31039 lines
No EOL
1.3 MiB
31039 lines
No EOL
1.3 MiB
{
|
|
"type": "bundle",
|
|
"id": "bundle--5720a8c0-9064-4e32-b7ad-4f7e950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T13:18:57.000Z",
|
|
"modified": "2016-04-27T13:18:57.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--5720a8c0-9064-4e32-b7ad-4f7e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T13:18:57.000Z",
|
|
"modified": "2016-04-27T13:18:57.000Z",
|
|
"name": "OSINT - RuMMS: The Latest Family of Android Malware Attacking Users in Russia Via SMS Phishing",
|
|
"published": "2016-04-27T13:52:44Z",
|
|
"object_refs": [
|
|
"observed-data--5720a8de-f7a4-4520-8669-44f9950d210f",
|
|
"url--5720a8de-f7a4-4520-8669-44f9950d210f",
|
|
"x-misp-attribute--5720a8ec-d694-4203-8f77-4c83950d210f",
|
|
"indicator--5720b0ae-1e14-4bc1-8b6c-4dbc950d210f",
|
|
"indicator--5720b0af-fc50-4c41-ae09-4e79950d210f",
|
|
"indicator--5720b0af-9884-47af-a4e8-40c0950d210f",
|
|
"indicator--5720b0b0-2948-463a-a53f-4c51950d210f",
|
|
"indicator--5720b0b0-e8d8-4d62-8e05-450e950d210f",
|
|
"indicator--5720b0b0-3440-4423-9bc4-467e950d210f",
|
|
"indicator--5720b0b1-e598-4cfd-bec3-4289950d210f",
|
|
"indicator--5720b0b1-0764-4159-a30a-445a950d210f",
|
|
"indicator--5720b0b2-d7ec-446a-98ea-43da950d210f",
|
|
"indicator--5720b0b2-8b08-442b-8deb-4318950d210f",
|
|
"indicator--5720b0b2-3ae0-4428-8caf-41f7950d210f",
|
|
"indicator--5720b0b3-ba2c-4255-bf32-42e4950d210f",
|
|
"indicator--5720b0b3-5b10-4d41-a770-446c950d210f",
|
|
"indicator--5720b0b4-eba0-4335-b7a6-4ce1950d210f",
|
|
"indicator--5720b0b4-808c-44bf-a5a9-45c4950d210f",
|
|
"indicator--5720b0b5-0634-4399-92f5-4d15950d210f",
|
|
"indicator--5720b0b5-f164-4861-bcf9-467e950d210f",
|
|
"indicator--5720b0b5-bc68-48d1-a883-401f950d210f",
|
|
"indicator--5720b0b6-f930-4820-9044-43e7950d210f",
|
|
"indicator--5720b0b6-bee4-42a8-aa20-4a35950d210f",
|
|
"indicator--5720b0b7-be50-4f08-9f44-43a2950d210f",
|
|
"indicator--5720b0b7-a830-4237-a4ff-4efc950d210f",
|
|
"indicator--5720b0b7-1c4c-4a15-b420-4588950d210f",
|
|
"indicator--5720b0b8-8778-44f3-8824-44ee950d210f",
|
|
"indicator--5720b0b8-446c-44c7-b1b5-4339950d210f",
|
|
"indicator--5720b0b9-1fe0-4074-acc2-41f0950d210f",
|
|
"indicator--5720b0b9-7498-459e-ab80-4027950d210f",
|
|
"indicator--5720b0b9-fda8-4b05-9b01-4d64950d210f",
|
|
"indicator--5720b0ba-2950-4ac4-9427-463d950d210f",
|
|
"indicator--5720b0ba-db00-496b-8d21-4a68950d210f",
|
|
"indicator--5720b0bb-025c-476d-a8f8-4f1a950d210f",
|
|
"indicator--5720b0bb-3fa4-490f-b649-4f8e950d210f",
|
|
"indicator--5720b0bb-7930-40cc-b7b7-4621950d210f",
|
|
"indicator--5720b0bc-c29c-4c9f-b5f2-4a4d950d210f",
|
|
"indicator--5720b0bc-7918-4f39-926c-4786950d210f",
|
|
"indicator--5720b0bd-b4d0-48af-a670-4999950d210f",
|
|
"indicator--5720b0bd-791c-4759-9077-4315950d210f",
|
|
"indicator--5720b0bd-8ec0-47bb-84d4-4cc8950d210f",
|
|
"indicator--5720b0be-714c-4c49-bc9c-4748950d210f",
|
|
"indicator--5720b0be-d5c8-429b-be77-4589950d210f",
|
|
"indicator--5720b0bf-e3a4-4b1d-8270-409c950d210f",
|
|
"indicator--5720b0bf-bbb8-4643-8d18-456e950d210f",
|
|
"indicator--5720b0c0-ce08-4032-b884-4298950d210f",
|
|
"indicator--5720b0c0-72b0-4f22-a72d-4981950d210f",
|
|
"indicator--5720b0c0-97c0-43b3-82a0-4cc4950d210f",
|
|
"indicator--5720b0c1-3e5c-476c-b727-406f950d210f",
|
|
"indicator--5720b0c1-41f0-447f-8ac7-42f7950d210f",
|
|
"indicator--5720b0c2-cfa0-45b0-b808-40ff950d210f",
|
|
"indicator--5720b0c2-118c-411b-8f4d-401f950d210f",
|
|
"indicator--5720b0c2-5df4-4517-9e6f-4a15950d210f",
|
|
"indicator--5720b0c3-8720-4fe1-b14e-4a2c950d210f",
|
|
"indicator--5720b0c3-ed6c-432b-a0b8-4c14950d210f",
|
|
"indicator--5720b0c4-0974-44ec-928c-45db950d210f",
|
|
"indicator--5720b0c4-d5e0-4870-8def-4891950d210f",
|
|
"indicator--5720b0c4-6e3c-45e4-aad4-459f950d210f",
|
|
"indicator--5720b0c5-ebac-451e-aeb9-4dc8950d210f",
|
|
"indicator--5720b0c5-da70-4733-9d23-408b950d210f",
|
|
"indicator--5720b0c6-3134-4902-8042-4fda950d210f",
|
|
"indicator--5720b0c6-0094-4408-9f8e-4a2a950d210f",
|
|
"indicator--5720b0c6-9d08-44c1-b097-4f01950d210f",
|
|
"indicator--5720b0c7-5320-4baf-b8d9-47e5950d210f",
|
|
"indicator--5720b0c7-eb90-4f96-a712-44a2950d210f",
|
|
"indicator--5720b0c8-c1dc-4d24-865b-46de950d210f",
|
|
"indicator--5720b0c8-0c2c-46d5-9e95-4a7e950d210f",
|
|
"indicator--5720b0c8-e53c-49ae-9ab4-45a3950d210f",
|
|
"indicator--5720b0c9-25dc-4614-9553-4cb8950d210f",
|
|
"indicator--5720b0c9-6238-48a8-856d-43a2950d210f",
|
|
"indicator--5720b0c9-95a0-4761-bc63-44a5950d210f",
|
|
"indicator--5720b0ca-6090-48c7-9a35-4603950d210f",
|
|
"indicator--5720b0ca-79dc-4c29-9e89-4928950d210f",
|
|
"indicator--5720b0ca-40f4-4717-8a36-4854950d210f",
|
|
"indicator--5720b0cb-89a0-4738-806b-4570950d210f",
|
|
"indicator--5720b0cb-8c60-4346-9e78-4240950d210f",
|
|
"indicator--5720b0cb-b6a4-478d-aa59-405b950d210f",
|
|
"indicator--5720b0cc-552c-45de-bca7-4837950d210f",
|
|
"indicator--5720b0cc-472c-4fee-83fc-4dde950d210f",
|
|
"indicator--5720b0cc-671c-4d95-bbf4-4d98950d210f",
|
|
"indicator--5720b0cc-5aa0-4682-bca0-4b13950d210f",
|
|
"indicator--5720b0cd-7a5c-41bc-9056-427f950d210f",
|
|
"indicator--5720b0cd-7e48-4de4-bd7a-4741950d210f",
|
|
"indicator--5720b0cd-9d78-4011-9e8f-4806950d210f",
|
|
"indicator--5720b0ce-7e8c-42dd-818e-49b4950d210f",
|
|
"indicator--5720b0ce-c3ac-4dd3-a212-4c1b950d210f",
|
|
"indicator--5720b0cf-be28-418c-8c20-4424950d210f",
|
|
"indicator--5720b0cf-e590-4fdd-be54-4707950d210f",
|
|
"indicator--5720b0cf-4cec-4a98-8829-40da950d210f",
|
|
"indicator--5720b0d0-1248-4ea4-886e-4371950d210f",
|
|
"indicator--5720b0d0-d688-4b9c-a557-4188950d210f",
|
|
"indicator--5720b0d1-afa4-43be-be1b-4986950d210f",
|
|
"indicator--5720b0d1-0fa0-455e-8f47-4cf7950d210f",
|
|
"indicator--5720b0d1-1fb4-4e0b-881f-4544950d210f",
|
|
"indicator--5720b0d2-31a0-4a96-b99f-46d3950d210f",
|
|
"indicator--5720b0d2-630c-425d-9fd8-4ba3950d210f",
|
|
"indicator--5720b0d3-c048-46b3-b829-42d3950d210f",
|
|
"indicator--5720b0d3-50c4-43db-8c4c-4198950d210f",
|
|
"indicator--5720b0d3-bdf4-4db3-9b78-4786950d210f",
|
|
"indicator--5720b0d4-f918-43b8-b09b-4e34950d210f",
|
|
"indicator--5720b0d4-1a40-41aa-8332-49bf950d210f",
|
|
"indicator--5720b0d5-89e0-46e0-af59-4d53950d210f",
|
|
"indicator--5720b0d5-3f5c-44a9-a015-47b7950d210f",
|
|
"indicator--5720b0d5-f1b0-4fb9-9b24-455e950d210f",
|
|
"indicator--5720b0d6-4a60-4a76-af4a-4073950d210f",
|
|
"indicator--5720b0d6-16f8-4576-ad5e-4c74950d210f",
|
|
"indicator--5720b0d7-c2f0-4621-952f-4037950d210f",
|
|
"indicator--5720b0d7-ad44-4740-9f5f-4bd9950d210f",
|
|
"indicator--5720b0d7-27f4-4324-8109-497a950d210f",
|
|
"indicator--5720b0d8-0534-4361-ac58-464a950d210f",
|
|
"indicator--5720b0d8-79ac-4c82-8b62-406e950d210f",
|
|
"indicator--5720b0d9-aca8-451f-857a-4171950d210f",
|
|
"indicator--5720b0d9-77c4-4b4b-89f2-4d2d950d210f",
|
|
"indicator--5720b0d9-687c-4a78-bd61-4b1c950d210f",
|
|
"indicator--5720b0da-9e98-47be-981e-4d6d950d210f",
|
|
"indicator--5720b0da-a5f8-4753-aec6-4c8e950d210f",
|
|
"indicator--5720b0db-bb68-4242-befa-4249950d210f",
|
|
"indicator--5720b0db-5fcc-47f7-9705-4858950d210f",
|
|
"indicator--5720b0dc-312c-4009-b722-415f950d210f",
|
|
"indicator--5720b0dc-c1a8-4dcb-9bfd-4bd4950d210f",
|
|
"indicator--5720b0dc-6b58-4537-ac63-47f6950d210f",
|
|
"indicator--5720b0dd-2240-4155-88df-43e6950d210f",
|
|
"indicator--5720b0dd-c660-419e-bb16-4446950d210f",
|
|
"indicator--5720b0de-9914-4f66-981e-4622950d210f",
|
|
"indicator--5720b0de-ff04-4153-be56-48f9950d210f",
|
|
"indicator--5720b0de-1910-4627-9a63-471f950d210f",
|
|
"indicator--5720b0df-c284-4667-a9df-4421950d210f",
|
|
"indicator--5720b0df-5998-47be-ba01-491e950d210f",
|
|
"indicator--5720b0e0-1d00-40ff-84cf-46cd950d210f",
|
|
"indicator--5720b0e0-4a60-48ca-a1c1-43b7950d210f",
|
|
"indicator--5720b0e0-d660-47e2-b8a9-4800950d210f",
|
|
"indicator--5720b0e1-23d8-42d7-b47e-44ca950d210f",
|
|
"indicator--5720b0e1-f214-4646-b36f-490f950d210f",
|
|
"indicator--5720b0e2-da44-45f6-96a3-4641950d210f",
|
|
"indicator--5720b0e2-eed0-47df-a0f2-47e5950d210f",
|
|
"indicator--5720b0e2-6e5c-420e-b345-4a5a950d210f",
|
|
"indicator--5720b0e3-54a4-43d8-adef-4377950d210f",
|
|
"indicator--5720b0e3-cdb0-40e7-a583-499e950d210f",
|
|
"indicator--5720b0e4-cfb4-4a64-9854-4290950d210f",
|
|
"indicator--5720b0e4-8974-4d01-be2d-42c4950d210f",
|
|
"indicator--5720b0e4-856c-4826-b3fc-4564950d210f",
|
|
"indicator--5720b0e5-db58-48c8-8c88-4f72950d210f",
|
|
"indicator--5720b0e5-6624-4066-9cf8-4813950d210f",
|
|
"indicator--5720b0e6-eb04-4607-b349-42f2950d210f",
|
|
"indicator--5720b0e6-39c4-4a1a-b004-45a2950d210f",
|
|
"indicator--5720b0e6-630c-439b-90b6-47ba950d210f",
|
|
"indicator--5720b0e7-2bec-4ec8-ad54-4214950d210f",
|
|
"indicator--5720b0e7-8788-4bd2-9260-4daa950d210f",
|
|
"indicator--5720b0e8-db5c-49e1-86c8-42cd950d210f",
|
|
"indicator--5720b0e8-c54c-4a58-b8ba-4f50950d210f",
|
|
"indicator--5720b0e8-b558-42a6-90cd-4f80950d210f",
|
|
"indicator--5720b0e9-656c-4cf0-96cb-402d950d210f",
|
|
"indicator--5720b0e9-4b08-4cd8-9241-40fc950d210f",
|
|
"indicator--5720b0ea-f740-4337-a708-473f950d210f",
|
|
"indicator--5720b0ea-9150-474b-93cc-404c950d210f",
|
|
"indicator--5720b0ea-3234-4252-a3a9-4297950d210f",
|
|
"indicator--5720b0eb-da78-4111-a565-469b950d210f",
|
|
"indicator--5720b0eb-3cb4-4b2b-9d14-45ac950d210f",
|
|
"indicator--5720b0ec-1fb4-4ab4-946d-4843950d210f",
|
|
"indicator--5720b0ec-1f84-40e0-ae3e-4d8b950d210f",
|
|
"indicator--5720b0ed-233c-4e11-ac57-48e0950d210f",
|
|
"indicator--5720b0ed-7ee4-4626-886c-4851950d210f",
|
|
"indicator--5720b0ed-d160-4bf9-8e8f-4699950d210f",
|
|
"indicator--5720b0ee-e010-4844-b8eb-43c6950d210f",
|
|
"indicator--5720b0ee-4918-43b9-a806-4478950d210f",
|
|
"indicator--5720b0ef-1940-405f-a53a-4533950d210f",
|
|
"indicator--5720b0ef-9924-4fa2-86dd-4819950d210f",
|
|
"indicator--5720b0ef-34ac-4096-8ee3-4973950d210f",
|
|
"indicator--5720b0f0-bbe4-4ef5-accd-495f950d210f",
|
|
"indicator--5720b0f0-e76c-4d30-b871-4a32950d210f",
|
|
"indicator--5720b0f1-5c00-4ec6-8c65-4253950d210f",
|
|
"indicator--5720b0f1-5968-46e8-961a-4711950d210f",
|
|
"indicator--5720b0f1-810c-4a43-8c25-4e6e950d210f",
|
|
"indicator--5720b0f2-d344-4852-a3a3-4cda950d210f",
|
|
"indicator--5720b0f2-f618-462d-96b0-41ff950d210f",
|
|
"indicator--5720b0f2-df34-4bc4-8c65-4ba4950d210f",
|
|
"indicator--5720b0f3-1da8-4282-8f68-472a950d210f",
|
|
"indicator--5720b0f3-439c-4d0d-acb2-4383950d210f",
|
|
"indicator--5720b0f4-926c-4e59-8410-4a20950d210f",
|
|
"indicator--5720b0f4-1aac-4c6b-bc21-4b5c950d210f",
|
|
"indicator--5720b0f4-37a4-401d-8e94-465d950d210f",
|
|
"indicator--5720b0f5-d5a8-4446-a13a-4c14950d210f",
|
|
"indicator--5720b0f5-7410-498f-9fc0-4881950d210f",
|
|
"indicator--5720b0f6-1388-4c0f-82f1-40c5950d210f",
|
|
"indicator--5720b0f6-aa0c-45bf-831f-4f56950d210f",
|
|
"indicator--5720b0f6-6ba4-4185-950f-4afe950d210f",
|
|
"indicator--5720b0f7-16f8-4118-b3b5-4ed5950d210f",
|
|
"indicator--5720b0f7-b6c4-4a47-8390-4cb0950d210f",
|
|
"indicator--5720b0f8-bc5c-4665-b58c-4f55950d210f",
|
|
"indicator--5720b0f8-54dc-40eb-8471-410b950d210f",
|
|
"indicator--5720b0f8-22ac-400d-b396-4f34950d210f",
|
|
"indicator--5720b0f9-e198-4f4e-9dad-43d3950d210f",
|
|
"indicator--5720b0f9-0644-49b7-a81a-4488950d210f",
|
|
"indicator--5720b0fa-ec4c-489c-868b-4464950d210f",
|
|
"indicator--5720b0fa-da88-4388-bc7a-4e50950d210f",
|
|
"indicator--5720b0fa-f358-470c-88c7-4162950d210f",
|
|
"indicator--5720b0fb-1d2c-43c6-8b07-4770950d210f",
|
|
"indicator--5720b0fb-93d8-4214-888c-44eb950d210f",
|
|
"indicator--5720b0fc-8f1c-40b9-b710-43d8950d210f",
|
|
"indicator--5720b0fc-81b4-47c1-8d9f-4de2950d210f",
|
|
"indicator--5720b0fc-a9ec-4bca-b471-4566950d210f",
|
|
"indicator--5720b0fd-dedc-423c-b26b-4171950d210f",
|
|
"indicator--5720b0fd-e29c-419c-ac82-4c18950d210f",
|
|
"indicator--5720b0fe-b98c-4e5d-8300-4104950d210f",
|
|
"indicator--5720b0fe-5ffc-42c8-af12-4174950d210f",
|
|
"indicator--5720b0fe-5320-4744-a1b5-41d3950d210f",
|
|
"indicator--5720b0ff-4850-43c2-a1c7-4fb6950d210f",
|
|
"indicator--5720b0ff-b270-4a5b-979d-4832950d210f",
|
|
"indicator--5720b100-f700-40f8-9e24-4754950d210f",
|
|
"indicator--5720b100-5024-4afd-9cb1-43ac950d210f",
|
|
"indicator--5720b101-9b8c-4dbb-8548-493c950d210f",
|
|
"indicator--5720b101-cb4c-4846-94ad-41a4950d210f",
|
|
"indicator--5720b101-f51c-45c4-a2c0-48c8950d210f",
|
|
"indicator--5720b102-733c-417d-a6c8-4771950d210f",
|
|
"indicator--5720b102-6e60-4737-bf52-4bb6950d210f",
|
|
"indicator--5720b103-4b08-4b73-883d-420e950d210f",
|
|
"indicator--5720b103-886c-40d3-8fc0-49c8950d210f",
|
|
"indicator--5720b103-e078-4777-adea-45e0950d210f",
|
|
"indicator--5720b104-92f0-48d8-9d86-4213950d210f",
|
|
"indicator--5720b104-6de4-4a3f-b943-4b78950d210f",
|
|
"indicator--5720b105-072c-479f-b1a8-4f21950d210f",
|
|
"indicator--5720b105-d838-4705-93b1-49b5950d210f",
|
|
"indicator--5720b105-2e84-40fc-978e-4acc950d210f",
|
|
"indicator--5720b106-be5c-43ba-b55f-4781950d210f",
|
|
"indicator--5720b106-e08c-4137-b129-4e6b950d210f",
|
|
"indicator--5720b107-2b80-40ec-9fcc-4579950d210f",
|
|
"indicator--5720b107-d788-40a5-9627-4050950d210f",
|
|
"indicator--5720b107-e310-4812-93a8-4981950d210f",
|
|
