|
"pattern": "[file:hashes.SHA1 = 'e02ecf6eb2e4eb5572ccdcd8a9b56fca33b1e568']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795902-a330-41f3-8fdb-4440950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:58.000Z",
|
|
"modified": "2015-12-22T14:06:58.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8edd3576392548b84ceeb638e75b51a5aadafb7f395920e398ff726e252a8acb/analysis/1446558111/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795903-8578-4c44-934f-4f42950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:59.000Z",
|
|
"modified": "2015-12-22T14:06:59.000Z",
|
|
"description": "- Xchecked via VT: 60faba1e39a397b68343355632bdd2c5",
|
|
"pattern": "[file:hashes.SHA256 = '05e992a5b4912e03a1f05e096d0af3482178f99de2116c4df813c54e511ca891']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795903-f7e8-49ee-b3fa-4b68950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:59.000Z",
|
|
"modified": "2015-12-22T14:06:59.000Z",
|
|
"description": "- Xchecked via VT: 60faba1e39a397b68343355632bdd2c5",
|
|
"pattern": "[file:hashes.SHA1 = '525ad52fe5a8f70fe662a96849850bcac6cd989e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795903-6538-49a4-8b1f-4647950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:59.000Z",
|
|
"modified": "2015-12-22T14:06:59.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/05e992a5b4912e03a1f05e096d0af3482178f99de2116c4df813c54e511ca891/analysis/1446812314/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795903-b278-4f8f-92e6-478a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:06:59.000Z",
|
|
"modified": "2015-12-22T14:06:59.000Z",
|
|
"description": "- Xchecked via VT: 7a1763dc91f701beb4446208ff1603cc",
|
|
"pattern": "[file:hashes.SHA256 = '99f245f085f9538e40806ef2e1bb60c627e4f40f51f4c2e4370afd718ab5f53d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:06:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795904-76d8-421b-b660-4e36950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:00.000Z",
|
|
"modified": "2015-12-22T14:07:00.000Z",
|
|
"description": "- Xchecked via VT: 7a1763dc91f701beb4446208ff1603cc",
|
|
"pattern": "[file:hashes.SHA1 = '76185e3d36cbdec963a5b70c8555a800ee76a6bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795904-a2d8-47cc-802f-4172950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:00.000Z",
|
|
"modified": "2015-12-22T14:07:00.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/99f245f085f9538e40806ef2e1bb60c627e4f40f51f4c2e4370afd718ab5f53d/analysis/1450718193/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795904-50f8-4807-a17b-4a3e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:00.000Z",
|
|
"modified": "2015-12-22T14:07:00.000Z",
|
|
"description": "- Xchecked via VT: f0d4fd3be8d5c167a6e63cd6960b08e4",
|
|
"pattern": "[file:hashes.SHA256 = 'f50e8d3a87af3b101a759cd9351ca7985edc1d3bb23b875b6f751c6112b01bcb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795905-53fc-426d-9873-483e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:01.000Z",
|
|
"modified": "2015-12-22T14:07:01.000Z",
|
|
"description": "- Xchecked via VT: f0d4fd3be8d5c167a6e63cd6960b08e4",
|
|
"pattern": "[file:hashes.SHA1 = '1e50712ddcc83b9ee3ff0d022550f30c5a7c49d2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795905-034c-457f-bc4e-418b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:01.000Z",
|
|
"modified": "2015-12-22T14:07:01.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f50e8d3a87af3b101a759cd9351ca7985edc1d3bb23b875b6f751c6112b01bcb/analysis/1445364660/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795905-cb4c-472d-bd3b-4889950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:01.000Z",
|
|
"modified": "2015-12-22T14:07:01.000Z",
|
|
"description": "- Xchecked via VT: c935e2de7027e99487afc52148e30e18",
|
|
"pattern": "[file:hashes.SHA256 = 'f77d5c6e91bac38d5b04b8eab892d81514972a088abdacd6ae1f62b634c37bf1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795905-2144-4d49-8cc4-4a13950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:01.000Z",
|
|
"modified": "2015-12-22T14:07:01.000Z",
|
|
"description": "- Xchecked via VT: c935e2de7027e99487afc52148e30e18",
|
|
"pattern": "[file:hashes.SHA1 = 'd1554cc2aa83ed4c8f8dedede7c3e75465ac3bd1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795906-8560-4d7d-b53c-4d40950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:02.000Z",
|
|
"modified": "2015-12-22T14:07:02.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f77d5c6e91bac38d5b04b8eab892d81514972a088abdacd6ae1f62b634c37bf1/analysis/1446555046/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795906-88b8-4f96-a14e-41c9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:02.000Z",
|
|
"modified": "2015-12-22T14:07:02.000Z",
|
|
"description": "- Xchecked via VT: caffdaebb2ccfbda022d619145a47f68",
|
|
"pattern": "[file:hashes.SHA256 = '9afdcbf47a2e46b7262bf6e5f90f63f88cffa2e2554c26568cd7a8857561f736']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795906-af74-4652-bfe1-4764950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:02.000Z",
|
|
"modified": "2015-12-22T14:07:02.000Z",
|
|
"description": "- Xchecked via VT: caffdaebb2ccfbda022d619145a47f68",
|
|
"pattern": "[file:hashes.SHA1 = '08d54149bdecfbe9eac28fe704eeb391c1d0e10d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795907-cd48-453c-ba6a-4087950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:03.000Z",
|
|
"modified": "2015-12-22T14:07:03.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/9afdcbf47a2e46b7262bf6e5f90f63f88cffa2e2554c26568cd7a8857561f736/analysis/1447152409/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795907-8018-43e2-a7ad-4b41950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:03.000Z",
|
|
"modified": "2015-12-22T14:07:03.000Z",
|
|
"description": "- Xchecked via VT: c5adf11728b500d985accd8d1b40a298",
|
|
"pattern": "[file:hashes.SHA256 = '74dc5b5f310b84161d85ade564f01774998ab7062272db8815896bc52b6cfeb9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795907-8e8c-4bfa-8367-4f31950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:03.000Z",
|
|
"modified": "2015-12-22T14:07:03.000Z",
|
|
"description": "- Xchecked via VT: c5adf11728b500d985accd8d1b40a298",
|
|
"pattern": "[file:hashes.SHA1 = '536e235f3f5c7415ded3aac3e1a939e97289acdb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795908-3410-4b90-86d1-4dc7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:04.000Z",
|
|
"modified": "2015-12-22T14:07:04.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/74dc5b5f310b84161d85ade564f01774998ab7062272db8815896bc52b6cfeb9/analysis/1444938601/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795908-e720-46e8-824a-467c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:04.000Z",
|
|
"modified": "2015-12-22T14:07:04.000Z",
|
|
"description": "- Xchecked via VT: 4b835e7bb50ad95b51cba409518a31fb",
|
|
"pattern": "[file:hashes.SHA256 = '875546309ec6ec8cae07a5cfc8a319046d451f2e8a63b51380a96c5549a28aa9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795908-5558-4fa2-8f11-4e4b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:04.000Z",
|
|
"modified": "2015-12-22T14:07:04.000Z",
|
|
"description": "- Xchecked via VT: 4b835e7bb50ad95b51cba409518a31fb",
|
|
"pattern": "[file:hashes.SHA1 = '5fab8b917086a27d76422486c144266a10ad5b8c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795908-f6c8-48c9-8aff-4a6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:04.000Z",
|
|