"indicator--5720b108-8668-41b1-8110-4884950d210f",
|
|
"indicator--5720b108-f83c-4220-9b71-4f39950d210f",
|
|
"indicator--5720b109-30d4-4ea7-9156-4575950d210f",
|
|
"indicator--5720b109-cd74-434e-9105-4594950d210f",
|
|
"indicator--5720b109-a214-47cc-b47a-4232950d210f",
|
|
"indicator--5720b10a-63c8-467f-bb47-46be950d210f",
|
|
"indicator--5720b10a-a578-4439-9da4-4285950d210f",
|
|
"indicator--5720b10b-fd7c-4982-bca3-4dfc950d210f",
|
|
"indicator--5720b10b-7354-4094-a985-4dd3950d210f",
|
|
"indicator--5720b10b-9fb4-4ae3-9ba2-4e6d950d210f",
|
|
"indicator--5720b10c-0034-4908-a8db-4dd9950d210f",
|
|
"indicator--5720b10c-4b8c-4a2c-a498-48e0950d210f",
|
|
"indicator--5720b10d-6068-4d3f-87f0-427c950d210f",
|
|
"indicator--5720b10d-7104-44d0-bcc0-422b950d210f",
|
|
"indicator--5720b10d-e97c-483f-ac3c-4169950d210f",
|
|
"indicator--5720b10e-ccd0-4417-879c-472b950d210f",
|
|
"indicator--5720b10e-ffa8-4dee-897f-4a28950d210f",
|
|
"indicator--5720b10f-a37c-424f-bc25-4bed950d210f",
|
|
"indicator--5720b10f-7cbc-4041-97e7-41e8950d210f",
|
|
"indicator--5720b110-2ea4-4948-8016-4de9950d210f",
|
|
"indicator--5720b110-6284-4399-8022-4a47950d210f",
|
|
"indicator--5720b110-e5c8-440e-b241-42ae950d210f",
|
|
"indicator--5720b111-fd2c-4d74-9449-4e9d950d210f",
|
|
"indicator--5720b111-c0a4-4fc0-9167-48e6950d210f",
|
|
"indicator--5720b112-3ee8-4fb0-aa1e-4375950d210f",
|
|
"indicator--5720b112-9a84-4d3f-b4b0-4f4e950d210f",
|
|
"indicator--5720b112-eea8-42ce-866d-45c3950d210f",
|
|
"indicator--5720b113-286c-4abe-b07f-4184950d210f",
|
|
"indicator--5720b113-7f4c-4882-90ff-411e950d210f",
|
|
"indicator--5720b114-4ee4-4d51-9574-4834950d210f",
|
|
"indicator--5720b114-cf38-4bec-b932-420a950d210f",
|
|
"indicator--5720b114-3924-4a2f-a4f4-4c1d950d210f",
|
|
"indicator--5720b115-fbe0-45e6-98a0-4fb9950d210f",
|
|
"indicator--5720b115-1748-447f-a02c-4d15950d210f",
|
|
"indicator--5720b116-aac0-437d-8bce-4c15950d210f",
|
|
"indicator--5720b116-e71c-4b88-9a6b-4c69950d210f",
|
|
"indicator--5720b116-b6bc-4f0c-8ecb-448f950d210f",
|
|
"indicator--5720b117-f630-4bec-a72b-49a3950d210f",
|
|
"indicator--5720b117-9bdc-46a9-b604-410c950d210f",
|
|
"indicator--5720b118-50bc-4d06-9133-4730950d210f",
|
|
"indicator--5720b118-dbf4-4b4a-ab2f-45a3950d210f",
|
|
"indicator--5720b118-92a4-4807-8a49-4706950d210f",
|
|
"indicator--5720b119-d370-4634-80c9-4046950d210f",
|
|
"indicator--5720b119-0580-4006-9774-4329950d210f",
|
|
"indicator--5720b11a-93c8-4fb4-a57a-4195950d210f",
|
|
"indicator--5720b11a-40c0-4394-891c-4412950d210f",
|
|
"indicator--5720b11a-ab2c-48f6-b27e-4f7d950d210f",
|
|
"indicator--5720b11b-6330-423e-b7d7-4a47950d210f",
|
|
"indicator--5720b11b-7c38-4113-8b8d-4291950d210f",
|
|
"indicator--5720b11c-a240-40aa-a0a5-4328950d210f",
|
|
"indicator--5720b11c-8e14-421d-abfb-479e950d210f",
|
|
"indicator--5720b11d-a7c0-4057-a504-4fab950d210f",
|
|
"indicator--5720b11d-99f8-4f77-af83-446b950d210f",
|
|
"indicator--5720b11d-8e20-4db4-b0a2-4a7e950d210f",
|
|
"indicator--5720b11e-886c-42b1-aba7-437d950d210f",
|
|
"indicator--5720b11e-bd5c-4688-97c2-4ae2950d210f",
|
|
"indicator--5720b11f-72b4-4dda-967b-4802950d210f",
|
|
"indicator--5720b11f-1140-45a6-b362-4b1f950d210f",
|
|
"indicator--5720b11f-8a9c-4b51-9143-4cf9950d210f",
|
|
"indicator--5720b120-2608-43de-b8b5-401f950d210f",
|
|
"indicator--5720b120-0cfc-4c25-a8b4-4f91950d210f",
|
|
"indicator--5720b121-687c-4127-8b45-47f0950d210f",
|
|
"indicator--5720b121-c3d8-4cf4-975f-401a950d210f",
|
|
"indicator--5720b121-a13c-48cf-98bc-4083950d210f",
|
|
"indicator--5720b122-31d4-4485-ab3d-4e86950d210f",
|
|
"indicator--5720b122-67b0-407f-af3a-4a73950d210f",
|
|
"indicator--5720b123-8228-4897-920a-4311950d210f",
|
|
"indicator--5720b123-78fc-4820-a092-405a950d210f",
|
|
"indicator--5720b123-0a80-4e7a-84c4-4c02950d210f",
|
|
"indicator--5720b124-7a60-4071-9fae-47db950d210f",
|
|
"indicator--5720b124-fc4c-4934-a9b9-4d89950d210f",
|
|
"indicator--5720b2e6-1024-41d4-89a4-499a950d210f",
|
|
"indicator--5720b33f-f968-4e42-a4e8-4fed950d210f",
|
|
"indicator--5720b340-1128-4d91-aaf3-4dd6950d210f",
|
|
"indicator--5720b340-3cac-405c-b0a6-4732950d210f",
|
|
"indicator--5720b340-20c4-439f-afc2-45cb950d210f",
|
|
"indicator--5720b4fc-5d9c-47a4-972b-49af02de0b81",
|
|
"indicator--5720b4fc-a2f4-4e49-9860-483602de0b81",
|
|
"observed-data--5720b4fd-4a20-4507-8bdb-471d02de0b81",
|
|
"url--5720b4fd-4a20-4507-8bdb-471d02de0b81",
|
|
"indicator--5720b4fd-5ab4-447a-ab41-45b602de0b81",
|
|
"indicator--5720b4ff-fa20-4ac7-84f0-499602de0b81",
|
|
"observed-data--5720b4ff-82d8-432e-a884-412502de0b81",
|
|
"url--5720b4ff-82d8-432e-a884-412502de0b81",
|
|
"indicator--5720b500-e5e0-40b7-904f-4f1c02de0b81",
|
|
"indicator--5720b500-9ed4-4f7b-8c85-418c02de0b81",
|
|
"observed-data--5720b501-b874-4291-a650-46c702de0b81",
|
|
"url--5720b501-b874-4291-a650-46c702de0b81",
|
|
"indicator--5720b501-25c0-4819-88a3-46d402de0b81",
|
|
"indicator--5720b502-607c-483f-9e43-4c0102de0b81",
|
|
"observed-data--5720b502-5608-4540-a287-479c02de0b81",
|
|
"url--5720b502-5608-4540-a287-479c02de0b81",
|
|
"indicator--5720b503-a8c4-47b8-8d77-474602de0b81",
|
|
"indicator--5720b503-b404-4f9e-b10c-466302de0b81",
|
|
"observed-data--5720b503-10d0-49da-8f38-408502de0b81",
|
|
"url--5720b503-10d0-49da-8f38-408502de0b81",
|
|
"indicator--5720b504-9ed4-4dc4-ba46-430102de0b81",
|
|
"indicator--5720b504-7878-47d5-9321-401c02de0b81",
|
|
"observed-data--5720b504-0780-4e98-b7aa-4c6902de0b81",
|
|
"url--5720b504-0780-4e98-b7aa-4c6902de0b81",
|
|
"indicator--5720b505-da98-457c-888d-46d802de0b81",
|
|
"indicator--5720b505-e75c-4d82-b2fa-42e602de0b81",
|
|
"observed-data--5720b505-6b18-4b54-be23-4fd702de0b81",
|
|
"url--5720b505-6b18-4b54-be23-4fd702de0b81",
|
|
"indicator--5720b506-b7b0-40ec-9824-436102de0b81",
|
|
"indicator--5720b506-42e4-4111-a720-4b5202de0b81",
|
|
"observed-data--5720b507-d798-4936-8177-4beb02de0b81",
|
|
"url--5720b507-d798-4936-8177-4beb02de0b81",
|
|
"indicator--5720b507-c7e8-42cd-a3c0-4f1502de0b81",
|
|
"indicator--5720b508-bbf0-4973-be9a-443602de0b81",
|
|
"observed-data--5720b508-bb40-4399-b31e-421602de0b81",
|
|
"url--5720b508-bb40-4399-b31e-421602de0b81",
|
|
"indicator--5720b508-d894-4f22-96cb-429c02de0b81",
|
|
"indicator--5720b509-0f48-42d3-9411-48fa02de0b81",
|
|
"observed-data--5720b509-5f0c-42cd-96c7-4de002de0b81",
|
|
"url--5720b509-5f0c-42cd-96c7-4de002de0b81",
|
|
"indicator--5720b50a-a1ac-45e0-beda-47b002de0b81",
|
|
"indicator--5720b50a-13b0-469b-9c60-40bc02de0b81",
|
|
"observed-data--5720b50b-91fc-4a93-9887-4dfc02de0b81",
|
|
"url--5720b50b-91fc-4a93-9887-4dfc02de0b81",
|
|
"indicator--5720b50b-32e0-4b80-97da-4b3b02de0b81",
|
|
"indicator--5720b50b-76d8-4fbe-9389-44cc02de0b81",
|
|
"observed-data--5720b50c-ffec-45a8-833e-4ce202de0b81",
|
|
"url--5720b50c-ffec-45a8-833e-4ce202de0b81",
|
|
"indicator--5720b50c-1b9c-4575-a13d-4a6202de0b81",
|
|
"indicator--5720b50d-fe94-47d3-b3ea-45ea02de0b81",
|
|
"observed-data--5720b50d-ff88-4035-a9ea-4f4002de0b81",
|
|
"url--5720b50d-ff88-4035-a9ea-4f4002de0b81",
|
|
"indicator--5720b50d-7a40-4872-a12c-4c7602de0b81",
|
|
"indicator--5720b50e-d350-4e37-8ad5-497a02de0b81",
|
|
"observed-data--5720b50e-9350-4586-9964-47fe02de0b81",
|
|
"url--5720b50e-9350-4586-9964-47fe02de0b81",
|
|
"indicator--5720b50f-94f0-4e39-9e12-4f6802de0b81",
|
|
"indicator--5720b50f-b86c-454f-a91e-4d8a02de0b81",
|
|
"observed-data--5720b510-d190-4731-bf2c-423702de0b81",
|
|
"url--5720b510-d190-4731-bf2c-423702de0b81",
|
|
"indicator--5720b510-ca7c-4f06-b42c-46e702de0b81",
|
|
"indicator--5720b510-9718-4053-9c5a-4eae02de0b81",
|
|
"observed-data--5720b511-5444-4a6a-bf74-433f02de0b81",
|
|
"url--5720b511-5444-4a6a-bf74-433f02de0b81",
|
|
"indicator--5720b511-0050-47f0-86a3-41e102de0b81",
|
|
"indicator--5720b512-2c30-41d3-a6ae-47ce02de0b81",
|
|
"observed-data--5720b512-6830-4017-825c-438002de0b81",
|
|
"url--5720b512-6830-4017-825c-438002de0b81",
|
|
"indicator--5720b513-cf54-4adc-b49e-44c402de0b81",
|
|
"indicator--5720b513-991c-46e1-944e-4c4302de0b81",
|
|
"observed-data--5720b513-3aec-47f7-9cb5-4d2202de0b81",
|
|
"url--5720b513-3aec-47f7-9cb5-4d2202de0b81",
|
|
"indicator--5720b514-3e50-41fd-b507-405f02de0b81",
|
|
"indicator--5720b514-538c-4897-bb51-4f9802de0b81",
|
|
"observed-data--5720b515-1398-428a-b1c7-4c8102de0b81",
|
|
"url--5720b515-1398-428a-b1c7-4c8102de0b81",
|
|
"indicator--5720b515-de2c-4ff8-91a6-491602de0b81",
|
|
"indicator--5720b515-9b24-47e3-931d-483602de0b81",
|
|
"observed-data--5720b516-7048-46af-acc0-4fe002de0b81",
|
|
"url--5720b516-7048-46af-acc0-4fe002de0b81",
|
|
"indicator--5720b516-9628-45fe-af67-47d902de0b81",
|
|
"indicator--5720b517-d348-4c3d-9813-416902de0b81",
|
|
"observed-data--5720b517-5714-40a0-b68d-4bf702de0b81",
|
|
"url--5720b517-5714-40a0-b68d-4bf702de0b81",
|
|
"indicator--5720b518-fe1c-4b71-b228-433d02de0b81",
|
|
"indicator--5720b518-1e34-4bb9-99be-493602de0b81",
|
|
"observed-data--5720b518-a0fc-4f0c-8399-482402de0b81",
|
|
"url--5720b518-a0fc-4f0c-8399-482402de0b81",
|
|
"indicator--5720b519-3d0c-4db2-8b5b-411802de0b81",
|
|
"indicator--5720b519-6a44-4f8c-9152-498402de0b81",
|
|
"observed-data--5720b51a-2b84-4088-80e1-4f0502de0b81",
|
|
"url--5720b51a-2b84-4088-80e1-4f0502de0b81",
|
|
"indicator--5720b51a-e248-4add-8f26-463b02de0b81",
|
|
"indicator--5720b51a-ff3c-4de4-8f66-405d02de0b81",
|
|
"observed-data--5720b51b-e918-4e7a-a877-4efc02de0b81",
|
|
"url--5720b51b-e918-4e7a-a877-4efc02de0b81",
|
|
"indicator--5720b51b-539c-4d98-842b-4fe802de0b81",
|
|
"indicator--5720b51c-23a4-46b1-b8b5-432702de0b81",
|
|
"observed-data--5720b51c-4668-407b-a5bb-4b2d02de0b81",
|
|
"url--5720b51c-4668-407b-a5bb-4b2d02de0b81",
|
|
"indicator--5720b51d-a7f0-417f-b1d2-419b02de0b81",
|
|
"indicator--5720b51d-0f50-47f5-b458-4fc002de0b81",
|
|
"observed-data--5720b51d-40a4-46c8-ba06-46fb02de0b81",
|
|
"url--5720b51d-40a4-46c8-ba06-46fb02de0b81",
|
|
"indicator--5720b51e-ef88-408e-b2a6-4e7d02de0b81",
|
|
"indicator--5720b51e-968c-472c-9d4f-4b4702de0b81",
|
|
"observed-data--5720b51f-a9d4-4d9a-a547-463e02de0b81",
|
|
"url--5720b51f-a9d4-4d9a-a547-463e02de0b81",
|
|
"indicator--5720b51f-49ac-41b7-815a-499102de0b81",
|
|
"indicator--5720b51f-fe68-487c-9c59-464502de0b81",
|
|
"observed-data--5720b520-3edc-4aaa-9faa-4f3d02de0b81",
|
|
"url--5720b520-3edc-4aaa-9faa-4f3d02de0b81",
|
|
"indicator--5720b520-8bc4-43fd-a00a-456602de0b81",
|
|
"indicator--5720b521-bd20-44b4-968c-46c202de0b81",
|
|
"observed-data--5720b521-11a8-4051-8006-4f2702de0b81",
|
|
"url--5720b521-11a8-4051-8006-4f2702de0b81",
|
|
"indicator--5720b521-0158-4614-8f2d-488c02de0b81",
|
|
"indicator--5720b522-1b34-49c6-9c9d-417802de0b81",
|
|
"observed-data--5720b522-f838-4005-878b-40ad02de0b81",
|
|
"url--5720b522-f838-4005-878b-40ad02de0b81",
|
|
"indicator--5720b523-3e24-46f7-881b-418002de0b81",
|
|
"indicator--5720b523-e298-4033-b8b0-45e502de0b81",
|
|
"observed-data--5720b524-d56c-463e-bd42-492802de0b81",
|
|
"url--5720b524-d56c-463e-bd42-492802de0b81",
|
|
"indicator--5720b524-b068-4aa6-8146-4c1202de0b81",
|
|
"indicator--5720b524-6a34-477f-8eb5-4f9c02de0b81",
|
|
"observed-data--5720b525-2b34-4b1d-8b02-4d8002de0b81",
|
|
"url--5720b525-2b34-4b1d-8b02-4d8002de0b81",
|
|
"indicator--5720b525-c498-467f-ba31-4bf502de0b81",
|
|
"indicator--5720b526-abc4-4147-93a6-462802de0b81",
|
|
"observed-data--5720b526-4804-40d3-a056-415902de0b81",
|
|
"url--5720b526-4804-40d3-a056-415902de0b81",
|
|
"indicator--5720b526-9804-4079-8893-417302de0b81",
|
|
"indicator--5720b527-a640-464b-89cc-445e02de0b81",
|
|
"observed-data--5720b527-02ac-4123-88f3-427d02de0b81",
|
|
"url--5720b527-02ac-4123-88f3-427d02de0b81",
|
|
"indicator--5720b528-e8e0-4c5f-9228-4f1702de0b81",
|
|
"indicator--5720b528-13b4-4aaf-a5aa-499c02de0b81",
|
|
"observed-data--5720b529-11dc-44ee-a822-419202de0b81",
|
|
"url--5720b529-11dc-44ee-a822-419202de0b81",
|
|
"indicator--5720b529-0c70-4636-8649-4f2402de0b81",
|
|
"indicator--5720b529-3f38-4bf7-ab95-46de02de0b81",
|
|
"observed-data--5720b52a-ae68-49b0-b020-477402de0b81",
|
|
"url--5720b52a-ae68-49b0-b020-477402de0b81",
|
|
"indicator--5720b52a-0e34-4ffe-861d-417802de0b81",
|
|
"indicator--5720b52b-f150-4a56-a87f-483102de0b81",
|
|
"observed-data--5720b52b-3d20-4364-ae66-48ca02de0b81",
|
|
"url--5720b52b-3d20-4364-ae66-48ca02de0b81",
|
|
"indicator--5720b52b-7d08-48d8-b08d-45a202de0b81",
|
|
"indicator--5720b52c-0f94-478c-b3d7-42ca02de0b81",
|
|
"observed-data--5720b52c-5cac-427a-b015-40cb02de0b81",
|
|
"url--5720b52c-5cac-427a-b015-40cb02de0b81",
|
|
"indicator--5720b52d-7f08-40f1-a276-4b6102de0b81",
|
|
"indicator--5720b52d-ff8c-4f9f-aab3-4bc802de0b81",
|
|
"observed-data--5720b52e-4b54-4ad1-93b7-47b402de0b81",
|
|
"url--5720b52e-4b54-4ad1-93b7-47b402de0b81",
|
|
"indicator--5720b52e-50d4-4042-b2b7-46a802de0b81",
|
|
"indicator--5720b52e-9a18-4a9a-b673-4d9902de0b81",
|
|
"observed-data--5720b52f-2f20-46bb-9cc8-4f9a02de0b81",
|
|
"url--5720b52f-2f20-46bb-9cc8-4f9a02de0b81",
|
|
"indicator--5720b52f-caf8-4755-b719-4af602de0b81",
|
|
"indicator--5720b530-40a8-41bc-a1df-404a02de0b81",
|
|
"observed-data--5720b530-07fc-4add-af51-4e7602de0b81",
|
|
"url--5720b530-07fc-4add-af51-4e7602de0b81",
|
|
"indicator--5720b530-9e64-4933-adb4-443f02de0b81",
|
|
"indicator--5720b531-fc88-4145-a28e-40cf02de0b81",
|
|
"observed-data--5720b531-506c-4765-8c5a-49f102de0b81",
|
|
"url--5720b531-506c-4765-8c5a-49f102de0b81",
|
|
"indicator--5720b531-d090-4a06-b333-432902de0b81",
|
|
"indicator--5720b532-6a20-45c0-ac0d-483002de0b81",
|
|
"observed-data--5720b532-f964-48d5-b8d6-401702de0b81",
|
|
"url--5720b532-f964-48d5-b8d6-401702de0b81",
|
|
"indicator--5720b532-73cc-4163-a9b0-41f502de0b81",
|
|
"indicator--5720b533-1370-43bd-90ad-488e02de0b81",
|
|
"observed-data--5720b533-f350-482e-834d-4f2c02de0b81",
|
|
"url--5720b533-f350-482e-834d-4f2c02de0b81",
|
|
"indicator--5720b533-4fe0-4bdb-a29a-410202de0b81",
|
|
"indicator--5720b534-4fb0-484d-b8ea-48c502de0b81",
|
|
"observed-data--5720b534-a568-4333-9e6b-469d02de0b81",
|
|
"url--5720b534-a568-4333-9e6b-469d02de0b81",
|
|
"indicator--5720b534-ae28-4c34-8be9-4f8802de0b81",
|
|
"indicator--5720b535-d554-4028-938c-4fe002de0b81",
|
|
"observed-data--5720b535-1f88-4c34-b95a-413802de0b81",
|
|
"url--5720b535-1f88-4c34-b95a-413802de0b81",
|
|
"indicator--5720b536-a4b8-4131-80e6-4fe902de0b81",
|
|
"indicator--5720b536-a0a4-43fa-972b-4f7902de0b81",
|
|
"observed-data--5720b536-6fe4-4f1d-89fa-46f502de0b81",
|
|
"url--5720b536-6fe4-4f1d-89fa-46f502de0b81",
|
|
"indicator--5720b537-19b8-4f85-8415-4e1d02de0b81",
|
|
"indicator--5720b537-1548-4b25-b259-402b02de0b81",
|
|
"observed-data--5720b538-4d48-4153-9c68-4df302de0b81",
|
|
"url--5720b538-4d48-4153-9c68-4df302de0b81",
|
|
"indicator--5720b538-124c-4cdb-83c5-427f02de0b81",
|
|
"indicator--5720b539-b4fc-4922-b716-400b02de0b81",
|
|
"observed-data--5720b539-da44-4953-831b-485f02de0b81",
|
|
"url--5720b539-da44-4953-831b-485f02de0b81",
|
|
"indicator--5720b539-8138-4896-b280-494002de0b81",
|
|
"indicator--5720b53a-e834-4661-ba22-435402de0b81",
|
|
"observed-data--5720b53a-072c-420e-b28b-4f8702de0b81",
|
|
"url--5720b53a-072c-420e-b28b-4f8702de0b81",
|
|
"indicator--5720b53b-ca94-4788-9e48-43d402de0b81",
|
|
"indicator--5720b53b-8c54-43b3-8864-4d9802de0b81",
|
|
"observed-data--5720b53b-4bf4-48de-ae66-4e9b02de0b81",
|
|
"url--5720b53b-4bf4-48de-ae66-4e9b02de0b81",
|
|
"indicator--5720b53c-2538-41e4-a351-4fc602de0b81",
|
|
"indicator--5720b53c-7680-4ac5-891c-451c02de0b81",
|
|
"observed-data--5720b53d-76f4-4712-b487-42f602de0b81",
|
|
"url--5720b53d-76f4-4712-b487-42f602de0b81",
|
|
"indicator--5720b53d-8540-4f19-a44f-479802de0b81",
|
|
"indicator--5720b53d-ea08-41f5-8034-448202de0b81",
|
|
"observed-data--5720b53e-0db0-470f-aac6-45d602de0b81",
|
|
"url--5720b53e-0db0-470f-aac6-45d602de0b81",
|
|
"indicator--5720b53e-89b4-4883-a888-450602de0b81",
|
|
"indicator--5720b53f-2168-411d-90ca-4cb902de0b81",
|
|
"observed-data--5720b53f-2270-4608-a187-40cd02de0b81",
|
|
"url--5720b53f-2270-4608-a187-40cd02de0b81",
|
|
"indicator--5720b53f-8024-4eb4-abac-4cc002de0b81",
|
|
"indicator--5720b540-9ce8-4897-80c8-447502de0b81",
|
|
"observed-data--5720b540-949c-461a-a9ed-4f3602de0b81",
|
|
"url--5720b540-949c-461a-a9ed-4f3602de0b81",
|
|
"indicator--5720b541-b3e8-403c-bcc8-480702de0b81",
|
|
"indicator--5720b541-eed4-4439-bb6a-43d402de0b81",
|
|
"observed-data--5720b541-3a78-455c-aa3e-410d02de0b81",
|
|
"url--5720b541-3a78-455c-aa3e-410d02de0b81",
|
|
"indicator--5720b542-e3bc-4270-bd52-413102de0b81",
|
|
"indicator--5720b542-9c5c-4be6-a8a9-4f6602de0b81",
|
|
"observed-data--5720b543-be64-4e7e-ae40-4de702de0b81",
|
|
"url--5720b543-be64-4e7e-ae40-4de702de0b81",
|
|
"indicator--5720b543-6df4-4fab-a87e-4a7302de0b81",
|
|
"indicator--5720b543-3b64-4b2d-87ff-4f1002de0b81",
|
|
"observed-data--5720b544-513c-4577-8ec4-4fa002de0b81",
|
|
"url--5720b544-513c-4577-8ec4-4fa002de0b81",
|
|
"indicator--5720b544-022c-40e8-837f-4e6002de0b81",
|
|
"indicator--5720b545-2538-4908-a78e-463302de0b81",
|
|
"observed-data--5720b545-9c8c-4d4b-86ec-47de02de0b81",
|
|
"url--5720b545-9c8c-4d4b-86ec-47de02de0b81",
|
|
"indicator--5720b545-572c-4695-8d98-42c102de0b81",
|
|
"indicator--5720b546-a764-4a31-81dc-4f1302de0b81",
|
|
"observed-data--5720b546-0b64-4b6b-96ba-41ec02de0b81",
|
|
"url--5720b546-0b64-4b6b-96ba-41ec02de0b81",
|
|
"indicator--5720b547-d1e0-4803-bf62-411b02de0b81",
|
|
"indicator--5720b547-bbdc-4e9c-9e1a-4d7802de0b81",
|
|
"observed-data--5720b547-22f4-4118-b524-405d02de0b81",
|
|
"url--5720b547-22f4-4118-b524-405d02de0b81",
|
|
"indicator--5720b548-4fa4-4d43-b246-45f602de0b81",
|
|
"indicator--5720b548-b658-4fac-8b75-4fbc02de0b81",
|
|
"observed-data--5720b549-f794-4310-b0aa-4eee02de0b81",
|
|
"url--5720b549-f794-4310-b0aa-4eee02de0b81",
|
|
"indicator--5720b549-dd80-491a-b61f-41b202de0b81",
|
|
"indicator--5720b54a-3728-48c0-8f2c-431f02de0b81",
|
|
"observed-data--5720b54a-fb1c-47dc-a5bf-4a1502de0b81",
|
|
"url--5720b54a-fb1c-47dc-a5bf-4a1502de0b81",
|
|
"indicator--5720b54a-277c-47fa-850f-472602de0b81",
|
|
"indicator--5720b54b-ef3c-428d-88b7-415302de0b81",
|
|
"observed-data--5720b54b-4a00-4913-ad8b-402f02de0b81",
|
|
"url--5720b54b-4a00-4913-ad8b-402f02de0b81",
|
|
"indicator--5720b54c-117c-4a43-be9a-454702de0b81",
|
|
"indicator--5720b54c-8810-4af4-9c30-40b802de0b81",
|
|
"observed-data--5720b54c-b7c8-41cb-a2b0-43b002de0b81",
|
|
"url--5720b54c-b7c8-41cb-a2b0-43b002de0b81",
|
|
"indicator--5720b54d-235c-45b2-9eaa-4a9202de0b81",
|
|
"indicator--5720b54d-79b0-4ef6-8f9a-4eca02de0b81",
|
|
"observed-data--5720b54e-052c-4837-a75b-4acd02de0b81",
|
|
"url--5720b54e-052c-4837-a75b-4acd02de0b81",
|
|
"indicator--5720b54e-0e80-4861-a9c9-4d6402de0b81",
|
|
"indicator--5720b54e-e214-4079-a8e0-48d202de0b81",
|
|
"observed-data--5720b54f-fb88-4d91-a7a5-4be802de0b81",
|
|
"url--5720b54f-fb88-4d91-a7a5-4be802de0b81",
|
|
"indicator--5720b54f-b8d4-4406-90b4-455a02de0b81",
|
|
"indicator--5720b550-b67c-4c11-86cb-45b702de0b81",
|
|
"observed-data--5720b550-1c64-421f-b7b3-4c0902de0b81",
|
|
"url--5720b550-1c64-421f-b7b3-4c0902de0b81",
|
|
"indicator--5720b551-badc-4a2c-90d8-451402de0b81",
|
|
"indicator--5720b551-0bb0-493d-9a03-4d6502de0b81",
|
|
"observed-data--5720b551-5a64-4cf3-be9c-44ab02de0b81",
|
|
"url--5720b551-5a64-4cf3-be9c-44ab02de0b81",
|
|
"indicator--5720b552-e6c8-481e-a99b-444f02de0b81",
|
|
"indicator--5720b552-0370-460e-b115-42d502de0b81",
|
|
"observed-data--5720b553-a7ec-4e77-a05d-46fa02de0b81",
|
|
"url--5720b553-a7ec-4e77-a05d-46fa02de0b81",
|
|
"indicator--5720b553-1d84-43bb-a321-462602de0b81",
|
|
"indicator--5720b553-cef8-4bb0-a18e-44da02de0b81",
|
|
"observed-data--5720b554-7100-4032-9631-44f402de0b81",
|
|
"url--5720b554-7100-4032-9631-44f402de0b81",
|
|
"indicator--5720b554-49dc-485d-8e60-414402de0b81",
|
|
"indicator--5720b555-38d8-4a05-9f09-47a902de0b81",
|
|
"observed-data--5720b555-1204-4363-82d3-44f102de0b81",
|
|
"url--5720b555-1204-4363-82d3-44f102de0b81",
|
|
"indicator--5720b555-43a4-40e8-a704-4fc202de0b81",
|
|
"indicator--5720b556-f670-42e0-b712-40e402de0b81",
|
|
"observed-data--5720b556-99dc-4ed2-95c9-436102de0b81",
|
|
"url--5720b556-99dc-4ed2-95c9-436102de0b81",
|
|
"indicator--5720b557-bf84-4061-aec0-491902de0b81",
|
|
"indicator--5720b557-bc80-4b9f-8433-41ec02de0b81",
|
|
"observed-data--5720b558-044c-44e5-ac7f-436902de0b81",
|
|
"url--5720b558-044c-44e5-ac7f-436902de0b81",
|
|
"indicator--5720b558-7354-48ec-b01c-416e02de0b81",
|
|
"indicator--5720b558-0980-4aa3-a322-474202de0b81",
|
|
"observed-data--5720b559-9730-4196-bdb5-47e302de0b81",
|
|
"url--5720b559-9730-4196-bdb5-47e302de0b81",
|
|
"indicator--5720b559-488c-4b56-ba5e-456c02de0b81",
|
|
"indicator--5720b55a-76a4-4a01-bb6f-43da02de0b81",
|
|
"observed-data--5720b55a-d018-4646-a8ae-422f02de0b81",
|
|
"url--5720b55a-d018-4646-a8ae-422f02de0b81",
|
|
"indicator--5720b55a-611c-4464-8149-412002de0b81",
|
|
"indicator--5720b55b-5160-425b-8fe4-443302de0b81",
|
|
"observed-data--5720b55b-74e0-4c83-9983-4df002de0b81",
|
|
"url--5720b55b-74e0-4c83-9983-4df002de0b81",
|
|
"indicator--5720b55c-18a4-4a18-a1ab-435802de0b81",
|
|
"indicator--5720b55c-2c74-426d-b517-498902de0b81",
|
|
"observed-data--5720b55c-6130-4a54-9669-4be402de0b81",
|
|
"url--5720b55c-6130-4a54-9669-4be402de0b81",
|
|
"indicator--5720b55d-3cb4-4e6c-a013-4d8702de0b81",
|
|
"indicator--5720b55d-bbc0-4cef-8db4-4fc302de0b81",
|
|
"observed-data--5720b55e-9cc0-4b09-800e-422702de0b81",
|
|
"url--5720b55e-9cc0-4b09-800e-422702de0b81",
|
|
"indicator--5720b55e-80b8-4b37-8a22-4a9302de0b81",
|
|
"indicator--5720b55f-561c-4b29-9ede-461b02de0b81",
|
|
"observed-data--5720b55f-a320-408b-90d6-4fa302de0b81",
|
|
"url--5720b55f-a320-408b-90d6-4fa302de0b81",
|
|
"indicator--5720b55f-5250-4dbe-873e-494002de0b81",
|
|
"indicator--5720b560-d52c-4b85-bd76-4e3302de0b81",
|
|
"observed-data--5720b560-aa50-42a8-a7c4-49a502de0b81",
|
|
"url--5720b560-aa50-42a8-a7c4-49a502de0b81",
|
|
"indicator--5720b561-b374-45dd-95b6-451c02de0b81",
|
|
"indicator--5720b561-b178-4782-bc22-449302de0b81",
|
|
"observed-data--5720b561-e24c-462b-a9d8-47f002de0b81",
|
|
"url--5720b561-e24c-462b-a9d8-47f002de0b81",
|
|
"indicator--5720b562-7bf0-45ee-a00a-45e002de0b81",
|
|
"indicator--5720b562-c324-447c-b62d-44c802de0b81",
|
|
"observed-data--5720b563-e0d4-4cd1-b0d7-462402de0b81",
|
|
"url--5720b563-e0d4-4cd1-b0d7-462402de0b81",
|
|
"indicator--5720b563-512c-42e0-949e-479302de0b81",
|
|
"indicator--5720b564-160c-4e78-a5e7-418702de0b81",
|
|
"observed-data--5720b564-51ec-4463-8057-49a402de0b81",
|
|
"url--5720b564-51ec-4463-8057-49a402de0b81",
|
|
"indicator--5720b564-ad34-42e1-877f-4cc902de0b81",
|
|
"indicator--5720b565-4e24-47ef-9890-428c02de0b81",
|
|
"observed-data--5720b565-79d4-4414-9ddf-43cd02de0b81",
|
|
"url--5720b565-79d4-4414-9ddf-43cd02de0b81",
|
|
"indicator--5720b566-cbac-4a9c-b23f-464702de0b81",
|
|
"indicator--5720b566-fdc8-4fcd-9d61-474d02de0b81",
|
|
"observed-data--5720b566-7d40-4a4a-ac5d-476f02de0b81",
|
|
"url--5720b566-7d40-4a4a-ac5d-476f02de0b81",
|
|
"indicator--5720b567-56ac-4bfc-a8d9-4d8a02de0b81",
|
|
"indicator--5720b567-f60c-420d-bce1-42cf02de0b81",
|
|
"observed-data--5720b568-3548-4bab-aea2-40b902de0b81",
|
|
"url--5720b568-3548-4bab-aea2-40b902de0b81",
|
|
"indicator--5720b568-e064-45f3-9691-4b8e02de0b81",
|
|
"indicator--5720b568-4228-4763-a273-436702de0b81",
|
|
"observed-data--5720b569-8978-4eee-94be-48aa02de0b81",
|
|
"url--5720b569-8978-4eee-94be-48aa02de0b81",
|
|
"indicator--5720b569-fc0c-47e9-896a-495f02de0b81",
|
|
"indicator--5720b56a-154c-425d-9dac-4c1002de0b81",
|
|
"observed-data--5720b56a-1fbc-4488-a37b-481002de0b81",
|
|
"url--5720b56a-1fbc-4488-a37b-481002de0b81",
|
|
"indicator--5720b56b-b1ac-4b2b-8d3f-42f102de0b81",
|
|
"indicator--5720b56b-a610-48fe-a05d-4aaf02de0b81",
|
|
"observed-data--5720b56b-1720-45c0-a529-4c1902de0b81",
|
|
"url--5720b56b-1720-45c0-a529-4c1902de0b81",
|
|
"indicator--5720b56c-579c-4496-9762-44a302de0b81",
|
|
"indicator--5720b56c-7780-4dd9-9880-434102de0b81",
|
|
"observed-data--5720b56d-21ec-4fed-9094-456c02de0b81",
|
|
"url--5720b56d-21ec-4fed-9094-456c02de0b81",
|
|
"indicator--5720b56d-2fc8-4c80-91b6-4bf902de0b81",
|
|
"indicator--5720b56d-a7f4-4114-9456-416002de0b81",
|
|
"observed-data--5720b56e-2d0c-47d6-9f9a-45a802de0b81",
|
|
"url--5720b56e-2d0c-47d6-9f9a-45a802de0b81",
|
|
"indicator--5720b56e-bb30-46aa-ae28-476702de0b81",
|
|
"indicator--5720b56f-b7d8-4028-b5dd-43ab02de0b81",
|
|
"observed-data--5720b56f-15c4-463a-a5b4-452902de0b81",
|
|
"url--5720b56f-15c4-463a-a5b4-452902de0b81",
|
|
"indicator--5720b570-4d88-40f1-a4b2-473302de0b81",
|
|
"indicator--5720b570-f0cc-4ec2-9fef-4e5002de0b81",
|
|
"observed-data--5720b570-1474-48d8-a285-478202de0b81",
|
|
"url--5720b570-1474-48d8-a285-478202de0b81",
|
|
"indicator--5720b571-f8f4-411d-b01e-449e02de0b81",
|
|
"indicator--5720b571-bb58-4fd1-9c74-480d02de0b81",
|
|
"observed-data--5720b572-56ac-4982-a342-49b102de0b81",
|
|
"url--5720b572-56ac-4982-a342-49b102de0b81",
|
|
"indicator--5720b572-57cc-4636-a33a-4f4a02de0b81",
|
|
"indicator--5720b572-a02c-4066-825c-476f02de0b81",
|
|
"observed-data--5720b573-a048-4e81-9cd7-462402de0b81",
|
|
"url--5720b573-a048-4e81-9cd7-462402de0b81",
|
|
"indicator--5720b573-7c5c-4431-a383-4f3e02de0b81",
|
|
"indicator--5720b574-fd18-4fea-9bf0-499002de0b81",
|
|
"observed-data--5720b574-88dc-49d0-944f-4d6502de0b81",
|
|
"url--5720b574-88dc-49d0-944f-4d6502de0b81",
|
|
"indicator--5720b574-30c8-4380-a5d0-411f02de0b81",
|
|
"indicator--5720b575-c87c-421c-8fff-488a02de0b81",
|
|
"observed-data--5720b575-b154-4101-9b82-4a6602de0b81",
|
|
"url--5720b575-b154-4101-9b82-4a6602de0b81",
|
|
"indicator--5720b576-63f0-48ab-8985-44de02de0b81",
|
|
"indicator--5720b576-92ec-49a3-8ec3-413802de0b81",
|
|
"observed-data--5720b577-21f0-48e2-a410-456e02de0b81",
|
|
"url--5720b577-21f0-48e2-a410-456e02de0b81",
|
|
"indicator--5720b577-ddc8-4e53-a508-4fc802de0b81",
|
|
"indicator--5720b577-528c-4314-ade7-44c002de0b81",
|
|
"observed-data--5720b578-b1dc-4390-a772-4d3002de0b81",
|
|
"url--5720b578-b1dc-4390-a772-4d3002de0b81",
|
|
"indicator--5720b578-4f84-4326-af70-47a902de0b81",
|
|
"indicator--5720b579-d314-4029-92ca-4a8e02de0b81",
|
|
"observed-data--5720b579-25e4-4d26-a626-45b702de0b81",
|
|
"url--5720b579-25e4-4d26-a626-45b702de0b81",
|
|
"indicator--5720b579-6b04-4d0a-9a00-4bda02de0b81",
|
|
"indicator--5720b57a-278c-467f-886d-4a1f02de0b81",
|
|