"modified": "2015-12-22T14:07:04.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/875546309ec6ec8cae07a5cfc8a319046d451f2e8a63b51380a96c5549a28aa9/analysis/1445261860/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795909-0d68-47a3-8e6d-4395950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:05.000Z",
|
|
"modified": "2015-12-22T14:07:05.000Z",
|
|
"description": "- Xchecked via VT: 89168dd5feef327bce755dc5226ab835",
|
|
"pattern": "[file:hashes.SHA256 = '5820c549109254d09c74811ceb1d3472cf9e1c5eef5fc3c782e0714be2287dc0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795909-d1a4-4478-90e9-4c26950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:05.000Z",
|
|
"modified": "2015-12-22T14:07:05.000Z",
|
|
"description": "- Xchecked via VT: 89168dd5feef327bce755dc5226ab835",
|
|
"pattern": "[file:hashes.SHA1 = 'b538c554d9dfd141c587cc52988d2c0ecad8a6f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795909-650c-488b-92ac-499a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:05.000Z",
|
|
"modified": "2015-12-22T14:07:05.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5820c549109254d09c74811ceb1d3472cf9e1c5eef5fc3c782e0714be2287dc0/analysis/1447687580/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590a-403c-4bfc-8eb9-4ec6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:06.000Z",
|
|
"modified": "2015-12-22T14:07:06.000Z",
|
|
"description": "- Xchecked via VT: b0975630a32486ef46bb1c3bc244285d",
|
|
"pattern": "[file:hashes.SHA256 = '5f01073c31df9211efa4e6164b87b2b633ef34d0fea38fc63c7a5c123b2c2d29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590a-0618-4bb1-908b-459f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:06.000Z",
|
|
"modified": "2015-12-22T14:07:06.000Z",
|
|
"description": "- Xchecked via VT: b0975630a32486ef46bb1c3bc244285d",
|
|
"pattern": "[file:hashes.SHA1 = '9ffc319ab5490e30502e44ed7dfd737618e0c964']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590a-161c-44a1-88ca-4b55950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:06.000Z",
|
|
"modified": "2015-12-22T14:07:06.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/5f01073c31df9211efa4e6164b87b2b633ef34d0fea38fc63c7a5c123b2c2d29/analysis/1450718107/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590a-bea0-493b-bdaf-4a67950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:06.000Z",
|
|
"modified": "2015-12-22T14:07:06.000Z",
|
|
"description": "- Xchecked via VT: 1f53c17a9d9c3a4d9d0e5e956aa03da6",
|
|
"pattern": "[file:hashes.SHA256 = '16d766024b8525d7cfcc4dd23cb76a46cf7b3e7628cd8971e99047e305fe5979']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590b-857c-49db-880d-42bf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:07.000Z",
|
|
"modified": "2015-12-22T14:07:07.000Z",
|
|
"description": "- Xchecked via VT: 1f53c17a9d9c3a4d9d0e5e956aa03da6",
|
|
"pattern": "[file:hashes.SHA1 = '3823b86cd3415dd39669f6b95d2c2e659037220d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590b-aad0-41ad-9b9f-43ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:07.000Z",
|
|
"modified": "2015-12-22T14:07:07.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/16d766024b8525d7cfcc4dd23cb76a46cf7b3e7628cd8971e99047e305fe5979/analysis/1449130907/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590b-d580-402c-bba1-479c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:07.000Z",
|
|
"modified": "2015-12-22T14:07:07.000Z",
|
|
"description": "- Xchecked via VT: b49353917ec84b725f4ac86f5fab8e0a",
|
|
"pattern": "[file:hashes.SHA256 = '2a6c4f6855689e057b30f989fd34be4172566c49f76d0cb5e150424415806902']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590c-059c-4210-8795-44bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:08.000Z",
|
|
"modified": "2015-12-22T14:07:08.000Z",
|
|
"description": "- Xchecked via VT: b49353917ec84b725f4ac86f5fab8e0a",
|
|
"pattern": "[file:hashes.SHA1 = 'ede2b0aa5b622857108d0da12ea2124958ebba9a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590c-0f20-4c02-a6b8-4477950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:08.000Z",
|
|
"modified": "2015-12-22T14:07:08.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2a6c4f6855689e057b30f989fd34be4172566c49f76d0cb5e150424415806902/analysis/1444899298/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590c-4fb4-4dc9-953c-4db7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:08.000Z",
|
|
"modified": "2015-12-22T14:07:08.000Z",
|
|
"description": "- Xchecked via VT: d41350eb98e8b8d8dc397c4344ce4afa",
|
|
"pattern": "[file:hashes.SHA256 = '3fed8a19ed58169b5b34c20767ae9dca7d996340c51dc8b87deafc8d115bd482']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590d-1600-4228-9290-4098950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:09.000Z",
|
|
"modified": "2015-12-22T14:07:09.000Z",
|
|
"description": "- Xchecked via VT: d41350eb98e8b8d8dc397c4344ce4afa",
|
|
"pattern": "[file:hashes.SHA1 = '920a73c73bbcb199e951b06a12f32bc6cc7a3d85']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590d-1680-4eb1-815b-41c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:09.000Z",
|
|
"modified": "2015-12-22T14:07:09.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/3fed8a19ed58169b5b34c20767ae9dca7d996340c51dc8b87deafc8d115bd482/analysis/1446113821/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590d-28f0-4abf-9341-4aff950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:09.000Z",
|
|
"modified": "2015-12-22T14:07:09.000Z",
|
|
"description": "- Xchecked via VT: 82ce9671e3f6e5eba855443e78959270",
|
|
"pattern": "[file:hashes.SHA256 = '1bb154a6689a0ca23c2d529f04bc56d6df78df8ea6e9d01d6709da7db8c62630']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590d-aa2c-4c9a-bab0-488b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:09.000Z",
|
|
"modified": "2015-12-22T14:07:09.000Z",
|
|
"description": "- Xchecked via VT: 82ce9671e3f6e5eba855443e78959270",
|
|
"pattern": "[file:hashes.SHA1 = 'd0b7b3f859e3f586ae206e0ae5ec537f70f8ae79']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590e-6bac-4ef1-bc14-4ef0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:10.000Z",
|
|
"modified": "2015-12-22T14:07:10.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/1bb154a6689a0ca23c2d529f04bc56d6df78df8ea6e9d01d6709da7db8c62630/analysis/1444729126/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590e-00e8-413a-9ac8-4a6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:10.000Z",
|
|
"modified": "2015-12-22T14:07:10.000Z",
|
|
"description": "- Xchecked via VT: bc8a26a5070e9a84ff2601b4d21660fb",
|
|
"pattern": "[file:hashes.SHA256 = 'c178cff7cb7efb46f0c2cb95eb2b5e27940a9c80ffde08e78156fa1990e23cd4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590e-8030-49b1-a30e-4296950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:10.000Z",
|
|
"modified": "2015-12-22T14:07:10.000Z",
|
|
"description": "- Xchecked via VT: bc8a26a5070e9a84ff2601b4d21660fb",
|
|
"pattern": "[file:hashes.SHA1 = '613b255ef4d47c7f53acc8e1faa9748b4d4ef783']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590f-85d0-4c90-b4d8-416c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:11.000Z",
|
|
"modified": "2015-12-22T14:07:11.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c178cff7cb7efb46f0c2cb95eb2b5e27940a9c80ffde08e78156fa1990e23cd4/analysis/1447619649/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590f-f23c-4771-a108-4a32950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:11.000Z",
|
|
"modified": "2015-12-22T14:07:11.000Z",
|
|
"description": "- Xchecked via VT: bfd0592a8255ec62e04f6b646b0e1698",
|
|
"pattern": "[file:hashes.SHA256 = '29c2dbb1cf367570b267de34854171b6d9a7092f5c9d7ad166b79a099ed8b983']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679590f-50b0-4a1b-819d-4bf5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:11.000Z",
|
|
"modified": "2015-12-22T14:07:11.000Z",
|
|
"description": "- Xchecked via VT: bfd0592a8255ec62e04f6b646b0e1698",
|
|
"pattern": "[file:hashes.SHA1 = 'ae3aff138499a8cb5a23f6000ab5d152c15f9e83']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795910-c6a8-4b2d-bed4-4a64950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:12.000Z",
|
|
"modified": "2015-12-22T14:07:12.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/29c2dbb1cf367570b267de34854171b6d9a7092f5c9d7ad166b79a099ed8b983/analysis/1443758621/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795910-a804-46a3-9658-4a91950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:12.000Z",
|
|
"modified": "2015-12-22T14:07:12.000Z",
|
|
"description": "- Xchecked via VT: 12652684335ca77bec38dca9290006f7",
|
|
"pattern": "[file:hashes.SHA256 = '99c0d75b4273b998cae9c003acb99cd65e51445b20fc36002a4a4e95992c2ff6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795910-62bc-4ec9-a17f-498a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:12.000Z",
|
|
"modified": "2015-12-22T14:07:12.000Z",
|
|
"description": "- Xchecked via VT: 12652684335ca77bec38dca9290006f7",
|
|
"pattern": "[file:hashes.SHA1 = 'c01d9f3c719f29aa4f7e387e219d2b3848938ea9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795910-6064-4a87-b5fb-4762950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:12.000Z",
|
|
"modified": "2015-12-22T14:07:12.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/99c0d75b4273b998cae9c003acb99cd65e51445b20fc36002a4a4e95992c2ff6/analysis/1445219001/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795911-bb1c-40d0-858d-485c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:13.000Z",
|
|
"modified": "2015-12-22T14:07:13.000Z",
|
|
"description": "- Xchecked via VT: 704ed4dd601489f7f2b5c9fe36a52ebf",
|
|
"pattern": "[file:hashes.SHA256 = 'c4b74392efee92d53f14652a12077574b1b6054db09d123178bab79737950d01']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795911-e570-4fea-8e05-42b6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:13.000Z",
|
|
"modified": "2015-12-22T14:07:13.000Z",
|
|
"description": "- Xchecked via VT: 704ed4dd601489f7f2b5c9fe36a52ebf",
|
|
"pattern": "[file:hashes.SHA1 = 'ec4f1299ad40747589e2116945b630c301c4e3a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795911-b5c8-422c-8bfa-4b01950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:13.000Z",
|
|
"modified": "2015-12-22T14:07:13.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c4b74392efee92d53f14652a12077574b1b6054db09d123178bab79737950d01/analysis/1446021985/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795912-8590-440b-96c4-41f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:14.000Z",
|
|
"modified": "2015-12-22T14:07:14.000Z",
|
|
"description": "- Xchecked via VT: d06e01e113d8fa28ef7effddb8daa22b",
|
|
"pattern": "[file:hashes.SHA256 = 'dba8ca68b5d75f837b4790bf7dc95c7f62ebad3eb94be2f9d80aea6cfac0c5df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795912-f4a4-4599-a6c4-4110950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:14.000Z",
|
|
"modified": "2015-12-22T14:07:14.000Z",
|
|
"description": "- Xchecked via VT: d06e01e113d8fa28ef7effddb8daa22b",
|
|
"pattern": "[file:hashes.SHA1 = '5bef0b613512901d62f83daca765d2a77b5c9f7c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795912-b944-4d3d-a157-4d9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:14.000Z",
|
|
"modified": "2015-12-22T14:07:14.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/dba8ca68b5d75f837b4790bf7dc95c7f62ebad3eb94be2f9d80aea6cfac0c5df/analysis/1445007620/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795913-b2ac-410a-ab0e-4f66950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:15.000Z",
|
|
"modified": "2015-12-22T14:07:15.000Z",
|
|
"description": "- Xchecked via VT: 08e13e8aebe45902b92a071a2e276369",
|
|
"pattern": "[file:hashes.SHA256 = 'e1a8f71bd87aae95492988257943bc88ca545468af06e833baec4f9cc9425412']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795913-07f8-44e3-ab4d-40f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:15.000Z",
|
|
"modified": "2015-12-22T14:07:15.000Z",
|
|
"description": "- Xchecked via VT: 08e13e8aebe45902b92a071a2e276369",
|
|
"pattern": "[file:hashes.SHA1 = '05f8902555dac103a472341ea1bdd9a01adac873']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795913-6f18-4e0c-9417-42b9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:15.000Z",
|
|
"modified": "2015-12-22T14:07:15.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e1a8f71bd87aae95492988257943bc88ca545468af06e833baec4f9cc9425412/analysis/1447152612/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795913-fee4-4401-b518-4b76950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:15.000Z",
|
|
"modified": "2015-12-22T14:07:15.000Z",
|
|
"description": "- Xchecked via VT: ad88e4228fd920f43a4750fd519b6e92",
|
|
"pattern": "[file:hashes.SHA256 = '87ff7a7c4722c8f426d803229a2ace81eac32537a83d5a606f023ceac3b45c7a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795914-ec88-4326-8ed4-44f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:16.000Z",
|
|
"modified": "2015-12-22T14:07:16.000Z",
|
|
"description": "- Xchecked via VT: ad88e4228fd920f43a4750fd519b6e92",
|
|
"pattern": "[file:hashes.SHA1 = 'ef5df17528edfedd240c7c31b79f7f73a454f023']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795914-f19c-4da2-8602-41e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:16.000Z",
|
|
"modified": "2015-12-22T14:07:16.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/87ff7a7c4722c8f426d803229a2ace81eac32537a83d5a606f023ceac3b45c7a/analysis/1447152673/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795914-8e14-49fa-8a31-444f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:16.000Z",
|
|
"modified": "2015-12-22T14:07:16.000Z",
|
|
"description": "- Xchecked via VT: c3a58be819d75943b45887e42f87e17b",
|
|
"pattern": "[file:hashes.SHA256 = '86d94e1d0a16299f4a3c3dce2fcb7e4cdf2cb7ff962b6ac45783ed0b9bd85e74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795915-858c-4c9f-9762-43b3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:17.000Z",
|
|
"modified": "2015-12-22T14:07:17.000Z",
|
|
"description": "- Xchecked via VT: c3a58be819d75943b45887e42f87e17b",
|
|
"pattern": "[file:hashes.SHA1 = '2bf1a33eef19a10f4bd7bb5abe4ee4f1a3b72e3c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795915-460c-4870-b689-4deb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:17.000Z",
|
|
"modified": "2015-12-22T14:07:17.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/86d94e1d0a16299f4a3c3dce2fcb7e4cdf2cb7ff962b6ac45783ed0b9bd85e74/analysis/1446108812/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795915-3ff4-428a-93a6-4866950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:17.000Z",
|
|
"modified": "2015-12-22T14:07:17.000Z",
|
|
"description": "- Xchecked via VT: 0343460dbc8e73322cf4d394262863ef",
|
|
"pattern": "[file:hashes.SHA256 = 'daf98a92e27a7b1bedb36af493aecf0d90986a8df6c05585cd040b10a8be8607']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795915-39f0-4dd4-94b5-4841950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:17.000Z",
|
|
"modified": "2015-12-22T14:07:17.000Z",
|
|