"observed-data--5720b57a-13e0-4fa5-aa9e-45f502de0b81",
|
|
"url--5720b57a-13e0-4fa5-aa9e-45f502de0b81",
|
|
"indicator--5720b57b-3ee8-464a-bf80-456c02de0b81",
|
|
"indicator--5720b57b-cf04-4c5f-a31e-417202de0b81",
|
|
"observed-data--5720b57c-74ec-4a83-8a23-437c02de0b81",
|
|
"url--5720b57c-74ec-4a83-8a23-437c02de0b81",
|
|
"indicator--5720b57c-f414-4d34-9406-4c3302de0b81",
|
|
"indicator--5720b57c-2d5c-4fe5-8d5f-40ff02de0b81",
|
|
"observed-data--5720b57d-5168-43a6-a9cb-4ace02de0b81",
|
|
"url--5720b57d-5168-43a6-a9cb-4ace02de0b81",
|
|
"indicator--5720b57d-2110-4b57-b49e-41f102de0b81",
|
|
"indicator--5720b57e-674c-4be6-a3d5-40e402de0b81",
|
|
"observed-data--5720b57e-16e8-4827-a729-437f02de0b81",
|
|
"url--5720b57e-16e8-4827-a729-437f02de0b81",
|
|
"indicator--5720b57e-0590-4bb5-ab26-47c002de0b81",
|
|
"indicator--5720b57f-312c-4d90-827d-43dc02de0b81",
|
|
"observed-data--5720b57f-60f8-431a-a089-4fa902de0b81",
|
|
"url--5720b57f-60f8-431a-a089-4fa902de0b81",
|
|
"indicator--5720b580-6750-400d-b41f-407402de0b81",
|
|
"indicator--5720b580-dfc4-4d85-97a3-4e8b02de0b81",
|
|
"observed-data--5720b580-2e64-419c-ba86-4fc102de0b81",
|
|
"url--5720b580-2e64-419c-ba86-4fc102de0b81",
|
|
"indicator--5720b581-32ec-45ca-bd4e-4aa602de0b81",
|
|
"indicator--5720b581-5910-49a1-aba8-487602de0b81",
|
|
"observed-data--5720b582-d21c-41b2-a5a6-4e0602de0b81",
|
|
"url--5720b582-d21c-41b2-a5a6-4e0602de0b81",
|
|
"indicator--5720b582-c674-409e-9701-444002de0b81",
|
|
"indicator--5720b583-d014-4c4b-9ff1-473002de0b81",
|
|
"observed-data--5720b583-5f8c-4fb0-a9da-4d6c02de0b81",
|
|
"url--5720b583-5f8c-4fb0-a9da-4d6c02de0b81",
|
|
"indicator--5720b583-da4c-46e1-80db-477a02de0b81",
|
|
"indicator--5720b584-2b28-4dbe-8217-4dc702de0b81",
|
|
"observed-data--5720b584-95cc-4396-8940-4daf02de0b81",
|
|
"url--5720b584-95cc-4396-8940-4daf02de0b81",
|
|
"indicator--5720b585-2734-445e-8847-457902de0b81",
|
|
"indicator--5720b585-9064-4ef3-8174-40ed02de0b81",
|
|
"observed-data--5720b585-ed54-4213-858b-4cb602de0b81",
|
|
"url--5720b585-ed54-4213-858b-4cb602de0b81",
|
|
"indicator--5720b586-2120-4d12-bf61-4ce702de0b81",
|
|
"indicator--5720b586-76ec-48db-b812-4ea302de0b81",
|
|
"observed-data--5720b587-3bdc-4a56-bb0e-49d602de0b81",
|
|
"url--5720b587-3bdc-4a56-bb0e-49d602de0b81",
|
|
"indicator--5720b587-91c0-476b-8c6a-4cbe02de0b81",
|
|
"indicator--5720b588-21a4-42b6-8527-450202de0b81",
|
|
"observed-data--5720b588-bd48-4728-a2af-4d2102de0b81",
|
|
"url--5720b588-bd48-4728-a2af-4d2102de0b81",
|
|
"indicator--5720b588-6800-4f5a-ae5d-4f7a02de0b81",
|
|
"indicator--5720b589-a6c0-4c15-8e12-456002de0b81",
|
|
"observed-data--5720b589-12e0-4651-a241-4c1902de0b81",
|
|
"url--5720b589-12e0-4651-a241-4c1902de0b81",
|
|
"indicator--5720b58a-4954-444b-9775-47fc02de0b81",
|
|
"indicator--5720b58a-2ae4-4423-98dd-48ee02de0b81",
|
|
"observed-data--5720b58a-7218-49da-b0d0-48af02de0b81",
|
|
"url--5720b58a-7218-49da-b0d0-48af02de0b81",
|
|
"indicator--5720b58b-daa0-482c-8f4e-4ad202de0b81",
|
|
"indicator--5720b58b-84cc-4c83-91ff-449f02de0b81",
|
|
"observed-data--5720b58c-da34-43d9-a992-47fe02de0b81",
|
|
"url--5720b58c-da34-43d9-a992-47fe02de0b81",
|
|
"indicator--5720b58c-9fb4-4997-ad36-4ae602de0b81",
|
|
"indicator--5720b58d-30bc-4b1b-9ec5-4ac802de0b81",
|
|
"observed-data--5720b58d-be50-4045-b187-4c3402de0b81",
|
|
"url--5720b58d-be50-4045-b187-4c3402de0b81",
|
|
"indicator--5720b58d-a530-4d80-a39b-459002de0b81",
|
|
"indicator--5720b58e-3468-48b5-acdc-461f02de0b81",
|
|
"observed-data--5720b58e-2020-4079-8e42-4d1b02de0b81",
|
|
"url--5720b58e-2020-4079-8e42-4d1b02de0b81",
|
|
"indicator--5720b58f-77bc-433c-b88f-4aaa02de0b81",
|
|
"indicator--5720b58f-0884-49d7-8917-4a6802de0b81",
|
|
"observed-data--5720b58f-8998-4e89-b23c-467e02de0b81",
|
|
"url--5720b58f-8998-4e89-b23c-467e02de0b81",
|
|
"indicator--5720b590-afcc-486c-8701-4f7902de0b81",
|
|
"indicator--5720b590-1600-4e38-b625-4d1702de0b81",
|
|
"observed-data--5720b591-b1b8-4c00-88e4-412b02de0b81",
|
|
"url--5720b591-b1b8-4c00-88e4-412b02de0b81",
|
|
"indicator--5720b591-37a0-43da-9f6d-4a8302de0b81",
|
|
"indicator--5720b591-e954-4fe0-8366-4e9902de0b81",
|
|
"observed-data--5720b592-ed04-4326-a59d-457402de0b81",
|
|
"url--5720b592-ed04-4326-a59d-457402de0b81",
|
|
"indicator--5720b592-558c-42f2-8aa5-450902de0b81",
|
|
"indicator--5720b593-5248-4776-8f75-442c02de0b81",
|
|
"observed-data--5720b593-758c-4a69-a992-4df002de0b81",
|
|
"url--5720b593-758c-4a69-a992-4df002de0b81",
|
|
"indicator--5720b594-e428-4e99-b857-47fc02de0b81",
|
|
"indicator--5720b594-b7d8-4676-b93b-455e02de0b81",
|
|
"observed-data--5720b594-6214-4db8-8d35-40e702de0b81",
|
|
"url--5720b594-6214-4db8-8d35-40e702de0b81",
|
|
"indicator--5720b595-8c48-4331-a8ea-433202de0b81",
|
|
"indicator--5720b595-595c-4768-90de-4f8e02de0b81",
|
|
"observed-data--5720b596-3a88-487c-acae-487002de0b81",
|
|
"url--5720b596-3a88-487c-acae-487002de0b81",
|
|
"indicator--5720b596-60c4-43bf-a3fc-448002de0b81",
|
|
"indicator--5720b596-d524-40c7-91e6-409802de0b81",
|
|
"observed-data--5720b597-8fe8-4e4f-bb14-4f7602de0b81",
|
|
"url--5720b597-8fe8-4e4f-bb14-4f7602de0b81",
|
|
"indicator--5720b597-1230-4975-a9cb-456d02de0b81",
|
|
"indicator--5720b598-2440-45a6-81b8-458802de0b81",
|
|
"observed-data--5720b598-3aa0-4ccf-985d-49cd02de0b81",
|
|
"url--5720b598-3aa0-4ccf-985d-49cd02de0b81",
|
|
"indicator--5720b599-21c8-4dc4-abb6-4b7002de0b81",
|
|
"indicator--5720b599-43f0-4194-915f-464902de0b81",
|
|
"observed-data--5720b599-c7e0-4149-aae5-4f2602de0b81",
|
|
"url--5720b599-c7e0-4149-aae5-4f2602de0b81",
|
|
"indicator--5720b59a-aaec-4f82-8124-4a0b02de0b81",
|
|
"indicator--5720b59a-4554-401f-b16b-474502de0b81",
|
|
"observed-data--5720b59b-3bac-47cb-b8bd-4ccf02de0b81",
|
|
"url--5720b59b-3bac-47cb-b8bd-4ccf02de0b81",
|
|
"indicator--5720b59b-1418-4fd7-b597-424302de0b81",
|
|
"indicator--5720b59b-b588-4b90-873f-40bd02de0b81",
|
|
"observed-data--5720b59c-c300-43ae-a55b-4cfb02de0b81",
|
|
"url--5720b59c-c300-43ae-a55b-4cfb02de0b81",
|
|
"indicator--5720b59c-d7e4-45e5-84ef-4a9d02de0b81",
|
|
"indicator--5720b59d-29ec-47fe-a4e6-452d02de0b81",
|
|
"observed-data--5720b59d-4e38-451b-9590-435902de0b81",
|
|
"url--5720b59d-4e38-451b-9590-435902de0b81",
|
|
"indicator--5720b59d-444c-4079-8c01-4b6702de0b81",
|
|
"indicator--5720b59e-5e4c-46ab-a7e9-4a7002de0b81",
|
|
"observed-data--5720b59e-970c-4066-b39e-499b02de0b81",
|
|
"url--5720b59e-970c-4066-b39e-499b02de0b81",
|
|
"indicator--5720b59f-e200-430a-8a02-41c502de0b81",
|
|
"indicator--5720b59f-5f6c-4375-b128-47ff02de0b81",
|
|
"observed-data--5720b5a0-37e4-4fed-bb95-492c02de0b81",
|
|
"url--5720b5a0-37e4-4fed-bb95-492c02de0b81",
|
|
"indicator--5720b5a0-e440-481b-8d93-480402de0b81",
|
|
"indicator--5720b5a0-82d0-41db-bd48-44b702de0b81",
|
|
"observed-data--5720b5a1-ca38-47e0-aca8-442502de0b81",
|
|
"url--5720b5a1-ca38-47e0-aca8-442502de0b81",
|
|
"indicator--5720b5a1-a980-4e8d-8437-493502de0b81",
|
|
"indicator--5720b5a2-5a98-4919-9789-461a02de0b81",
|
|
"observed-data--5720b5a2-97ec-4f4f-bc22-47a202de0b81",
|
|
"url--5720b5a2-97ec-4f4f-bc22-47a202de0b81",
|
|
"indicator--5720b5a2-41f0-4a12-b2e6-4f9302de0b81",
|
|
"indicator--5720b5a3-b378-4ba7-b584-498e02de0b81",
|
|
"observed-data--5720b5a3-82dc-4eda-88f2-402f02de0b81",
|
|
"url--5720b5a3-82dc-4eda-88f2-402f02de0b81",
|
|
"indicator--5720b5a4-ec6c-45b6-a804-469102de0b81",
|
|
"indicator--5720b5a4-ae3c-4a99-9cae-4c5502de0b81",
|
|
"observed-data--5720b5a4-e4f4-445f-8198-41c502de0b81",
|
|
"url--5720b5a4-e4f4-445f-8198-41c502de0b81",
|
|
"indicator--5720b5a5-c6bc-481e-8261-495802de0b81",
|
|
"indicator--5720b5a5-a6bc-41b1-bcde-48be02de0b81",
|
|
"observed-data--5720b5a6-3658-4dd6-891a-44ea02de0b81",
|
|
"url--5720b5a6-3658-4dd6-891a-44ea02de0b81",
|
|
"indicator--5720b5a6-e1ec-4954-8ecb-4c3002de0b81",
|
|
"indicator--5720b5a7-9724-4366-a3c6-4a9902de0b81",
|
|
"observed-data--5720b5a7-c1cc-445e-9812-4ed802de0b81",
|
|
"url--5720b5a7-c1cc-445e-9812-4ed802de0b81",
|
|
"indicator--5720b5a7-5578-4a2d-be28-425402de0b81",
|
|
"indicator--5720b5a8-b954-40d1-a702-4d2d02de0b81",
|
|
"observed-data--5720b5a8-7a38-42bd-a1bf-4e5102de0b81",
|
|
"url--5720b5a8-7a38-42bd-a1bf-4e5102de0b81",
|
|
"indicator--5720b5a9-53c8-4adc-949f-412d02de0b81",
|
|
"indicator--5720b5a9-a91c-4241-af4e-428b02de0b81",
|
|
"observed-data--5720b5aa-983c-49dc-8542-47df02de0b81",
|
|
"url--5720b5aa-983c-49dc-8542-47df02de0b81",
|
|
"indicator--5720b5aa-3638-4647-adc9-490902de0b81",
|
|
"indicator--5720b5ab-6664-4edb-9e21-420402de0b81",
|
|
"observed-data--5720b5ab-1dec-4b04-aedd-418702de0b81",
|
|
"url--5720b5ab-1dec-4b04-aedd-418702de0b81",
|
|
"indicator--5720b5ac-5310-4954-997f-4df802de0b81",
|
|
"indicator--5720b5ac-e870-4351-bdbd-4dcf02de0b81",
|
|
"observed-data--5720b5ac-b66c-4bdf-8fed-4aa902de0b81",
|
|
"url--5720b5ac-b66c-4bdf-8fed-4aa902de0b81",
|
|
"indicator--5720b5ad-5adc-4951-b587-447102de0b81",
|
|
"indicator--5720b5ad-310c-4f96-8313-496102de0b81",
|
|
"observed-data--5720b5ad-4318-4e49-87b3-449d02de0b81",
|
|
"url--5720b5ad-4318-4e49-87b3-449d02de0b81",
|
|
"indicator--5720b5ae-6220-47d8-9b89-49b902de0b81",
|
|
"indicator--5720b5ae-c0c8-4675-9577-4bf202de0b81",
|
|
"observed-data--5720b5ae-e9d0-4524-9b0e-477202de0b81",
|
|
"url--5720b5ae-e9d0-4524-9b0e-477202de0b81",
|
|
"indicator--5720b5af-3bbc-4272-a1ac-472502de0b81",
|
|
"indicator--5720b5af-18e0-4915-a034-4ca602de0b81",
|
|
"observed-data--5720b5af-fe8c-41bf-a823-4f9602de0b81",
|
|
"url--5720b5af-fe8c-41bf-a823-4f9602de0b81",
|
|
"indicator--5720b5af-431c-431d-8384-413502de0b81",
|
|
"indicator--5720b5b0-9e24-491b-958a-4d6a02de0b81",
|
|
"observed-data--5720b5b0-6a70-4586-88cd-4f8d02de0b81",
|
|
"url--5720b5b0-6a70-4586-88cd-4f8d02de0b81",
|
|
"indicator--5720b5b0-c080-421f-be13-44d102de0b81",
|
|
"indicator--5720b5b1-7be0-4a1c-8625-435402de0b81",
|
|
"observed-data--5720b5b1-0b48-4955-930f-447a02de0b81",
|
|
"url--5720b5b1-0b48-4955-930f-447a02de0b81",
|
|
"indicator--5720b5b1-3b6c-416b-97bf-46f402de0b81",
|
|
"indicator--5720b5b2-8834-4a17-b4d0-424202de0b81",
|
|
"observed-data--5720b5b2-528c-4919-8c00-406002de0b81",
|
|
"url--5720b5b2-528c-4919-8c00-406002de0b81",
|
|
"indicator--5720b5b3-6b00-4d61-a97c-482a02de0b81",
|
|
"indicator--5720b5b3-4290-447f-bd37-4f2b02de0b81",
|
|
"observed-data--5720b5b3-95fc-4522-92d9-412102de0b81",
|
|
"url--5720b5b3-95fc-4522-92d9-412102de0b81",
|
|
"indicator--5720b5b4-3ca4-4553-81fb-460502de0b81",
|
|
"indicator--5720b5b5-791c-4eeb-9dd4-429b02de0b81",
|
|
"observed-data--5720b5b6-d314-459b-a632-43ab02de0b81",
|
|
"url--5720b5b6-d314-459b-a632-43ab02de0b81",
|
|
"indicator--5720b5b7-221c-4dc6-a2f1-4ecf02de0b81",
|
|
"indicator--5720b5b7-84bc-42c0-99aa-429602de0b81",
|
|
"observed-data--5720b5b8-ae40-4b3c-97bb-409b02de0b81",
|
|
"url--5720b5b8-ae40-4b3c-97bb-409b02de0b81",
|
|
"indicator--5720b5b9-f2a0-49cb-9ca5-471b02de0b81",
|
|
"indicator--5720b5b9-075c-4ce6-ab6f-423702de0b81",
|
|
"observed-data--5720b5ba-dc4c-4357-8154-41bb02de0b81",
|
|
"url--5720b5ba-dc4c-4357-8154-41bb02de0b81",
|
|
"indicator--5720b5ba-9c08-414a-81c5-4dae02de0b81",
|
|
"indicator--5720b5ba-cd10-4a59-8f66-4da202de0b81",
|
|
"observed-data--5720b5bb-3d28-47b8-93cc-42c802de0b81",
|
|
"url--5720b5bb-3d28-47b8-93cc-42c802de0b81",
|
|
"indicator--5720b5bb-b3d4-4050-9da7-4eb102de0b81",
|
|
"indicator--5720b5bb-1bb8-4563-93cd-451c02de0b81",
|
|
"observed-data--5720b5bc-0274-4f1a-8a5a-440b02de0b81",
|
|
"url--5720b5bc-0274-4f1a-8a5a-440b02de0b81",
|
|
"indicator--5720b5bc-b7d8-4db2-97d9-46a202de0b81",
|
|
"indicator--5720b5bc-5074-435e-aac1-44aa02de0b81",
|
|
"observed-data--5720b5bd-2e0c-4c28-a940-44e202de0b81",
|
|
"url--5720b5bd-2e0c-4c28-a940-44e202de0b81",
|
|
"indicator--5720b5bd-c838-4448-b74f-4d4902de0b81",
|
|
"indicator--5720b5bd-ade4-475c-b743-4c8902de0b81",
|
|
"observed-data--5720b5be-20cc-4d72-99e7-4a5302de0b81",
|
|
"url--5720b5be-20cc-4d72-99e7-4a5302de0b81",
|
|
"indicator--5720b5be-7dcc-4c34-b9f7-474502de0b81",
|
|
"indicator--5720b5be-95f4-4145-a629-4cf002de0b81",
|
|
"observed-data--5720b5bf-10a8-44c0-bc01-4f5402de0b81",
|
|
"url--5720b5bf-10a8-44c0-bc01-4f5402de0b81",
|
|
"indicator--5720b5bf-d4c8-4331-acd5-4d5c02de0b81",
|
|
"indicator--5720b5bf-872c-4c5e-800c-43ab02de0b81",
|
|
"observed-data--5720b5c0-1364-475c-97db-416f02de0b81",
|
|
"url--5720b5c0-1364-475c-97db-416f02de0b81",
|
|
"indicator--5720b5c0-2f20-4bf4-b736-415102de0b81",
|
|
"indicator--5720b5c0-8518-4704-b63e-4c7302de0b81",
|
|
"observed-data--5720b5c1-73e8-4de8-9ed8-4d9e02de0b81",
|
|
"url--5720b5c1-73e8-4de8-9ed8-4d9e02de0b81",
|
|
"indicator--5720b5c1-fd18-4b9c-b41e-472102de0b81",
|
|
"indicator--5720b5c2-30a8-4bc0-8a0a-4c4802de0b81",
|
|
"observed-data--5720b5c2-2dc8-4025-a1c6-4a0102de0b81",
|
|
"url--5720b5c2-2dc8-4025-a1c6-4a0102de0b81",
|
|
"indicator--5720b5c2-fe00-462e-a9c8-412502de0b81",
|
|
"indicator--5720b5c3-e3e8-4787-b9ba-408402de0b81",
|
|
"observed-data--5720b5c3-46e8-410e-a3c2-45e302de0b81",
|
|
"url--5720b5c3-46e8-410e-a3c2-45e302de0b81",
|
|
"indicator--5720b5c4-d648-487e-ab4e-485e02de0b81",
|
|
"indicator--5720b5c4-08c8-4d04-a96b-46c902de0b81",
|
|
"observed-data--5720b5c4-8980-4392-bcf1-418202de0b81",
|
|
"url--5720b5c4-8980-4392-bcf1-418202de0b81",
|
|
"indicator--5720b5c5-946c-4ac9-9741-4d4002de0b81",
|
|
"indicator--5720b5c5-df24-4558-93b5-423d02de0b81",
|
|
"observed-data--5720b5c6-3d98-49b7-871f-4ce702de0b81",
|
|
"url--5720b5c6-3d98-49b7-871f-4ce702de0b81",
|
|
"indicator--5720b5c6-5fc8-41ed-ab6d-473202de0b81",
|
|
"indicator--5720b5c6-67cc-42c7-bc82-401902de0b81",
|
|
"observed-data--5720b5c7-3ffc-4edc-a152-421902de0b81",
|
|
"url--5720b5c7-3ffc-4edc-a152-421902de0b81",
|
|
"indicator--5720b5c7-5364-4cd6-9795-4a8602de0b81",
|
|
"indicator--5720b5c8-47ec-4b53-ae3b-4add02de0b81",
|
|
"observed-data--5720b5c8-6a54-4bd4-afe0-40ee02de0b81",
|
|
"url--5720b5c8-6a54-4bd4-afe0-40ee02de0b81",
|
|
"indicator--5720b5c9-e344-42ce-9338-446402de0b81",
|
|
"indicator--5720b5c9-5b70-4eda-ba34-4acc02de0b81",
|
|
"observed-data--5720b5ca-7ee8-48f1-85dc-4d4d02de0b81",
|
|
"url--5720b5ca-7ee8-48f1-85dc-4d4d02de0b81",
|
|
"indicator--5720b5ca-d9e8-4a29-921c-496602de0b81",
|
|
"indicator--5720b5ca-e004-4f3f-b590-413002de0b81",
|
|
"observed-data--5720b5cb-93d8-4aa3-9e3c-434202de0b81",
|
|
"url--5720b5cb-93d8-4aa3-9e3c-434202de0b81",
|
|
"indicator--5720b5cb-57e4-40ba-ae63-4a1502de0b81",
|
|
"indicator--5720b5cc-db90-4ef0-bc12-44b802de0b81",
|
|
"observed-data--5720b5cc-a96c-49a8-b136-4c0102de0b81",
|
|
"url--5720b5cc-a96c-49a8-b136-4c0102de0b81",
|
|
"indicator--5720b5cc-a0a4-4bcc-b8f9-46fb02de0b81",
|
|
"indicator--5720b5cd-bf64-4580-a0f0-482702de0b81",
|
|
"observed-data--5720b5cd-1b60-43fa-b6ef-4f7702de0b81",
|
|
"url--5720b5cd-1b60-43fa-b6ef-4f7702de0b81",
|
|
"indicator--5720b5ce-9dd4-4dd3-9de8-4cd502de0b81",
|
|
"indicator--5720b5ce-7f54-42c9-8b03-4fa202de0b81",
|
|
"observed-data--5720b5cf-be14-4054-96b7-43b002de0b81",
|
|
"url--5720b5cf-be14-4054-96b7-43b002de0b81",
|
|
"indicator--5720b5cf-d858-4512-a1a8-4fa202de0b81",
|
|
"indicator--5720b5cf-1150-4abd-922d-4cdd02de0b81",
|
|
"observed-data--5720b5d0-a010-4514-87a9-482e02de0b81",
|
|
"url--5720b5d0-a010-4514-87a9-482e02de0b81",
|
|
"indicator--5720b5d0-c114-4c7b-80fd-463902de0b81",
|
|
"indicator--5720b5d1-f2b0-42fd-9e6b-40b102de0b81",
|
|
"observed-data--5720b5d1-6cac-4603-9ef0-4b5402de0b81",
|
|
"url--5720b5d1-6cac-4603-9ef0-4b5402de0b81",
|
|
"indicator--5720b5d2-a950-4573-b49f-482302de0b81",
|
|
"indicator--5720b5d2-62b8-4db1-ad04-4cc302de0b81",
|
|
"observed-data--5720b5d2-995c-4add-8c4b-450e02de0b81",
|
|
"url--5720b5d2-995c-4add-8c4b-450e02de0b81",
|
|
"indicator--5720b5d3-52e8-4727-866e-4d0b02de0b81",
|
|
"indicator--5720b5d3-9d3c-4e60-aee8-4b2202de0b81",
|
|
"observed-data--5720b5d4-5040-4ec4-bc4a-42af02de0b81",
|
|
"url--5720b5d4-5040-4ec4-bc4a-42af02de0b81",
|
|
"indicator--5720b5d4-05b0-4833-a503-4cfa02de0b81",
|
|
"indicator--5720b5d4-0950-43b0-a0d8-4ff302de0b81",
|
|
"observed-data--5720b5d5-722c-4bf9-b87d-480702de0b81",
|
|
"url--5720b5d5-722c-4bf9-b87d-480702de0b81",
|
|
"indicator--5720b5d5-aefc-41ef-9292-404602de0b81",
|
|
"indicator--5720b5d6-fb54-49be-9d92-41c702de0b81",
|
|
"observed-data--5720b5d6-feb4-4287-a5dd-49fa02de0b81",
|
|
"url--5720b5d6-feb4-4287-a5dd-49fa02de0b81",
|
|
"indicator--5720b5d6-0504-40c9-9c1a-420b02de0b81",
|
|
"indicator--5720b5d7-dc1c-48d9-aabf-44ed02de0b81",
|
|
"observed-data--5720b5d7-a49c-4aa2-9240-493402de0b81",
|
|
"url--5720b5d7-a49c-4aa2-9240-493402de0b81",
|
|
"indicator--5720b5d8-5a7c-42df-8dcd-499602de0b81",
|
|
"indicator--5720b5d8-95b8-4bea-94f5-4d6302de0b81",
|
|
"observed-data--5720b5d9-8004-498d-bff2-407302de0b81",
|
|
"url--5720b5d9-8004-498d-bff2-407302de0b81",
|
|
"indicator--5720b5d9-4a50-46bd-b3d0-497202de0b81",
|
|
"indicator--5720b5d9-dad0-4e89-9241-4cdd02de0b81",
|
|
"observed-data--5720b5da-a11c-410b-9f08-455202de0b81",
|
|
"url--5720b5da-a11c-410b-9f08-455202de0b81",
|
|
"indicator--5720b5da-fae8-4a41-bc62-417802de0b81",
|
|
"indicator--5720b5db-f22c-470d-9ff8-411c02de0b81",
|
|
"observed-data--5720b5db-0eb8-4c83-b680-4d0202de0b81",
|
|
"url--5720b5db-0eb8-4c83-b680-4d0202de0b81",
|
|
"indicator--5720b5db-f034-42bd-83f5-439702de0b81",
|
|
"indicator--5720b5dc-49c4-4619-b210-487f02de0b81",
|
|
"observed-data--5720b5dc-c71c-42ef-ad13-40c802de0b81",
|
|
"url--5720b5dc-c71c-42ef-ad13-40c802de0b81",
|
|
"indicator--5720b5dd-4358-4eee-a4eb-40ba02de0b81",
|
|
"indicator--5720b5dd-160c-445d-8893-491502de0b81",
|
|
"observed-data--5720b5de-1ae0-432f-b9ea-442d02de0b81",
|
|
"url--5720b5de-1ae0-432f-b9ea-442d02de0b81",
|
|
"indicator--5720b5de-0490-41cd-8445-420a02de0b81",
|
|
"indicator--5720b5de-0da0-499a-902d-447402de0b81",
|
|
"observed-data--5720b5df-9348-47ba-a0a1-4ef002de0b81",
|
|
"url--5720b5df-9348-47ba-a0a1-4ef002de0b81",
|
|
"indicator--5720b5df-c340-41c4-8e79-4c1902de0b81",
|
|
"indicator--5720b5e0-429c-4ee3-a3c3-41ce02de0b81",
|
|
"observed-data--5720b5e0-a948-4f72-8242-4ea402de0b81",
|
|
"url--5720b5e0-a948-4f72-8242-4ea402de0b81",
|
|
"indicator--5720b5e0-6c18-44db-903c-402602de0b81",
|
|
"indicator--5720b5e1-81b4-4c4e-a8ce-433302de0b81",
|
|
"observed-data--5720b5e1-b004-4f3e-8b71-405602de0b81",
|
|
"url--5720b5e1-b004-4f3e-8b71-405602de0b81",
|
|
"indicator--5720b5e1-4c58-439e-a80f-469702de0b81",
|
|
"indicator--5720b5e2-96b4-4070-9963-431c02de0b81",
|
|
"observed-data--5720b5e2-13d0-48ba-91a5-450802de0b81",
|
|
"url--5720b5e2-13d0-48ba-91a5-450802de0b81",
|
|
"indicator--5720b5e2-1764-4c46-a8c3-4c6802de0b81",
|
|
"indicator--5720b5e3-3148-4a07-b308-4b9f02de0b81",
|
|
"observed-data--5720b5e3-05a4-478f-a3be-48c002de0b81",
|
|
"url--5720b5e3-05a4-478f-a3be-48c002de0b81",
|
|
"indicator--5720b5e4-11a0-4528-9790-496502de0b81",
|
|
"indicator--5720b5e4-3c3c-49a6-855c-4bc602de0b81",
|
|
"observed-data--5720b5e4-b714-4ac0-98de-493402de0b81",
|
|
"url--5720b5e4-b714-4ac0-98de-493402de0b81",
|
|
"indicator--5720b5e5-b2fc-4a98-99c6-4dfc02de0b81",
|
|
"indicator--5720b5e5-b164-4539-9e9d-449c02de0b81",
|
|
"observed-data--5720b5e6-b9b4-4a3d-90ad-431e02de0b81",
|
|
"url--5720b5e6-b9b4-4a3d-90ad-431e02de0b81",
|
|
"indicator--5720b5e6-1df8-4369-b7e0-41af02de0b81",
|
|
"indicator--5720b5e7-f2e4-48bd-a677-434c02de0b81",
|
|
"observed-data--5720b5e7-9da0-4090-bc05-4e7302de0b81",
|
|
"url--5720b5e7-9da0-4090-bc05-4e7302de0b81",
|
|
"indicator--5720b5e7-0900-4847-b4b9-438902de0b81",
|
|
"indicator--5720b5e8-e5bc-4836-af19-4fc602de0b81",
|
|
"observed-data--5720b5e8-4318-41ca-b1fc-4dc702de0b81",
|
|
"url--5720b5e8-4318-41ca-b1fc-4dc702de0b81",
|
|
"indicator--5720b5e9-5614-47f8-b698-42f202de0b81",
|
|
"indicator--5720b5e9-0cc0-46d7-aedb-44a902de0b81",
|
|
"observed-data--5720b5e9-d83c-435e-a9f8-426e02de0b81",
|
|
"url--5720b5e9-d83c-435e-a9f8-426e02de0b81",
|
|
"indicator--5720b5ea-b39c-4890-92f5-489102de0b81",
|
|
"indicator--5720b5ea-a880-499b-9ee8-417a02de0b81",
|
|
"observed-data--5720b5eb-a988-40f5-aadc-44f902de0b81",
|
|
"url--5720b5eb-a988-40f5-aadc-44f902de0b81",
|
|
"indicator--5720b5eb-c578-4818-94b1-414202de0b81",
|
|
"indicator--5720b5eb-5ca8-45b9-8c40-471c02de0b81",
|
|
"observed-data--5720b5ec-091c-433e-9221-41a502de0b81",
|
|
"url--5720b5ec-091c-433e-9221-41a502de0b81",
|
|
"indicator--5720b5ec-fa44-4f8c-8bc1-46f102de0b81",
|
|
"indicator--5720b5ec-74e8-4ea8-bee9-4c4902de0b81",
|
|
"observed-data--5720b5ed-79dc-4fc5-aa20-489802de0b81",
|
|
"url--5720b5ed-79dc-4fc5-aa20-489802de0b81",
|
|
"indicator--5720b5ed-6f48-4584-8aa4-44e002de0b81",
|
|
"indicator--5720b5ed-83dc-433b-83c1-4b3302de0b81",
|
|
"observed-data--5720b5ee-3ebc-4bf1-930e-408602de0b81",
|
|
"url--5720b5ee-3ebc-4bf1-930e-408602de0b81",
|
|
"indicator--5720b5ee-2080-46d5-9bf1-491f02de0b81",
|
|
"indicator--5720b5ef-3eb0-46de-a996-462902de0b81",
|
|
"observed-data--5720b5ef-d788-42cb-bc7c-43c402de0b81",
|
|
"url--5720b5ef-d788-42cb-bc7c-43c402de0b81",
|
|
"indicator--5720b5ef-51bc-40ec-9ed1-4ebe02de0b81",
|
|
"indicator--5720b5f0-c6a4-4291-8c23-4ce902de0b81",
|
|
"observed-data--5720b5f0-485c-4b2d-8f3d-482f02de0b81",
|
|
"url--5720b5f0-485c-4b2d-8f3d-482f02de0b81",
|
|
"indicator--5720b5f1-8524-4d25-b7c4-41c202de0b81",
|
|
"indicator--5720b5f1-85c0-4d6b-b307-4c5502de0b81",
|
|
"observed-data--5720b5f1-d858-482a-aab6-4e4d02de0b81",
|
|
"url--5720b5f1-d858-482a-aab6-4e4d02de0b81",
|
|
"indicator--5720b5f2-1e5c-4ccb-8087-41d702de0b81",
|
|
"indicator--5720b5f2-b4dc-42d5-a19e-472902de0b81",
|
|
"observed-data--5720b5f3-8bec-4db3-b9cb-453902de0b81",
|
|
"url--5720b5f3-8bec-4db3-b9cb-453902de0b81",
|
|
"indicator--5720b5f3-51b0-40c9-9571-4bcd02de0b81",
|
|
"indicator--5720b5f4-676c-46db-8a5c-400602de0b81",
|
|
"observed-data--5720b5f4-5d18-47b1-9a96-412202de0b81",
|
|
"url--5720b5f4-5d18-47b1-9a96-412202de0b81",
|
|
"indicator--5720b5f4-e908-459d-b08b-4bb302de0b81",
|
|
"indicator--5720b5f5-baf0-4a62-8e38-44b602de0b81",
|
|
"observed-data--5720b5f5-fab8-4584-bd37-4b1f02de0b81",
|
|
"url--5720b5f5-fab8-4584-bd37-4b1f02de0b81",
|
|
"indicator--5720b5f6-aea4-4f06-aa8e-40dd02de0b81",
|
|
"indicator--5720b5f6-cba8-42e0-b926-4a8202de0b81",
|
|
"observed-data--5720b5f6-1558-4c0b-8d22-406102de0b81",
|
|
"url--5720b5f6-1558-4c0b-8d22-406102de0b81",
|
|
"indicator--5720b5f7-26c8-4bcd-bbe1-42cd02de0b81",
|
|
"indicator--5720b5f7-2ec4-4e91-b15c-416c02de0b81",
|
|
"observed-data--5720b5f8-b248-4111-87ce-44c802de0b81",
|
|
"url--5720b5f8-b248-4111-87ce-44c802de0b81",
|
|
"indicator--5720b5f8-46ac-4f06-a58d-434202de0b81",
|
|
"indicator--5720b5f8-6b1c-4746-9a75-4f6302de0b81",
|
|
"observed-data--5720b5f8-3ac8-40b1-b443-43f002de0b81",
|
|
"url--5720b5f8-3ac8-40b1-b443-43f002de0b81",
|
|
"indicator--5720b5f9-def4-4916-a2a3-485c02de0b81",
|
|
"indicator--5720b5f9-7820-4581-a619-410002de0b81",
|
|
"observed-data--5720b5f9-640c-48a5-bb9a-4b7602de0b81",
|
|
"url--5720b5f9-640c-48a5-bb9a-4b7602de0b81",
|
|
"indicator--5720b5fa-42a0-442b-85f6-4f7b02de0b81",
|
|
"indicator--5720b5fa-93fc-4283-99dd-4cf802de0b81",
|
|
"observed-data--5720b5fb-a868-4233-a980-4e2a02de0b81",
|
|
"url--5720b5fb-a868-4233-a980-4e2a02de0b81",
|
|
"indicator--5720b5fb-3eac-49f7-aefa-463502de0b81",
|
|
"indicator--5720b5fb-51ec-4c24-b220-45bd02de0b81",
|
|
"observed-data--5720b5fc-fa08-4cd0-a6c4-416702de0b81",
|
|
"url--5720b5fc-fa08-4cd0-a6c4-416702de0b81",
|
|
"indicator--5720b5fc-b988-4bf5-b45b-48bb02de0b81",
|
|
"indicator--5720b5fd-9c20-4801-95f0-441402de0b81",
|
|
"observed-data--5720b5fd-848c-49fe-88a5-477502de0b81",
|
|
"url--5720b5fd-848c-49fe-88a5-477502de0b81",
|
|
"indicator--5720b5fe-2458-41c7-95c8-464702de0b81",
|
|
"indicator--5720b5fe-d750-4fa8-b735-456702de0b81",
|
|
"observed-data--5720b5fe-31d4-4380-aac5-4d9702de0b81",
|
|
"url--5720b5fe-31d4-4380-aac5-4d9702de0b81",
|
|
"indicator--5720b5ff-0ac0-4e89-acc3-478402de0b81",
|
|
"indicator--5720b5ff-1404-4576-9f65-472302de0b81",
|
|
"observed-data--5720b600-dd5c-43e0-b61e-4cfe02de0b81",
|
|
"url--5720b600-dd5c-43e0-b61e-4cfe02de0b81",
|
|
"indicator--5720b600-ed94-4735-a048-446102de0b81",
|
|
"indicator--5720b600-7f2c-4245-9b40-420802de0b81",
|
|
"observed-data--5720b601-c700-4864-994c-431b02de0b81",
|
|
"url--5720b601-c700-4864-994c-431b02de0b81",
|
|
"indicator--5720b601-6c24-4b09-9edb-447d02de0b81",
|
|
"indicator--5720b602-56c4-432a-9c6b-46cf02de0b81",
|
|
"observed-data--5720b602-a57c-4112-b00d-4c7702de0b81",
|
|
"url--5720b602-a57c-4112-b00d-4c7702de0b81",
|
|
"indicator--5720b603-1aa4-48a8-93f0-4db002de0b81",
|
|
"indicator--5720b603-a248-4e84-b617-4ad202de0b81",
|
|
"observed-data--5720b604-e1d8-4b77-95ce-498102de0b81",
|
|
"url--5720b604-e1d8-4b77-95ce-498102de0b81",
|
|
"indicator--5720b604-df98-4441-b7bb-476802de0b81",
|
|
"indicator--5720b604-177c-4420-a087-49c502de0b81",
|
|
"observed-data--5720b605-a6d8-4027-9c0d-417d02de0b81",
|
|
"url--5720b605-a6d8-4027-9c0d-417d02de0b81",
|
|
"indicator--5720b605-94c8-4d88-8229-4dea02de0b81",
|
|
"indicator--5720b606-dfd0-48de-b00a-460602de0b81",
|
|
"observed-data--5720b606-d114-481b-90bd-4a8902de0b81",
|
|
"url--5720b606-d114-481b-90bd-4a8902de0b81",
|
|
"indicator--5720b607-0550-4b4a-8ef3-405a02de0b81",
|
|
"indicator--5720b607-160c-4411-8c8f-407502de0b81",
|
|
"observed-data--5720b607-1e7c-472c-b338-42b802de0b81",
|
|
"url--5720b607-1e7c-472c-b338-42b802de0b81",
|
|
"indicator--5720b608-a9b8-41e9-bcce-44af02de0b81",
|
|
"indicator--5720b608-70f4-47da-ad60-426202de0b81",
|
|
"observed-data--5720b609-c714-4505-bfb6-4c4702de0b81",
|
|
"url--5720b609-c714-4505-bfb6-4c4702de0b81",
|
|
"indicator--5720b609-4370-44a8-bfe6-403102de0b81",
|
|
"indicator--5720b609-27ec-451d-86a2-4e9402de0b81",
|
|
"observed-data--5720b60a-dc54-4dc9-a7e2-420702de0b81",
|
|
"url--5720b60a-dc54-4dc9-a7e2-420702de0b81",
|
|
"indicator--5720b60a-8260-454c-8a0f-40bb02de0b81",
|
|
"indicator--5720b60b-4d8c-4954-9b08-416102de0b81",
|
|
"observed-data--5720b60b-396c-4fe2-be7b-4f6602de0b81",
|
|
"url--5720b60b-396c-4fe2-be7b-4f6602de0b81",
|
|
"indicator--5720b60c-a028-4526-bed2-475302de0b81",
|
|
"indicator--5720b60c-f174-4d15-9c30-46c602de0b81",
|
|
"observed-data--5720b60c-0440-4546-a53d-48c302de0b81",
|
|
"url--5720b60c-0440-4546-a53d-48c302de0b81",
|
|
"indicator--5720b60d-ef44-4c8d-bae4-4b1d02de0b81",
|
|
"indicator--5720b60d-0958-4292-8b10-452402de0b81",
|
|
"observed-data--5720b60e-3448-4cf2-82fe-496102de0b81",
|
|
"url--5720b60e-3448-4cf2-82fe-496102de0b81",
|
|
"observed-data--5720b60e-5528-4fe2-bf3f-44d5950d210f",
|
|
"url--5720b60e-5528-4fe2-bf3f-44d5950d210f",