"description": "- Xchecked via VT: 0343460dbc8e73322cf4d394262863ef",
|
|
"pattern": "[file:hashes.SHA1 = '9b542a9ec8fbe92ff69910519c0d0829dd35cbed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795916-bb90-4b27-bdae-4809950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:18.000Z",
|
|
"modified": "2015-12-22T14:07:18.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/daf98a92e27a7b1bedb36af493aecf0d90986a8df6c05585cd040b10a8be8607/analysis/1450760951/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795916-954c-4b33-b71c-4439950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:18.000Z",
|
|
"modified": "2015-12-22T14:07:18.000Z",
|
|
"description": "- Xchecked via VT: 2b4ad2fa1736bc78e64676791ea15b65",
|
|
"pattern": "[file:hashes.SHA256 = '86e28daa68fe2b99983c46278045187b9052e20d9f6063d7bdb4524bf0b47e93']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795916-91c0-43f8-8ef2-4ff5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:18.000Z",
|
|
"modified": "2015-12-22T14:07:18.000Z",
|
|
"description": "- Xchecked via VT: 2b4ad2fa1736bc78e64676791ea15b65",
|
|
"pattern": "[file:hashes.SHA1 = '81749281d5ae6e295cf67080ad149798f4d7aa7e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795917-20f0-47dc-9002-41f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:19.000Z",
|
|
"modified": "2015-12-22T14:07:19.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/86e28daa68fe2b99983c46278045187b9052e20d9f6063d7bdb4524bf0b47e93/analysis/1448993559/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795917-27a4-422b-80bb-4f82950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:19.000Z",
|
|
"modified": "2015-12-22T14:07:19.000Z",
|
|
"description": "- Xchecked via VT: 2c89797d72e29c74ff1b190bb0dbd7d6",
|
|
"pattern": "[file:hashes.SHA256 = '67601be0228c296a4fdf6015ffa44983747bb4914ee163b44af297dc6bf65ed6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795917-2248-443b-9151-46df950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:19.000Z",
|
|
"modified": "2015-12-22T14:07:19.000Z",
|
|
"description": "- Xchecked via VT: 2c89797d72e29c74ff1b190bb0dbd7d6",
|
|
"pattern": "[file:hashes.SHA1 = '774512b81394d1258d054ece1eacf1b8d3a2d854']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795918-99ec-4605-ad05-430f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:20.000Z",
|
|
"modified": "2015-12-22T14:07:20.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/67601be0228c296a4fdf6015ffa44983747bb4914ee163b44af297dc6bf65ed6/analysis/1445418439/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795918-561c-4058-8c3c-4230950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:20.000Z",
|
|
"modified": "2015-12-22T14:07:20.000Z",
|
|
"description": "- Xchecked via VT: 4e8d1ace53068e8dcd3a3a43590f21d0",
|
|
"pattern": "[file:hashes.SHA256 = 'ac6b58882fbae422e21b553ebdcde7074fbd7dadf66f62c6eb444d292e694a9b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795918-16d4-453b-a3d7-4f43950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:20.000Z",
|
|
"modified": "2015-12-22T14:07:20.000Z",
|
|
"description": "- Xchecked via VT: 4e8d1ace53068e8dcd3a3a43590f21d0",
|
|
"pattern": "[file:hashes.SHA1 = '7bb1cde5037e1d3d37fb7b391f3175635e211a62']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795918-6158-45ba-b8a6-4ecf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:20.000Z",
|
|
"modified": "2015-12-22T14:07:20.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/ac6b58882fbae422e21b553ebdcde7074fbd7dadf66f62c6eb444d292e694a9b/analysis/1450761759/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795919-dcd4-4379-a351-4657950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:21.000Z",
|
|
"modified": "2015-12-22T14:07:21.000Z",
|
|
"description": "- Xchecked via VT: a6b5c893703b6032715dee2f54e1c7eb",
|
|
"pattern": "[file:hashes.SHA256 = '4ce474b4ac2f9451304b30861abc901b65f7674f8f7e8304580002713a179155']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795919-52cc-4c74-b6ac-4aeb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:21.000Z",
|
|
"modified": "2015-12-22T14:07:21.000Z",
|
|
"description": "- Xchecked via VT: a6b5c893703b6032715dee2f54e1c7eb",
|
|
"pattern": "[file:hashes.SHA1 = '7187aea2714b75ae611e5119ec6e3f1b9bdb7006']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795919-7cbc-4627-bc91-4cc9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:21.000Z",
|
|
"modified": "2015-12-22T14:07:21.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/4ce474b4ac2f9451304b30861abc901b65f7674f8f7e8304580002713a179155/analysis/1448982365/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591a-6aa4-4784-ba12-4624950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:22.000Z",
|
|
"modified": "2015-12-22T14:07:22.000Z",
|
|
"description": "- Xchecked via VT: 0704e99f1a3ca1866984cdadfbad9113",
|
|
"pattern": "[file:hashes.SHA256 = 'efa0e3774cedf93be678f44fc6efabc29cdb5a2404b5dad9a2d7c1b843cf710b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591a-c0b8-4b41-81b6-4354950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:22.000Z",
|
|
"modified": "2015-12-22T14:07:22.000Z",
|
|
"description": "- Xchecked via VT: 0704e99f1a3ca1866984cdadfbad9113",
|
|
"pattern": "[file:hashes.SHA1 = '97919aee669ff463195c7ca70e0bed0316718077']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591a-3f60-41dc-b2cc-43b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:22.000Z",
|
|
"modified": "2015-12-22T14:07:22.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/efa0e3774cedf93be678f44fc6efabc29cdb5a2404b5dad9a2d7c1b843cf710b/analysis/1445946614/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591b-2198-4837-9367-492b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:22.000Z",
|
|
"modified": "2015-12-22T14:07:22.000Z",
|
|
"description": "- Xchecked via VT: 6a8a180740a78aa038bd7f1d9a747d91",
|
|
"pattern": "[file:hashes.SHA256 = 'e647a2331123c2520d1308315116a56d0f2d14fee3cd8f3f611ad085fc900d9d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591b-cf90-4800-94c0-4fca950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:23.000Z",
|
|
"modified": "2015-12-22T14:07:23.000Z",
|
|
"description": "- Xchecked via VT: 6a8a180740a78aa038bd7f1d9a747d91",
|
|
"pattern": "[file:hashes.SHA1 = 'cd7f58ba1d9e5268b6dda2470f29181593bc69dd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591b-4a48-4367-8988-4f61950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:23.000Z",
|
|
"modified": "2015-12-22T14:07:23.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e647a2331123c2520d1308315116a56d0f2d14fee3cd8f3f611ad085fc900d9d/analysis/1446815108/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591b-049c-4e78-bc31-48a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:23.000Z",
|
|
"modified": "2015-12-22T14:07:23.000Z",
|
|
"description": "- Xchecked via VT: 2a6375992b8ae29c286bbd461b4167ab",
|
|
"pattern": "[file:hashes.SHA256 = '935247e9f061a4cc2cd4ddb8ba777d5a7dc187ac6f9881de70c024d33037f43e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591c-cd08-4fcb-8398-46d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:24.000Z",
|
|
"modified": "2015-12-22T14:07:24.000Z",
|
|
"description": "- Xchecked via VT: 2a6375992b8ae29c286bbd461b4167ab",
|
|
"pattern": "[file:hashes.SHA1 = 'e2e5c3b59a888b7f07cb301cd157eab0d08d558e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591c-5cac-444c-848d-4a7d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:24.000Z",
|
|