|
|
"indicator--5720b60e-40ec-404f-9051-4d9502de0b81",
|
|
"observed-data--5720b60f-f058-48e2-969a-42cd950d210f",
|
|
"url--5720b60f-f058-48e2-969a-42cd950d210f",
|
|
"indicator--5720b60f-f570-43dd-b94d-42be02de0b81",
|
|
"observed-data--5720b60f-acf8-49e2-a1b1-4696950d210f",
|
|
"url--5720b60f-acf8-49e2-a1b1-4696950d210f",
|
|
"observed-data--5720b610-b14c-4a06-8abe-4e9a02de0b81",
|
|
"url--5720b610-b14c-4a06-8abe-4e9a02de0b81",
|
|
"observed-data--5720b610-ba84-49f4-a368-47aa950d210f",
|
|
"url--5720b610-ba84-49f4-a368-47aa950d210f",
|
|
"indicator--5720b611-dcd4-42f1-9238-468302de0b81",
|
|
"observed-data--5720b611-6acc-4ca3-8d08-4252950d210f",
|
|
"url--5720b611-6acc-4ca3-8d08-4252950d210f",
|
|
"indicator--5720b611-e7bc-48a0-8bbb-481b02de0b81",
|
|
"observed-data--5720b612-524c-4e98-9ede-4f80950d210f",
|
|
"url--5720b612-524c-4e98-9ede-4f80950d210f",
|
|
"observed-data--5720b612-fa54-4330-a612-436502de0b81",
|
|
"url--5720b612-fa54-4330-a612-436502de0b81",
|
|
"observed-data--5720b613-7314-4d23-b669-4b23950d210f",
|
|
"url--5720b613-7314-4d23-b669-4b23950d210f",
|
|
"indicator--5720b613-88a8-4f1a-bf96-4c9f02de0b81",
|
|
"observed-data--5720b613-4794-46fc-8013-414d950d210f",
|
|
"url--5720b613-4794-46fc-8013-414d950d210f",
|
|
"indicator--5720b614-0e14-420d-961d-4cbb02de0b81",
|
|
"observed-data--5720b614-a190-4420-a9a4-43fa950d210f",
|
|
"url--5720b614-a190-4420-a9a4-43fa950d210f",
|
|
"observed-data--5720b614-93ac-49cd-85a0-493c02de0b81",
|
|
"url--5720b614-93ac-49cd-85a0-493c02de0b81",
|
|
"observed-data--5720b615-3c88-4a70-82bd-48f7950d210f",
|
|
"url--5720b615-3c88-4a70-82bd-48f7950d210f",
|
|
"indicator--5720b615-a4d0-401e-aafc-4be802de0b81",
|
|
"indicator--5720b616-be94-46b2-9e91-47d602de0b81",
|
|
"observed-data--5720b616-67f8-4812-871d-4ede02de0b81",
|
|
"url--5720b616-67f8-4812-871d-4ede02de0b81",
|
|
"indicator--5720b616-ae50-4578-b22b-41de02de0b81",
|
|
"indicator--5720b617-df54-4059-a7cc-443e02de0b81",
|
|
"observed-data--5720b617-dcd0-4789-8b8b-4c6b02de0b81",
|
|
"url--5720b617-dcd0-4789-8b8b-4c6b02de0b81",
|
|
"indicator--5720b617-f314-4bf4-a97a-46f202de0b81",
|
|
"indicator--5720b618-22a0-40d9-b1aa-431502de0b81",
|
|
"observed-data--5720b618-fd44-4540-b42a-4f7002de0b81",
|
|
"url--5720b618-fd44-4540-b42a-4f7002de0b81",
|
|
"indicator--5720b618-c6fc-495d-b921-405602de0b81",
|
|
"indicator--5720b619-9bfc-46c8-b546-4d6302de0b81",
|
|
"observed-data--5720b619-2704-4e3c-8a02-4ddf02de0b81",
|
|
"url--5720b619-2704-4e3c-8a02-4ddf02de0b81",
|
|
"indicator--5720b619-ecc8-47dd-9ec7-460802de0b81",
|
|
"indicator--5720b619-2fcc-468b-98f0-4cbc02de0b81",
|
|
"observed-data--5720b61a-c908-410e-b312-481602de0b81",
|
|
"url--5720b61a-c908-410e-b312-481602de0b81",
|
|
"indicator--5720b61a-a9a8-4aed-9a01-47a302de0b81",
|
|
"indicator--5720b61a-5d2c-48e5-b93d-469802de0b81",
|
|
"observed-data--5720b61b-04e4-44bd-a81e-44f602de0b81",
|
|
"url--5720b61b-04e4-44bd-a81e-44f602de0b81",
|
|
"indicator--5720b61b-ca64-41d0-bade-423b02de0b81",
|
|
"indicator--5720b61b-9740-49b0-b906-404302de0b81",
|
|
"observed-data--5720b61c-8a74-45fc-9cb6-460202de0b81",
|
|
"url--5720b61c-8a74-45fc-9cb6-460202de0b81",
|
|
"indicator--5720b61c-9624-44a6-b84b-4dbd02de0b81",
|
|
"indicator--5720b61d-6d5c-4907-8098-4b3002de0b81",
|
|
"observed-data--5720b61d-ca04-49d4-afcd-4f5302de0b81",
|
|
"url--5720b61d-ca04-49d4-afcd-4f5302de0b81",
|
|
"indicator--5720b61d-9fa8-4e19-bec7-4dc902de0b81",
|
|
"indicator--5720b61e-3784-489b-b9ea-467902de0b81",
|
|
"observed-data--5720b61e-3c1c-4158-9818-491e02de0b81",
|
|
"url--5720b61e-3c1c-4158-9818-491e02de0b81",
|
|
"indicator--5720b61f-40cc-4e9d-8d6e-4c4902de0b81",
|
|
"indicator--5720b61f-395c-4f98-89e8-4a4902de0b81",
|
|
"observed-data--5720b61f-18d8-4e21-bfe0-441202de0b81",
|
|
"url--5720b61f-18d8-4e21-bfe0-441202de0b81",
|
|
"indicator--5720b620-833c-4f0c-bdd1-41bb02de0b81",
|
|
"indicator--5720b620-47fc-4ed5-8d0d-48ef02de0b81",
|
|
"observed-data--5720b621-1f18-4822-97f6-438902de0b81",
|
|
"url--5720b621-1f18-4822-97f6-438902de0b81",
|
|
"indicator--5720b621-e5e0-43ee-a3ad-49e902de0b81",
|
|
"indicator--5720b621-ae0c-4b68-93ea-4d1502de0b81",
|
|
"observed-data--5720b622-3d50-4600-9ea8-41a102de0b81",
|
|
"url--5720b622-3d50-4600-9ea8-41a102de0b81",
|
|
"indicator--5720b622-6b7c-4543-92d4-418e02de0b81",
|
|
"indicator--5720b623-3d4c-4d8d-8b7f-40df02de0b81",
|
|
"observed-data--5720b623-32e4-4461-ba19-49bb02de0b81",
|
|
"url--5720b623-32e4-4461-ba19-49bb02de0b81",
|
|
"indicator--5720b624-a2fc-4d56-a617-42dc02de0b81",
|
|
"indicator--5720b624-6518-45a7-8f19-449902de0b81",
|
|
"observed-data--5720b625-0784-4750-b982-492702de0b81",
|
|
"url--5720b625-0784-4750-b982-492702de0b81",
|
|
"indicator--5720b625-449c-43ce-ba27-479b02de0b81",
|
|
"indicator--5720b625-4104-4b87-985c-45ac02de0b81",
|
|
"observed-data--5720b626-8dd4-4779-9fd8-4c0102de0b81",
|
|
"url--5720b626-8dd4-4779-9fd8-4c0102de0b81",
|
|
"indicator--5720b626-92ac-4048-b1f2-4e8102de0b81",
|
|
"indicator--5720b627-cef8-45f2-b53f-4d9b02de0b81",
|
|
"observed-data--5720b627-6ee0-48a3-90c8-491002de0b81",
|
|
"url--5720b627-6ee0-48a3-90c8-491002de0b81",
|
|
"indicator--5720b628-b9d4-4187-8860-438b02de0b81",
|
|
"indicator--5720b628-d000-47cc-b45b-41de02de0b81",
|
|
"observed-data--5720b628-1f08-4336-81bb-4c8702de0b81",
|
|
"url--5720b628-1f08-4336-81bb-4c8702de0b81",
|
|
"indicator--5720b628-bf38-4f72-9e2a-46c302de0b81",
|
|
"indicator--5720b629-3bc4-4a26-9b0e-484a02de0b81",
|
|
"observed-data--5720b629-0d88-4f54-afae-4e3002de0b81",
|
|
"url--5720b629-0d88-4f54-afae-4e3002de0b81",
|
|
"indicator--5720b629-0c88-4aa1-905c-49f302de0b81",
|
|
"indicator--5720b629-ca3c-4ec1-ad8d-400c02de0b81",
|
|
"observed-data--5720b629-d480-4842-acae-41d302de0b81",
|
|
"url--5720b629-d480-4842-acae-41d302de0b81",
|
|
"indicator--5720b629-d9c8-4673-833a-476802de0b81",
|
|
"indicator--5720b62a-def0-40e2-b600-4d2302de0b81",
|
|
"observed-data--5720b62a-5d04-47f1-9873-4fd402de0b81",
|
|
"url--5720b62a-5d04-47f1-9873-4fd402de0b81",
|
|
"indicator--5720b62a-2428-4518-b70e-4bbb02de0b81",
|
|
"indicator--5720b62a-bf20-404e-a069-40fa02de0b81",
|
|
"observed-data--5720b62a-c938-4a12-af40-4a2002de0b81",
|
|
"url--5720b62a-c938-4a12-af40-4a2002de0b81",
|
|
"indicator--5720b62b-0a20-4fde-b049-470802de0b81",
|
|
"indicator--5720b62b-c938-4b30-aae6-4df602de0b81",
|
|
"observed-data--5720b62b-d864-4529-8f39-4fc502de0b81",
|
|
"url--5720b62b-d864-4529-8f39-4fc502de0b81",
|
|
"indicator--5720b62b-5178-4e44-870d-482402de0b81",
|
|
"indicator--5720b62b-8a38-416d-83eb-4a0f02de0b81",
|
|
"observed-data--5720b62c-d00c-422d-bc32-4c5e02de0b81",
|
|
"url--5720b62c-d00c-422d-bc32-4c5e02de0b81",
|
|
"indicator--5720b62c-1148-4396-9c13-4a1502de0b81",
|
|
"indicator--5720b62c-e03c-4927-9413-477b02de0b81",
|
|
"observed-data--5720b62c-2524-416c-ba3e-48fe02de0b81",
|
|
"url--5720b62c-2524-416c-ba3e-48fe02de0b81",
|
|
"indicator--5720b62c-7d88-4db9-afa9-485802de0b81",
|
|
"indicator--5720b62d-f6bc-4949-b0e4-443902de0b81",
|
|
"observed-data--5720b62d-15c8-45b0-b3e3-43c702de0b81",
|
|
"url--5720b62d-15c8-45b0-b3e3-43c702de0b81",
|
|
"indicator--5720b62d-7438-4a65-89e7-4e3002de0b81",
|
|
"indicator--5720b62d-259c-4ebb-92b5-42d802de0b81",
|
|
"observed-data--5720b62d-916c-4da6-b3a4-4938950d210f",
|
|
"url--5720b62d-916c-4da6-b3a4-4938950d210f",
|
|
"observed-data--5720b62d-067c-40f0-b47e-449202de0b81",
|
|
"url--5720b62d-067c-40f0-b47e-449202de0b81",
|
|
"observed-data--5720b62e-f99c-46c2-9904-4d29950d210f",
|
|
"url--5720b62e-f99c-46c2-9904-4d29950d210f",
|
|
"indicator--5720b62e-a868-4a46-9b25-4af502de0b81",
|
|
"observed-data--5720b62e-f6b8-4a1a-b788-4050950d210f",
|
|
"url--5720b62e-f6b8-4a1a-b788-4050950d210f",
|
|
"indicator--5720b62f-e24c-432b-acae-42e802de0b81",
|
|
"observed-data--5720b62f-b07c-4493-a0ea-4b68950d210f",
|
|
"url--5720b62f-b07c-4493-a0ea-4b68950d210f",
|
|
"observed-data--5720b62f-a958-4b89-b9d1-4fc102de0b81",
|
|
"url--5720b62f-a958-4b89-b9d1-4fc102de0b81",
|
|
"observed-data--5720b62f-8170-43f9-a879-4852950d210f",
|
|
"url--5720b62f-8170-43f9-a879-4852950d210f",
|
|
"indicator--5720b630-0574-4402-82a0-438002de0b81",
|
|
"observed-data--5720b630-d2d4-443f-b30d-4c73950d210f",
|
|
"url--5720b630-d2d4-443f-b30d-4c73950d210f",
|
|
"indicator--5720b630-40e8-46fa-aa28-4c1102de0b81",
|
|
"observed-data--5720b631-d9b4-4e6b-aaa5-40d3950d210f",
|
|
"url--5720b631-d9b4-4e6b-aaa5-40d3950d210f",
|
|
"observed-data--5720b631-87ec-4448-822a-44f202de0b81",
|
|
"url--5720b631-87ec-4448-822a-44f202de0b81",
|
|
"observed-data--5720b631-8324-4cf4-bbea-4291950d210f",
|
|
"url--5720b631-8324-4cf4-bbea-4291950d210f",
|
|
"indicator--5720b632-d210-4456-bc3b-408902de0b81",
|
|
"observed-data--5720b632-931c-41d1-a168-4359950d210f",
|
|
"url--5720b632-931c-41d1-a168-4359950d210f",
|
|
"indicator--5720b632-47dc-41b2-90bd-4a7002de0b81",
|
|
"observed-data--5720b632-b204-4094-b1e4-4722950d210f",
|
|
"url--5720b632-b204-4094-b1e4-4722950d210f",
|
|
"observed-data--5720b633-33a0-482e-b33d-408102de0b81",
|
|
"url--5720b633-33a0-482e-b33d-408102de0b81",
|
|
"observed-data--5720b633-d6f4-4fd9-afe7-4d0a950d210f",
|
|
"url--5720b633-d6f4-4fd9-afe7-4d0a950d210f",
|
|
"indicator--5720b633-bd54-41f5-85b2-4ebb02de0b81",
|
|
"indicator--5720b634-6e08-493b-948e-49da02de0b81",
|
|
"observed-data--5720b634-c044-42bc-8059-43e802de0b81",
|
|
"url--5720b634-c044-42bc-8059-43e802de0b81",
|
|
"indicator--5720b634-7e70-4585-af9a-4df402de0b81",
|
|
"indicator--5720b634-0ff8-4276-b896-4fea02de0b81",
|
|
"observed-data--5720b634-c1fc-41b1-bd66-4b5102de0b81",
|
|
"url--5720b634-c1fc-41b1-bd66-4b5102de0b81",
|
|
"indicator--5720b634-d4fc-4361-a99b-4ef602de0b81",
|
|
"indicator--5720b635-6670-4394-9d5e-4cd902de0b81",
|
|
"observed-data--5720b635-dba0-4dc8-b4c3-471c02de0b81",
|
|
"url--5720b635-dba0-4dc8-b4c3-471c02de0b81",
|
|
"indicator--5720b635-2a68-40ad-9a40-44f102de0b81",
|
|
"indicator--5720b635-b40c-47bb-8b48-439902de0b81",
|
|
"observed-data--5720b635-b8f4-45a7-a712-464e02de0b81",
|
|
"url--5720b635-b8f4-45a7-a712-464e02de0b81",
|
|
"indicator--5720b635-abcc-4814-90df-46a802de0b81",
|
|
"indicator--5720b635-ce48-4d8c-8cdf-424202de0b81",
|
|
"observed-data--5720b636-99c0-4f9c-b30a-424402de0b81",
|
|
"url--5720b636-99c0-4f9c-b30a-424402de0b81",
|
|
"indicator--5720b636-4b1c-4ce7-83e5-4c4202de0b81",
|
|
"indicator--5720b636-95dc-424e-bf93-476102de0b81",
|
|
"observed-data--5720b636-5cd4-4e0a-92e1-4def02de0b81",
|
|
"url--5720b636-5cd4-4e0a-92e1-4def02de0b81",
|
|
"indicator--5720b636-8ef4-4235-a92a-43a602de0b81",
|
|
"indicator--5720b636-c6b8-4cdf-9d8e-474502de0b81",
|
|
"observed-data--5720b637-2b0c-431d-961b-4c6c02de0b81",
|
|
"url--5720b637-2b0c-431d-961b-4c6c02de0b81",
|
|
"indicator--5720b637-a018-4a75-bb7d-439002de0b81",
|
|
"indicator--5720b637-0534-4107-baed-43e702de0b81",
|
|
"observed-data--5720b637-1ed0-4241-8649-4a6302de0b81",
|
|
"url--5720b637-1ed0-4241-8649-4a6302de0b81",
|
|
"indicator--5720b637-fce8-4bdc-b0c1-454702de0b81",
|
|
"indicator--5720b638-93bc-4530-9377-433f02de0b81",
|
|
"observed-data--5720b638-d1a4-4259-b778-437402de0b81",
|
|
"url--5720b638-d1a4-4259-b778-437402de0b81",
|
|
"indicator--5720b638-dafc-4d5c-808a-4c1902de0b81",
|
|
"indicator--5720b638-854c-4b1e-90a5-44c202de0b81",
|
|
"observed-data--5720b638-b540-43c1-8c52-4f6402de0b81",
|
|
"url--5720b638-b540-43c1-8c52-4f6402de0b81",
|
|
"indicator--5720b639-5860-49f3-8481-4ed502de0b81",
|
|
"indicator--5720b639-b9a8-4b78-8a90-4dc202de0b81",
|
|
"observed-data--5720b639-34fc-416e-8649-4dee02de0b81",
|
|
"url--5720b639-34fc-416e-8649-4dee02de0b81",
|
|
"indicator--5720b639-0c00-4882-b323-4cb502de0b81",
|
|
"indicator--5720b639-9000-4546-b915-44b102de0b81",
|
|
"observed-data--5720b639-73fc-4d77-8341-4bfc02de0b81",
|
|
"url--5720b639-73fc-4d77-8341-4bfc02de0b81",
|
|
"indicator--5720b63a-b458-43a7-b622-499e02de0b81",
|
|
"indicator--5720b63a-875c-4955-9231-4ce602de0b81",
|
|
"observed-data--5720b63a-1364-434f-97d3-477702de0b81",
|
|
"url--5720b63a-1364-434f-97d3-477702de0b81",
|
|
"indicator--5720b63a-f300-43ea-9fd0-4bd402de0b81",
|
|
"indicator--5720b63a-e8b8-4a93-a8a3-48c202de0b81",
|
|
"observed-data--5720b63b-fe50-4fd2-a8a6-44dc02de0b81",
|
|
"url--5720b63b-fe50-4fd2-a8a6-44dc02de0b81",
|
|
"indicator--5720b63b-3b38-472a-89ce-40a002de0b81",
|
|
"indicator--5720b63b-8ec0-4ac0-a25c-4da902de0b81",
|
|
"observed-data--5720b63b-fd4c-4c06-829c-4d8d02de0b81",
|
|
"url--5720b63b-fd4c-4c06-829c-4d8d02de0b81",
|
|
"indicator--5720b63b-8668-4e43-9d37-449e02de0b81",
|
|
"indicator--5720b63c-6650-431a-b5fc-454302de0b81",
|
|
"observed-data--5720b63c-7660-4eeb-8227-4cde02de0b81",
|
|
"url--5720b63c-7660-4eeb-8227-4cde02de0b81",
|
|
"indicator--5720b63c-0e1c-4b58-9bde-4c5b02de0b81",
|
|
"indicator--5720b63c-d0f8-48ee-b1b1-4a4102de0b81",
|
|
"observed-data--5720b63c-05a4-46db-9915-42e602de0b81",
|
|
"url--5720b63c-05a4-46db-9915-42e602de0b81",
|
|
"indicator--5720b63d-bd00-40f8-b7a4-458502de0b81",
|
|
"indicator--5720b63d-8aa8-47b1-adca-4dac02de0b81",
|
|
"observed-data--5720b63d-f094-4288-82c4-4a3802de0b81",
|
|
"url--5720b63d-f094-4288-82c4-4a3802de0b81",
|
|
"indicator--5720b63d-31f0-4c5b-bc43-416f02de0b81",
|
|