"modified": "2015-12-22T14:07:24.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/935247e9f061a4cc2cd4ddb8ba777d5a7dc187ac6f9881de70c024d33037f43e/analysis/1445408814/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591c-5960-4519-99a3-4249950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:24.000Z",
|
|
"modified": "2015-12-22T14:07:24.000Z",
|
|
"description": "- Xchecked via VT: 83b8decd5c634c49e60b03050ae44f7f",
|
|
"pattern": "[file:hashes.SHA256 = 'f357745fec260d4f6ff2bdf3694eec34128135cc79337d83e63cacebfe146677']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591d-4408-4aa5-bf4a-4633950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:25.000Z",
|
|
"modified": "2015-12-22T14:07:25.000Z",
|
|
"description": "- Xchecked via VT: 83b8decd5c634c49e60b03050ae44f7f",
|
|
"pattern": "[file:hashes.SHA1 = 'e2a7c9a116ca25c77081690eb21bc078ac04197a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591d-2e28-4380-be4c-40dd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:25.000Z",
|
|
"modified": "2015-12-22T14:07:25.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/f357745fec260d4f6ff2bdf3694eec34128135cc79337d83e63cacebfe146677/analysis/1446730714/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591d-9cf4-4bc5-9985-4b3e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:25.000Z",
|
|
"modified": "2015-12-22T14:07:25.000Z",
|
|
"description": "- Xchecked via VT: 6a4b9317da47388656076d63be2c058f",
|
|
"pattern": "[file:hashes.SHA256 = 'cbba61cdc442c0237386d1169a970492a40c9c6601de803440a682d6a3e4a7ec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591d-dcd8-4258-9543-4ad3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:25.000Z",
|
|
"modified": "2015-12-22T14:07:25.000Z",
|
|
"description": "- Xchecked via VT: 6a4b9317da47388656076d63be2c058f",
|
|
"pattern": "[file:hashes.SHA1 = '937a5056ccf381abff1b3fda662bac439e863b59']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591e-4254-4f01-8ab4-4876950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:26.000Z",
|
|
"modified": "2015-12-22T14:07:26.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/cbba61cdc442c0237386d1169a970492a40c9c6601de803440a682d6a3e4a7ec/analysis/1444958085/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591e-cae4-45e0-9587-4ffa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:26.000Z",
|
|
"modified": "2015-12-22T14:07:26.000Z",
|
|
"description": "- Xchecked via VT: 8bb67a256ea311488b76fe60462fe828",
|
|
"pattern": "[file:hashes.SHA256 = '6eecbef69172e3fea8de36310b537385baae2c2ce6548dbc22c44636bb969f34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591e-1af8-4051-ac54-4715950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:26.000Z",
|
|
"modified": "2015-12-22T14:07:26.000Z",
|
|
"description": "- Xchecked via VT: 8bb67a256ea311488b76fe60462fe828",
|
|
"pattern": "[file:hashes.SHA1 = '63763874015affa48f292d005f0fc6bdcb149e62']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591f-840c-47d8-a962-44ef950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:27.000Z",
|
|
"modified": "2015-12-22T14:07:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6eecbef69172e3fea8de36310b537385baae2c2ce6548dbc22c44636bb969f34/analysis/1445205160/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591f-ba1c-4a97-ae50-4440950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:27.000Z",
|
|
"modified": "2015-12-22T14:07:27.000Z",
|
|
"description": "- Xchecked via VT: c9afabcff6aa41b7408d7457efaa60bf",
|
|
"pattern": "[file:hashes.SHA256 = '2eed9723a757aba396fd4580cabede4375d01d8bbbbd3f44f975d778e10d0cea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591f-67cc-409a-b890-499c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:27.000Z",
|
|
"modified": "2015-12-22T14:07:27.000Z",
|
|
"description": "- Xchecked via VT: c9afabcff6aa41b7408d7457efaa60bf",
|
|
"pattern": "[file:hashes.SHA1 = '20a7d847e67ceed9b43f5ad35aa3154d8d48e5ec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679591f-685c-4b5f-afe7-400e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:27.000Z",
|
|
"modified": "2015-12-22T14:07:27.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2eed9723a757aba396fd4580cabede4375d01d8bbbbd3f44f975d778e10d0cea/analysis/1446113820/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795920-1cbc-4b79-9558-4acd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:28.000Z",
|
|
"modified": "2015-12-22T14:07:28.000Z",
|
|
"description": "- Xchecked via VT: 35f0e23a826823228f91dd43df47b18c",
|
|
"pattern": "[file:hashes.SHA256 = '4345bf10e52a7ce06b80829b84adad52c921d8d5b8a7437dba4cb2c4f414d8b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795920-fb24-421f-8f86-4e36950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:28.000Z",
|
|
"modified": "2015-12-22T14:07:28.000Z",
|
|
"description": "- Xchecked via VT: 35f0e23a826823228f91dd43df47b18c",
|
|
"pattern": "[file:hashes.SHA1 = 'eaf285bdf5f363c34073e934a219a7b8c4381df0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795920-a36c-4562-8da5-4801950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:28.000Z",
|
|
"modified": "2015-12-22T14:07:28.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/4345bf10e52a7ce06b80829b84adad52c921d8d5b8a7437dba4cb2c4f414d8b6/analysis/1444930418/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795921-2a18-466b-8f74-417e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:29.000Z",
|
|
"modified": "2015-12-22T14:07:29.000Z",
|
|
"description": "- Xchecked via VT: 7ec9acd102d2772a04eeacfa2762327f",
|
|
"pattern": "[file:hashes.SHA256 = 'c02f5d7193d3670ccc038abe6e5798ddb8a22b4efddd2b3d35de7206fd2f26aa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795921-e854-403a-83b6-48d7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:29.000Z",
|
|
"modified": "2015-12-22T14:07:29.000Z",
|
|
"description": "- Xchecked via VT: 7ec9acd102d2772a04eeacfa2762327f",
|
|
"pattern": "[file:hashes.SHA1 = '52545b01b6d82191791e6c39eab6b8e29950bc27']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795921-4e88-4f55-afec-482e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:29.000Z",
|
|
"modified": "2015-12-22T14:07:29.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/c02f5d7193d3670ccc038abe6e5798ddb8a22b4efddd2b3d35de7206fd2f26aa/analysis/1447605566/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795922-3100-4f5e-a74f-4125950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:30.000Z",
|
|
"modified": "2015-12-22T14:07:30.000Z",
|
|
"description": "- Xchecked via VT: fc177ceee0f9e4ef58d76dd7a8b37860",
|
|
"pattern": "[file:hashes.SHA256 = 'e8b9f2ac084abcd8e096d8229e496f770a9c0ed85475f8979c04ef63c157db60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795922-69b4-45ce-be3e-4b53950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:30.000Z",
|
|
"modified": "2015-12-22T14:07:30.000Z",
|
|
"description": "- Xchecked via VT: fc177ceee0f9e4ef58d76dd7a8b37860",
|
|
"pattern": "[file:hashes.SHA1 = '718596bef4b72927b4f799fa3e6eb12c4928d13c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795922-f038-487c-a6ae-404e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:30.000Z",
|
|
"modified": "2015-12-22T14:07:30.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e8b9f2ac084abcd8e096d8229e496f770a9c0ed85475f8979c04ef63c157db60/analysis/1445945071/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795922-ff08-4202-aaff-4e22950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:30.000Z",
|
|
"modified": "2015-12-22T14:07:30.000Z",
|
|
"description": "- Xchecked via VT: 3b5b998058bd701347e55d7915506e0d",
|
|
"pattern": "[file:hashes.SHA256 = '6f9c6acaf76ceee6948bf2e2e0582b644d1ff0e3f6f4173c60ebeb9f0cb23059']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795923-a290-41fa-9bbd-420c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:31.000Z",
|
|
"modified": "2015-12-22T14:07:31.000Z",
|
|
"description": "- Xchecked via VT: 3b5b998058bd701347e55d7915506e0d",
|
|
"pattern": "[file:hashes.SHA1 = '92d11430445faf931adb7e5a20fab90cafe1a77b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795923-e850-47e0-aafe-4fca950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:31.000Z",
|
|
"modified": "2015-12-22T14:07:31.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/6f9c6acaf76ceee6948bf2e2e0582b644d1ff0e3f6f4173c60ebeb9f0cb23059/analysis/1444878863/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795923-eca8-4190-b434-4d80950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:31.000Z",
|
|
"modified": "2015-12-22T14:07:31.000Z",
|
|
"description": "- Xchecked via VT: 258583b7cc56dec995eef694dff4419d",
|
|
"pattern": "[file:hashes.SHA256 = 'e5727951f84f252be0df1a9110935df2af70d70161b1eb1c96eb0d33b6b196dd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795924-3728-40f7-adcd-4590950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:32.000Z",
|
|
"modified": "2015-12-22T14:07:32.000Z",
|
|
"description": "- Xchecked via VT: 258583b7cc56dec995eef694dff4419d",
|
|
"pattern": "[file:hashes.SHA1 = '5072a815eba7779e87ae63ab8c213df537de2c94']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795924-2bd4-4b28-9bb4-4d55950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:32.000Z",
|
|
"modified": "2015-12-22T14:07:32.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/e5727951f84f252be0df1a9110935df2af70d70161b1eb1c96eb0d33b6b196dd/analysis/1447729191/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795924-f9a8-4b77-94c2-4d9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:32.000Z",
|
|
"modified": "2015-12-22T14:07:32.000Z",
|
|
"description": "- Xchecked via VT: 22edfb6ca3aa06b3efc12d9c6621bc73",
|
|
"pattern": "[file:hashes.SHA256 = '7669bf647b22f71af5afdff5513bc24feb65248ae86c4d485e68c28c7ab5075e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795924-1588-450b-8667-4a6f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:32.000Z",
|
|
"modified": "2015-12-22T14:07:32.000Z",
|
|
"description": "- Xchecked via VT: 22edfb6ca3aa06b3efc12d9c6621bc73",
|
|
"pattern": "[file:hashes.SHA1 = '1c50a3cf3cf8ad63302e96c317e83d6d4e0cca72']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795925-f580-4c9c-8497-40a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:33.000Z",
|
|
"modified": "2015-12-22T14:07:33.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7669bf647b22f71af5afdff5513bc24feb65248ae86c4d485e68c28c7ab5075e/analysis/1444709146/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795925-4ec8-4067-9c39-4bdd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:33.000Z",
|
|
"modified": "2015-12-22T14:07:33.000Z",
|
|
"description": "- Xchecked via VT: d7666d4209b7eb31dbc5e6fcdd10de5f",
|
|
"pattern": "[file:hashes.SHA256 = '749e7a7b9eec706c8d0d7a8c2643713c7e511b59ddcc8f83478ccda237e90102']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795925-14b8-42d6-b1a0-477f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:33.000Z",
|
|
"modified": "2015-12-22T14:07:33.000Z",
|
|
"description": "- Xchecked via VT: d7666d4209b7eb31dbc5e6fcdd10de5f",
|
|
"pattern": "[file:hashes.SHA1 = '10d3da53b2ab6b8133a246e81af1da1be6726cee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795926-68b4-462d-adf1-4eab950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:34.000Z",
|
|
"modified": "2015-12-22T14:07:34.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/749e7a7b9eec706c8d0d7a8c2643713c7e511b59ddcc8f83478ccda237e90102/analysis/1446554904/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795926-2ad0-4f9c-92b2-4932950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:34.000Z",
|
|
"modified": "2015-12-22T14:07:34.000Z",
|
|
"description": "- Xchecked via VT: bc8a20d06bd4ac646b13428a15279c5a",
|
|
"pattern": "[file:hashes.SHA256 = '87d339178e128ee58828f704e629bcade62eb39c59b9b5f94711cb1ab17a911a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795926-d864-4270-8d0b-476a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:34.000Z",
|
|
"modified": "2015-12-22T14:07:34.000Z",
|
|
"description": "- Xchecked via VT: bc8a20d06bd4ac646b13428a15279c5a",
|
|
"pattern": "[file:hashes.SHA1 = '0663796cb2611f44b8c9e16d39ba8b3ec51de6b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795927-acc8-4b65-99a2-4081950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:35.000Z",
|
|
"modified": "2015-12-22T14:07:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/87d339178e128ee58828f704e629bcade62eb39c59b9b5f94711cb1ab17a911a/analysis/1447151949/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795927-5e24-464c-b7cd-479a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:35.000Z",
|
|
"modified": "2015-12-22T14:07:35.000Z",
|
|
"description": "- Xchecked via VT: 716dae5b83f2ab542e6e837e192ebcf5",
|
|
"pattern": "[file:hashes.SHA256 = 'a983a525908787d66000e1601a3cdb82024375c89e79585c48c79582281482c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795927-f63c-40ec-b973-40f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:35.000Z",
|
|
"modified": "2015-12-22T14:07:35.000Z",
|
|
"description": "- Xchecked via VT: 716dae5b83f2ab542e6e837e192ebcf5",
|
|
"pattern": "[file:hashes.SHA1 = '3b8783ea2c41d07cd9db344d40420350e1962580']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795927-21d8-495f-adc9-48fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:35.000Z",
|
|
"modified": "2015-12-22T14:07:35.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/a983a525908787d66000e1601a3cdb82024375c89e79585c48c79582281482c1/analysis/1445946475/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795928-d864-4961-96ff-46fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:36.000Z",
|
|
"modified": "2015-12-22T14:07:36.000Z",
|
|
"description": "- Xchecked via VT: 54cbfa7f6ab4d2e3c126e034c4937d1e",
|
|
"pattern": "[file:hashes.SHA256 = '757d14e58fa52cd67d0a823402300eedbb6b8e13c4b129facd66ccef64b82c88']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795928-d288-4f6b-85cd-4fc7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:36.000Z",
|
|
"modified": "2015-12-22T14:07:36.000Z",
|
|
"description": "- Xchecked via VT: 54cbfa7f6ab4d2e3c126e034c4937d1e",
|
|
"pattern": "[file:hashes.SHA1 = 'da769b2cb11a47950948f11eea169f22b9ce7f60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795928-d070-4b89-b541-4b9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:36.000Z",
|
|
"modified": "2015-12-22T14:07:36.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/757d14e58fa52cd67d0a823402300eedbb6b8e13c4b129facd66ccef64b82c88/analysis/1444740451/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795929-16b8-4562-93cd-48e9950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:37.000Z",
|
|
"modified": "2015-12-22T14:07:37.000Z",
|
|
"description": "- Xchecked via VT: 063b6a42f48cb83f1842c7f503c179a8",
|
|
"pattern": "[file:hashes.SHA256 = '42b41e0c1707c50cc83c540e1305653c2b2ba504399b5ac3a3c4cebc4db8bf80']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795929-f264-4b98-95d8-41fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:37.000Z",
|
|
"modified": "2015-12-22T14:07:37.000Z",
|
|