"indicator--5720b63d-e878-406b-a63f-45a002de0b81",
|
|
"observed-data--5720b63d-e894-47bc-827e-494102de0b81",
|
|
"url--5720b63d-e894-47bc-827e-494102de0b81",
|
|
"indicator--5720b63e-de70-4f0c-a7da-4be702de0b81",
|
|
"indicator--5720b63e-0b84-4c0a-be80-42af02de0b81",
|
|
"observed-data--5720b63e-d7c0-47cd-88d1-4fe802de0b81",
|
|
"url--5720b63e-d7c0-47cd-88d1-4fe802de0b81",
|
|
"indicator--5720b63e-d5d4-4d30-b988-4e0d02de0b81",
|
|
"indicator--5720b63e-ebe4-48ed-b163-466702de0b81",
|
|
"observed-data--5720b63f-333c-4595-bd5c-422c02de0b81",
|
|
"url--5720b63f-333c-4595-bd5c-422c02de0b81",
|
|
"indicator--5720b63f-b57c-48ea-acac-441c02de0b81",
|
|
"indicator--5720b63f-0678-4ecf-b3c8-450b02de0b81",
|
|
"observed-data--5720b63f-28f4-484e-96af-482002de0b81",
|
|
"url--5720b63f-28f4-484e-96af-482002de0b81",
|
|
"indicator--5720b63f-87a8-45a8-ad56-403602de0b81",
|
|
"indicator--5720b640-9980-49ac-9bc6-450f02de0b81",
|
|
"observed-data--5720b640-d130-4fd1-8a80-4cdf02de0b81",
|
|
"url--5720b640-d130-4fd1-8a80-4cdf02de0b81",
|
|
"indicator--5720b640-6100-4ad3-b907-4a8002de0b81",
|
|
"indicator--5720b640-2d58-4554-88fc-46b702de0b81",
|
|
"observed-data--5720b640-48d4-45c9-896f-43a002de0b81",
|
|
"url--5720b640-48d4-45c9-896f-43a002de0b81",
|
|
"indicator--5720b640-ff90-4584-b7d3-49fa02de0b81",
|
|
"indicator--5720b641-311c-48aa-912b-4d6302de0b81",
|
|
"observed-data--5720b641-8010-4819-ab6f-42be02de0b81",
|
|
"url--5720b641-8010-4819-ab6f-42be02de0b81",
|
|
"indicator--5720b641-57c0-4e7d-a54f-497302de0b81",
|
|
"indicator--5720b641-fbdc-48c6-9961-4b7d02de0b81",
|
|
"observed-data--5720b641-0cd8-4271-9941-4fa602de0b81",
|
|
"url--5720b641-0cd8-4271-9941-4fa602de0b81",
|
|
"indicator--5720b642-fbb0-4022-ad19-410802de0b81",
|
|
"indicator--5720b642-d574-45b9-99ca-455902de0b81",
|
|
"observed-data--5720b642-42c4-43a0-abfa-48af02de0b81",
|
|
"url--5720b642-42c4-43a0-abfa-48af02de0b81",
|
|
"indicator--5720b642-6d5c-4794-a8e8-472a02de0b81",
|
|
"indicator--5720b642-37c4-4459-804b-4fa002de0b81",
|
|
"observed-data--5720b643-056c-4cc6-875a-42af02de0b81",
|
|
"url--5720b643-056c-4cc6-875a-42af02de0b81",
|
|
"indicator--5720b643-42cc-4c17-a29b-49c302de0b81",
|
|
"indicator--5720b644-f7c8-4f74-95ac-489b02de0b81",
|
|
"observed-data--5720b644-09cc-4883-9f21-4bb302de0b81",
|
|
"url--5720b644-09cc-4883-9f21-4bb302de0b81",
|
|
"indicator--5720b645-4068-413a-9355-42b202de0b81",
|
|
"indicator--5720b645-0c84-4bc0-a8ed-40a402de0b81",
|
|
"observed-data--5720b646-a7b4-4b70-981f-424a02de0b81",
|
|
"url--5720b646-a7b4-4b70-981f-424a02de0b81",
|
|
"indicator--5720b646-1a10-4637-a37f-421202de0b81",
|
|
"indicator--5720b646-4e44-4bad-a0f0-4e0b02de0b81",
|
|
"observed-data--5720b646-f410-4a1b-8ba0-46ad02de0b81",
|
|
"url--5720b646-f410-4a1b-8ba0-46ad02de0b81",
|
|
"indicator--5720b647-1a14-417b-a807-456402de0b81",
|
|
"indicator--5720b647-b2c8-4639-9c11-454802de0b81",
|
|
"observed-data--5720b647-64d4-4d3c-b2d2-41d402de0b81",
|
|
"url--5720b647-64d4-4d3c-b2d2-41d402de0b81",
|
|
"indicator--5720b647-c38c-42f9-b6e0-472d02de0b81",
|
|
"indicator--5720b647-4864-4718-8303-47a302de0b81",
|
|
"observed-data--5720b647-44b4-48d6-a642-4e7b02de0b81",
|
|
"url--5720b647-44b4-48d6-a642-4e7b02de0b81",
|
|
"indicator--5720b647-de1c-441a-9133-43b402de0b81",
|
|
"indicator--5720b648-66e8-4e60-b541-473602de0b81",
|
|
"observed-data--5720b648-4fe0-4d5a-b4b6-4e0902de0b81",
|
|
"url--5720b648-4fe0-4d5a-b4b6-4e0902de0b81",
|
|
"indicator--5720b648-776c-41a7-a01f-4fce02de0b81",
|
|
"indicator--5720b648-d9f8-4c85-8c97-4ff302de0b81",
|
|
"observed-data--5720b648-0ea8-4097-9f5b-45ca02de0b81",
|
|
"url--5720b648-0ea8-4097-9f5b-45ca02de0b81",
|
|
"indicator--5720b648-595c-417e-baf9-4dd002de0b81",
|
|
"indicator--5720b649-f320-4112-8fff-44d602de0b81",
|
|
"observed-data--5720b649-0ce4-4b48-9be2-4c4602de0b81",
|
|
"url--5720b649-0ce4-4b48-9be2-4c4602de0b81",
|
|
"indicator--5720b649-e680-428d-a1b1-41c502de0b81",
|
|
"indicator--5720b649-eef8-4951-9390-409c02de0b81",
|
|
"observed-data--5720b649-8434-4b1a-a098-4501950d210f",
|
|
"url--5720b649-8434-4b1a-a098-4501950d210f",
|
|
"observed-data--5720b649-0ba0-44c7-9f92-459702de0b81",
|
|
"url--5720b649-0ba0-44c7-9f92-459702de0b81",
|
|
"observed-data--5720b64a-9914-451d-9787-456f950d210f",
|
|
"url--5720b64a-9914-451d-9787-456f950d210f",
|
|
"indicator--5720b64a-60f0-4dc7-8b83-4aee02de0b81",
|
|
"observed-data--5720b64a-d874-44b9-aeb5-4b26950d210f",
|
|
"url--5720b64a-d874-44b9-aeb5-4b26950d210f",
|
|
"indicator--5720b64b-5760-4d9c-880a-4da602de0b81",
|
|
"observed-data--5720b64b-e064-47f8-8abd-4572950d210f",
|
|
"url--5720b64b-e064-47f8-8abd-4572950d210f",
|
|
"observed-data--5720b64b-0f50-4db3-84e1-4a9502de0b81",
|
|
"url--5720b64b-0f50-4db3-84e1-4a9502de0b81",
|
|
"observed-data--5720b64b-3c48-4215-977e-4e01950d210f",
|
|
"url--5720b64b-3c48-4215-977e-4e01950d210f",
|
|
"indicator--5720b64c-0300-4dcd-923d-4e1102de0b81",
|
|
"observed-data--5720b64c-c1cc-44c4-9ef3-4abb950d210f",
|
|
"url--5720b64c-c1cc-44c4-9ef3-4abb950d210f",
|
|
"indicator--5720b64c-e220-4b9c-8ff0-40c302de0b81",
|
|
"observed-data--5720b64c-9844-4f34-a421-4c91950d210f",
|
|
"url--5720b64c-9844-4f34-a421-4c91950d210f",
|
|
"observed-data--5720b64d-9e80-430d-9350-428e02de0b81",
|
|
"url--5720b64d-9e80-430d-9350-428e02de0b81",
|
|
"observed-data--5720b64d-8128-4d8c-97fa-4f70950d210f",
|
|
"url--5720b64d-8128-4d8c-97fa-4f70950d210f",
|
|
"indicator--5720b64d-425c-4448-8c8f-43a202de0b81",
|
|
"indicator--5720b64e-1120-4a4f-8be7-4af002de0b81",
|
|
"observed-data--5720b64e-1fa4-4565-96bb-452e02de0b81",
|
|
"url--5720b64e-1fa4-4565-96bb-452e02de0b81",
|
|
"indicator--5720b64f-0804-4441-84ee-4fe002de0b81",
|
|
"indicator--5720b64f-5000-41dc-9394-40cc02de0b81",
|
|
"observed-data--5720b64f-d738-4da8-a7a0-477502de0b81",
|
|
"url--5720b64f-d738-4da8-a7a0-477502de0b81",
|
|
"indicator--5720b650-e6b0-486a-9fcc-4c8c02de0b81",
|
|
"indicator--5720b650-e8a8-4b22-b7fe-4eb802de0b81",
|
|
"observed-data--5720b651-b998-414d-bfe4-4e2102de0b81",
|
|
"url--5720b651-b998-414d-bfe4-4e2102de0b81",
|
|
"indicator--5720b651-3618-4386-acdf-42ec02de0b81",
|
|
"indicator--5720b652-7cac-4698-a054-486302de0b81",
|
|
"observed-data--5720b652-6bf0-426e-b782-40eb02de0b81",
|
|
"url--5720b652-6bf0-426e-b782-40eb02de0b81",
|
|
"indicator--5720bc3f-e090-4590-9343-43f6950d210f",
|
|
"indicator--5720bc40-e868-4585-aca1-4170950d210f",
|
|
"indicator--5720bc40-a638-4add-ba38-4a96950d210f",
|
|
"indicator--5720bc40-a500-47e3-9fce-40f1950d210f"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"type:OSINT"
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720a8de-f7a4-4520-8669-44f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T11:56:14.000Z",
|
|
"modified": "2016-04-27T11:56:14.000Z",
|
|
"first_observed": "2016-04-27T11:56:14Z",
|
|
"last_observed": "2016-04-27T11:56:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720a8de-f7a4-4520-8669-44f9950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720a8de-f7a4-4520-8669-44f9950d210f",
|
|
"value": "https://www.fireeye.com/blog/threat-research/2016/04/rumms-android-malware.html"
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5720a8ec-d694-4203-8f77-4c83950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T11:56:28.000Z",
|
|
"modified": "2016-04-27T11:56:28.000Z",
|
|
"labels": [
|
|
"misp:type=\"comment\"",
|
|
"misp:category=\"External analysis\""
|
|
],
|
|
"x_misp_category": "External analysis",
|
|
"x_misp_type": "comment",
|
|
"x_misp_value": "Recently we observed an Android malware family being used to attack users in Russia. The malware samples were mainly distributed through a series of malicious subdomains registered under a legitimate domain belonging to a well-known shared hosting service provider in Russia. Because all the URLs used in this campaign have the form of hxxp://yyyyyyyy[.]XXXX.ru/mms.apk (where XXXX.ru represents the hosting provider\u00e2\u20ac\u2122s domain), we named this malware family RuMMS."
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ae-1e14-4bc1-8b6c-4dbc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:34.000Z",
|
|
"modified": "2016-04-27T12:29:34.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '016410e442f651d43a7e28f72be2e2ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0af-fc50-4c41-ae09-4e79950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:35.000Z",
|
|
"modified": "2016-04-27T12:29:35.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '01d95061091d4f6f536bada821461c07']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0af-9884-47af-a4e8-40c0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:35.000Z",
|
|
"modified": "2016-04-27T12:29:35.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0328121ca8e0e677bba5f18ba193371c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b0-2948-463a-a53f-4c51950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:36.000Z",
|
|
"modified": "2016-04-27T12:29:36.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '03a442b0f7c26ef13a928c7f1e65aa23']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b0-e8d8-4d62-8e05-450e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:36.000Z",
|
|
"modified": "2016-04-27T12:29:36.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '03c85cb479fd9031504bba04c2cefc96']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b0-3440-4423-9bc4-467e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:36.000Z",
|
|
"modified": "2016-04-27T12:29:36.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '053c247a1c176af8c9e42fe93fb47c9d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b1-e598-4cfd-bec3-4289950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:37.000Z",
|
|
"modified": "2016-04-27T12:29:37.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '064799b5c74a5bae5416d03cf5ff4202']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b1-0764-4159-a30a-445a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:37.000Z",
|
|
"modified": "2016-04-27T12:29:37.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '066e171fc083c5e21ac58026870a4ae8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b2-d7ec-446a-98ea-43da950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:38.000Z",
|
|
"modified": "2016-04-27T12:29:38.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0749e775f963fdab30583914f01486e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b2-8b08-442b-8deb-4318950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:38.000Z",
|
|
"modified": "2016-04-27T12:29:38.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '081b04697f96568356d7b21ac946fb7c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b2-3ae0-4428-8caf-41f7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:38.000Z",
|
|
"modified": "2016-04-27T12:29:38.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0927b599d9599dcd13b6ef5f899ef4d9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b3-ba2c-4255-bf32-42e4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:39.000Z",
|
|
"modified": "2016-04-27T12:29:39.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0964ee11f6d19c2297bce3cb484a2459']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b3-5b10-4d41-a770-446c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:39.000Z",
|
|
"modified": "2016-04-27T12:29:39.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0a22ceac6a0ee242ace454a39bff5e18']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b4-eba0-4335-b7a6-4ce1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:40.000Z",
|
|
"modified": "2016-04-27T12:29:40.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0a3b9c27b539498b46e93dbdcfb3de1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b4-808c-44bf-a5a9-45c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:40.000Z",
|
|
"modified": "2016-04-27T12:29:40.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0abf7a57855c2312661fdc2b6245eef8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b5-0634-4399-92f5-4d15950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:41.000Z",
|
|
"modified": "2016-04-27T12:29:41.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0c3dbcffb91d154b2b320b2fce972f39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b5-f164-4861-bcf9-467e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:41.000Z",
|
|
"modified": "2016-04-27T12:29:41.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0c75764d172364c239fc22c9c3e21275']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b5-bc68-48d1-a883-401f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:41.000Z",
|
|
"modified": "2016-04-27T12:29:41.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0dd1d8d348a3de7ed419da54ae878d37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b6-f930-4820-9044-43e7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:42.000Z",
|
|
"modified": "2016-04-27T12:29:42.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0dd40d2f4c90aec333445112fb333c88']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b6-bee4-42a8-aa20-4a35950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:42.000Z",
|
|
"modified": "2016-04-27T12:29:42.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0e89415cdd06656d03ef498fd1dd5e9b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b7-be50-4f08-9f44-43a2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:43.000Z",
|
|
"modified": "2016-04-27T12:29:43.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0e8ef8108418ca0547b195335ee1dd2c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b7-a830-4237-a4ff-4efc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:43.000Z",
|
|
"modified": "2016-04-27T12:29:43.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0ea83ffc776389a19047947aba5b4324']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b7-1c4c-4a15-b420-4588950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:43.000Z",
|
|
"modified": "2016-04-27T12:29:43.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0f280e86268da04dc2aa65b03f440c1a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b8-8778-44f3-8824-44ee950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:44.000Z",
|
|
"modified": "2016-04-27T12:29:44.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0f5a6b34e952c5c44aa6f4a5538a6f2b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b8-446c-44c7-b1b5-4339950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:44.000Z",
|
|
"modified": "2016-04-27T12:29:44.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '0fa1ffbcfe0afc6a4a57fed513a72eb6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b9-1fe0-4074-acc2-41f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:45.000Z",
|
|
"modified": "2016-04-27T12:29:45.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '104859f80028792fbd3a0a0ea1e6fd78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b9-7498-459e-ab80-4027950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:45.000Z",
|
|
"modified": "2016-04-27T12:29:45.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '10c58dd41d95a81b1043059563860c1c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0b9-fda8-4b05-9b01-4d64950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:45.000Z",
|
|
"modified": "2016-04-27T12:29:45.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '11d425602d3c8311d1e18df35db1daa3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ba-2950-4ac4-9427-463d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:46.000Z",
|
|
"modified": "2016-04-27T12:29:46.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '120561bfced94cc1ce5cda03b203dbf8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ba-db00-496b-8d21-4a68950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:46.000Z",
|
|
"modified": "2016-04-27T12:29:46.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '128576fbdb7d2980c5a52cd3286bcca8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bb-025c-476d-a8f8-4f1a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:47.000Z",
|
|
"modified": "2016-04-27T12:29:47.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '14a8246474ed819a4dfcc3cb06e98954']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bb-3fa4-490f-b649-4f8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:47.000Z",
|
|
"modified": "2016-04-27T12:29:47.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '14c7f0dc55b5dd0c7e39f455baae3089']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bb-7930-40cc-b7b7-4621950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:47.000Z",
|
|
"modified": "2016-04-27T12:29:47.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '1693f424742279a8678322a012222a02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bc-c29c-4c9f-b5f2-4a4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:48.000Z",
|
|
"modified": "2016-04-27T12:29:48.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '16b778921b6db27a2af23dd8ce1fac3e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bc-7918-4f39-926c-4786950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:48.000Z",
|
|
"modified": "2016-04-27T12:29:48.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '16ec62c1d7d4ac3f3d7d743fc1e21bf6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bd-b4d0-48af-a670-4999950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:49.000Z",
|
|
"modified": "2016-04-27T12:29:49.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '1711081b5ba5c3941ae01d80819c7530']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bd-791c-4759-9077-4315950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:49.000Z",
|
|
"modified": "2016-04-27T12:29:49.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '177af9700bcc8b7c8c131b662e8cdda8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bd-8ec0-47bb-84d4-4cc8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:49.000Z",
|
|
"modified": "2016-04-27T12:29:49.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '17bfe26e9a767c83df2aab368085e3c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0be-714c-4c49-bc9c-4748950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:50.000Z",
|
|
"modified": "2016-04-27T12:29:50.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '17d083988dd5e6d9c2517899ae30bb02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0be-d5c8-429b-be77-4589950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:50.000Z",
|
|
"modified": "2016-04-27T12:29:50.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '1850c020edafcf8254279e352ce33da9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bf-e3a4-4b1d-8270-409c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:51.000Z",
|
|
"modified": "2016-04-27T12:29:51.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '18d1b845b2ee1960b304ab2fd3bfe11b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0bf-bbb8-4643-8d18-456e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:51.000Z",
|
|
"modified": "2016-04-27T12:29:51.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '1b4b6bf1e40d5954b34a815d1438efd9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c0-ce08-4032-b884-4298950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:52.000Z",
|
|
"modified": "2016-04-27T12:29:52.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '1cbedd5cc8e9b59f90ec81a5aec0239f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c0-72b0-4f22-a72d-4981950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:52.000Z",
|
|
"modified": "2016-04-27T12:29:52.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '1cead79dfdaee9d7eb914a5b13a323ea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c0-97c0-43b3-82a0-4cc4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:52.000Z",
|
|
"modified": "2016-04-27T12:29:52.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '1dc8e18e610fd921ffa638b3f51de4b2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c1-3e5c-476c-b727-406f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:53.000Z",
|
|
"modified": "2016-04-27T12:29:53.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '1ed3c0158eb960bb47847596a69a744c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c1-41f0-447f-8ac7-42f7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:53.000Z",
|
|
"modified": "2016-04-27T12:29:53.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2177a3094dd06f9d777db64364d3fc2c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c2-cfa0-45b0-b808-40ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:54.000Z",
|
|
"modified": "2016-04-27T12:29:54.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '220fc807884acfcd703596994e202f21']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c2-118c-411b-8f4d-401f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:54.000Z",
|
|
"modified": "2016-04-27T12:29:54.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '244b965d3816ac828d21c04bcf0519a4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c2-5df4-4517-9e6f-4a15950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:54.000Z",
|
|
"modified": "2016-04-27T12:29:54.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '24f23fe808ba3f90a7a48eae37ce259d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c3-8720-4fe1-b14e-4a2c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:55.000Z",
|
|
"modified": "2016-04-27T12:29:55.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2745bc6f165ae43f1edf5cd1e01db2c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c3-ed6c-432b-a0b8-4c14950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:55.000Z",
|
|
"modified": "2016-04-27T12:29:55.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2802552e2aa5491ebbf28bfef85618cb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c4-0974-44ec-928c-45db950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:56.000Z",
|
|
"modified": "2016-04-27T12:29:56.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '29a8eef1b304d53f303d03ba6994ed32']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c4-d5e0-4870-8def-4891950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:56.000Z",
|
|
"modified": "2016-04-27T12:29:56.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2a1c02bd4263a4e1cb6f648a9da59429']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c4-6e3c-45e4-aad4-459f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:56.000Z",
|
|
"modified": "2016-04-27T12:29:56.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2a6c086c589d1b0a7d6d81c4e4c70282']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c5-ebac-451e-aeb9-4dc8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:57.000Z",
|
|
"modified": "2016-04-27T12:29:57.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2ac5e8e2fd8050330863875d5018cb59']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c5-da70-4733-9d23-408b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:57.000Z",
|
|
"modified": "2016-04-27T12:29:57.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2c200cfcc5f4121fb70b1c152357225b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c6-3134-4902-8042-4fda950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:58.000Z",
|
|
"modified": "2016-04-27T12:29:58.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2cb75f46b901c17b2f0a9cb486933d65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c6-0094-4408-9f8e-4a2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:58.000Z",
|
|
"modified": "2016-04-27T12:29:58.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2cd1908f4846e81e92f82684d337e858']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c6-9d08-44c1-b097-4f01950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:58.000Z",
|
|
"modified": "2016-04-27T12:29:58.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2ce248b19c30a9fed4cd813c23831d7a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c7-5320-4baf-b8d9-47e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:59.000Z",
|
|
"modified": "2016-04-27T12:29:59.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2cf5b053bf51e9ff8ea653da5523b5f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c7-eb90-4f96-a712-44a2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:29:59.000Z",
|
|
"modified": "2016-04-27T12:29:59.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2e44ffbaa24c1203df218be1cc28a9e5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:29:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c8-c1dc-4d24-865b-46de950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:00.000Z",
|
|
"modified": "2016-04-27T12:30:00.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '2e9fcd26fdeeed19f0de865298d59f2e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c8-0c2c-46d5-9e95-4a7e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:00.000Z",
|
|
"modified": "2016-04-27T12:30:00.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '308bec5d52d55c00aff0b561e7975bdf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c8-e53c-49ae-9ab4-45a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:00.000Z",
|
|
"modified": "2016-04-27T12:30:00.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '30a8c03a7d6a489da047443938e2aa20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c9-25dc-4614-9553-4cb8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:01.000Z",
|
|
"modified": "2016-04-27T12:30:01.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '30c1a1a7417598fa8f23572f0f090866']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c9-6238-48a8-856d-43a2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:01.000Z",
|
|
"modified": "2016-04-27T12:30:01.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '30f2b0edd191d1465bac11553d60f761']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0c9-95a0-4761-bc63-44a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:01.000Z",
|
|
"modified": "2016-04-27T12:30:01.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3103bd49786d52c920e12303921bd2f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ca-6090-48c7-9a35-4603950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:02.000Z",
|
|
"modified": "2016-04-27T12:30:02.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3131d58ace4f3485dcc2581be3fcfb42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ca-79dc-4c29-9e89-4928950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:02.000Z",
|
|
"modified": "2016-04-