"description": "- Xchecked via VT: 063b6a42f48cb83f1842c7f503c179a8",
|
|
"pattern": "[file:hashes.SHA1 = '5939537964ea47a6f41975b5309f5f172f042541']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795929-0b40-4bc3-b17e-4d8d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:37.000Z",
|
|
"modified": "2015-12-22T14:07:37.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/42b41e0c1707c50cc83c540e1305653c2b2ba504399b5ac3a3c4cebc4db8bf80/analysis/1445006033/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592a-7898-467b-8cb8-4251950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:38.000Z",
|
|
"modified": "2015-12-22T14:07:38.000Z",
|
|
"description": "- Xchecked via VT: e1836e5657bfbe9990a87547408d32e6",
|
|
"pattern": "[file:hashes.SHA256 = '47641d0aea345237bb8655277cc8090391ebb98c5bd9959e8d84733ce71354c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592a-550c-4775-9105-4963950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:38.000Z",
|
|
"modified": "2015-12-22T14:07:38.000Z",
|
|
"description": "- Xchecked via VT: e1836e5657bfbe9990a87547408d32e6",
|
|
"pattern": "[file:hashes.SHA1 = 'fb5e882313e587b7dcd111529e8433d5745d86d1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592a-206c-4393-a281-4921950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:38.000Z",
|
|
"modified": "2015-12-22T14:07:38.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/47641d0aea345237bb8655277cc8090391ebb98c5bd9959e8d84733ce71354c8/analysis/1447152369/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592a-9740-4535-98d4-42a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:38.000Z",
|
|
"modified": "2015-12-22T14:07:38.000Z",
|
|
"description": "- Xchecked via VT: 8efb999d48fd354decc57f71ff9047e4",
|
|
"pattern": "[file:hashes.SHA256 = 'b249cf0901d99a5e0e28ebff91fdb173895ebaa98453f236de5279dca787b352']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592b-7ee4-453a-9182-4501950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:39.000Z",
|
|
"modified": "2015-12-22T14:07:39.000Z",
|
|
"description": "- Xchecked via VT: 8efb999d48fd354decc57f71ff9047e4",
|
|
"pattern": "[file:hashes.SHA1 = '9c17c4539314ce0c277ddd192f8bddf30be84890']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592b-602c-4ca4-9c15-42ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:39.000Z",
|
|
"modified": "2015-12-22T14:07:39.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/b249cf0901d99a5e0e28ebff91fdb173895ebaa98453f236de5279dca787b352/analysis/1444872251/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592b-30fc-4e5e-8e39-4947950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:39.000Z",
|
|
"modified": "2015-12-22T14:07:39.000Z",
|
|
"description": "- Xchecked via VT: 44f91555177e515a17f9e16a9062fde9",
|
|
"pattern": "[file:hashes.SHA256 = '8c1b1e009b7ec63079aa8494eb8add727d5fc5d9c230f3af5dd2c5d908f23f52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592c-cab4-4ff4-b660-4bcf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:40.000Z",
|
|
"modified": "2015-12-22T14:07:40.000Z",
|
|
"description": "- Xchecked via VT: 44f91555177e515a17f9e16a9062fde9",
|
|
"pattern": "[file:hashes.SHA1 = 'c2c709b985f2c1bacf4ed02b54a8cbd600d52594']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592c-a778-4a90-ab95-4970950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:40.000Z",
|
|
"modified": "2015-12-22T14:07:40.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/8c1b1e009b7ec63079aa8494eb8add727d5fc5d9c230f3af5dd2c5d908f23f52/analysis/1444797940/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592c-c168-4768-a2da-4288950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:40.000Z",
|
|
"modified": "2015-12-22T14:07:40.000Z",
|
|
"description": "- Xchecked via VT: ff54087bfa945fb92c925255d7d2234e",
|
|
"pattern": "[file:hashes.SHA256 = '75c829e4b9437b380c21bd37c22295b6dd0e224c3a72cef55e77f939194f997f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592c-a994-4bb9-8a00-463f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:40.000Z",
|
|
"modified": "2015-12-22T14:07:40.000Z",
|
|
"description": "- Xchecked via VT: ff54087bfa945fb92c925255d7d2234e",
|
|
"pattern": "[file:hashes.SHA1 = '6afb875d921e91953b606aedb11e7b23a7fcbf67']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592d-5fc0-4dd2-8a31-4baa950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:41.000Z",
|
|
"modified": "2015-12-22T14:07:41.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/75c829e4b9437b380c21bd37c22295b6dd0e224c3a72cef55e77f939194f997f/analysis/1447588143/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592d-a3a8-4123-a62c-42d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:41.000Z",
|
|
"modified": "2015-12-22T14:07:41.000Z",
|
|
"description": "- Xchecked via VT: c08c5aa627c73cdab337cfc7d8d11927",
|
|
"pattern": "[file:hashes.SHA256 = '03849bdef73353d8f99bca53cfc7eb51c5c577bb35edce4134022642f7ff6bf5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592d-4abc-4fda-a6ad-4a57950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:41.000Z",
|
|
"modified": "2015-12-22T14:07:41.000Z",
|
|
"description": "- Xchecked via VT: c08c5aa627c73cdab337cfc7d8d11927",
|
|
"pattern": "[file:hashes.SHA1 = '18144c872f0285aaf17424c7c66e810495742023']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592e-6d80-4f88-bc8c-4082950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:42.000Z",
|
|
"modified": "2015-12-22T14:07:42.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/03849bdef73353d8f99bca53cfc7eb51c5c577bb35edce4134022642f7ff6bf5/analysis/1446804293/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592e-deb0-4e14-967f-47e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:42.000Z",
|
|
"modified": "2015-12-22T14:07:42.000Z",
|
|
"description": "- Xchecked via VT: 8b0d1a0974f6c6be294c7b0be083f128",
|
|
"pattern": "[file:hashes.SHA256 = '7aa1269cd50e5e025932c96929425b98acc2877c4676f08f8ad86291c4540c64']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592e-2d98-4963-a25b-4398950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:42.000Z",
|
|
"modified": "2015-12-22T14:07:42.000Z",
|
|
"description": "- Xchecked via VT: 8b0d1a0974f6c6be294c7b0be083f128",
|
|
"pattern": "[file:hashes.SHA1 = 'e40cd7ac3edc09477feb95d74103dff2bd02f39d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592f-b6b4-46c9-9f07-4c4a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:43.000Z",
|
|
"modified": "2015-12-22T14:07:43.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/7aa1269cd50e5e025932c96929425b98acc2877c4676f08f8ad86291c4540c64/analysis/1446555244/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592f-3f94-4c31-b607-4661950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:43.000Z",
|
|
"modified": "2015-12-22T14:07:43.000Z",
|
|
"description": "- Xchecked via VT: 88b76af1a0ddc5f6fec64e5af83d1b5c",
|
|
"pattern": "[file:hashes.SHA256 = 'd05643af1ed546070e7b91e81ed2fc817eb11cbe3ca17f919c9d05df0e240429']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592f-c254-4e09-b63b-4d89950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:43.000Z",
|
|
"modified": "2015-12-22T14:07:43.000Z",
|
|
"description": "- Xchecked via VT: 88b76af1a0ddc5f6fec64e5af83d1b5c",
|
|
"pattern": "[file:hashes.SHA1 = 'a43ffce8684794dcc57310dcb9d3fb5984b4b4f9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5679592f-a1bc-4361-8953-4844950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:43.000Z",
|
|
"modified": "2015-12-22T14:07:43.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d05643af1ed546070e7b91e81ed2fc817eb11cbe3ca17f919c9d05df0e240429/analysis/1446904524/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795930-b370-4ef6-9db3-4509950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:44.000Z",
|
|
"modified": "2015-12-22T14:07:44.000Z",
|
|
"description": "- Xchecked via VT: a36ea233bd502b81e8b795add7ff3a45",
|
|
"pattern": "[file:hashes.SHA256 = '119c7f7488b66436400e22ecac0107956384b2e093a258215822b9f40b34bcb7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795930-faec-495a-9ed4-4985950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:44.000Z",
|
|
"modified": "2015-12-22T14:07:44.000Z",
|
|
"description": "- Xchecked via VT: a36ea233bd502b81e8b795add7ff3a45",
|
|
"pattern": "[file:hashes.SHA1 = '068bb2d9e9c09207c218920ac37b294519cadfa0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795930-fe70-43cd-9ab9-4848950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:44.000Z",
|
|
"modified": "2015-12-22T14:07:44.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/119c7f7488b66436400e22ecac0107956384b2e093a258215822b9f40b34bcb7/analysis/1450760962/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795931-e950-4593-baa9-4e2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:45.000Z",
|
|
"modified": "2015-12-22T14:07:45.000Z",
|
|
"description": "- Xchecked via VT: 611618e3f9b51eb466c9302a328e3567",
|
|
"pattern": "[file:hashes.SHA256 = '50078f424bae434b4ae1e270ab1fb282ff092943e58f1aeac011c036e7ad71a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795931-c5a8-4608-92e7-4230950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:45.000Z",
|
|
"modified": "2015-12-22T14:07:45.000Z",
|
|
"description": "- Xchecked via VT: 611618e3f9b51eb466c9302a328e3567",
|
|
"pattern": "[file:hashes.SHA1 = '9665b3ad367abd528c167cf275eed553a4f4c88b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795931-1614-4610-8d27-42ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:45.000Z",
|
|
"modified": "2015-12-22T14:07:45.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/50078f424bae434b4ae1e270ab1fb282ff092943e58f1aeac011c036e7ad71a8/analysis/1444877716/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795932-9a8c-4384-8e17-4e71950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:46.000Z",
|
|
"modified": "2015-12-22T14:07:46.000Z",
|
|
"description": "- Xchecked via VT: 8a23789f004999780c56800b40e58b33",
|
|
"pattern": "[file:hashes.SHA256 = '2acfa4f55c34cafa6a8954c6c6cf1c5c8a5597189e25aa46434c7c0cce556529']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795932-cabc-438a-a0c7-4889950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:46.000Z",
|
|
"modified": "2015-12-22T14:07:46.000Z",
|
|
"description": "- Xchecked via VT: 8a23789f004999780c56800b40e58b33",
|
|
"pattern": "[file:hashes.SHA1 = '81be768af024bb5a21cf0c06c0db91fa98e39ee4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795932-12ac-4725-831d-497a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:46.000Z",
|
|
"modified": "2015-12-22T14:07:46.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/2acfa4f55c34cafa6a8954c6c6cf1c5c8a5597189e25aa46434c7c0cce556529/analysis/1444827885/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795932-fbac-40c9-a7fb-44ab950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:46.000Z",
|
|
"modified": "2015-12-22T14:07:46.000Z",
|
|
"description": "- Xchecked via VT: c99b6cd6328ee23d6de6a049e77afb74",
|
|
"pattern": "[file:hashes.SHA256 = '66b3a97a84ebd4bb9b3429024da80199c2f547335c5959c6e6aa72ba75535848']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795933-d1a0-4e19-89a1-4950950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:47.000Z",
|
|
"modified": "2015-12-22T14:07:47.000Z",
|
|
"description": "- Xchecked via VT: c99b6cd6328ee23d6de6a049e77afb74",
|
|
"pattern": "[file:hashes.SHA1 = '7cd05a8239649814d69ac130748153c946027732']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795933-77e4-45b8-9dc4-4cc3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:47.000Z",
|
|
"modified": "2015-12-22T14:07:47.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/66b3a97a84ebd4bb9b3429024da80199c2f547335c5959c6e6aa72ba75535848/analysis/1445489602/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795933-a4e8-4f10-9a52-4a2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:47.000Z",
|
|
"modified": "2015-12-22T14:07:47.000Z",
|
|
"description": "- Xchecked via VT: 7daba3583b400c27d510dc401ef18ce5",
|
|
"pattern": "[file:hashes.SHA256 = 'bf774be0e1e421668d956777bcbce0fa33110db4d5efd3bfdb0d3f4a2a133db0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795934-c3d4-46a1-b0e4-4e39950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:48.000Z",
|
|
"modified": "2015-12-22T14:07:48.000Z",
|
|
"description": "- Xchecked via VT: 7daba3583b400c27d510dc401ef18ce5",
|
|
"pattern": "[file:hashes.SHA1 = 'a2f93c93de73165eac7406ef546c0818d12d76a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795934-83a0-4083-9d0f-43eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:48.000Z",
|
|
"modified": "2015-12-22T14:07:48.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/bf774be0e1e421668d956777bcbce0fa33110db4d5efd3bfdb0d3f4a2a133db0/analysis/1445863044/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795934-c1d0-4d76-9033-4f97950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:48.000Z",
|
|
"modified": "2015-12-22T14:07:48.000Z",
|
|
"description": "- Xchecked via VT: 2e0c898f5a6ea1e0d133e435f3fab27c",
|
|
"pattern": "[file:hashes.SHA256 = '39ddac72b2c5ab128f40a6d2131d0b5316bdab8238102ed36d437f462eb7f957']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795934-1f34-4876-a246-412f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:48.000Z",
|
|
"modified": "2015-12-22T14:07:48.000Z",
|
|
"description": "- Xchecked via VT: 2e0c898f5a6ea1e0d133e435f3fab27c",
|
|
"pattern": "[file:hashes.SHA1 = '5b8aa2beb6bb83643764afea0a3cfb21f5e63665']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795935-2480-403c-bb5e-451b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:49.000Z",
|
|
"modified": "2015-12-22T14:07:49.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/39ddac72b2c5ab128f40a6d2131d0b5316bdab8238102ed36d437f462eb7f957/analysis/1446558083/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795935-9b4c-4071-aeea-4490950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:49.000Z",
|
|
"modified": "2015-12-22T14:07:49.000Z",
|
|
"description": "- Xchecked via VT: 81d1912a9f7f70344505b1c9d5d32307",
|
|
"pattern": "[file:hashes.SHA256 = 'd6b54d851a7137bc8b00502ebb8124b561fdc4b9455123ea05c5e77dc72df2f5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795935-41f4-46c4-9bd5-4c0c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:49.000Z",
|
|
"modified": "2015-12-22T14:07:49.000Z",
|
|
"description": "- Xchecked via VT: 81d1912a9f7f70344505b1c9d5d32307",
|
|
"pattern": "[file:hashes.SHA1 = 'a1bb6179d28733ce79a95a32cdd0aa58dff60935']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--56795936-095c-4869-8657-40d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2015-12-22T14:07:50.000Z",
|
|
"modified": "2015-12-22T14:07:50.000Z",
|
|
"pattern": "[url:value = 'https://www.virustotal.com/file/d6b54d851a7137bc8b00502ebb8124b561fdc4b9455123ea05c5e77dc72df2f5/analysis/1447582607/']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2015-12-22T14:07:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "External analysis"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |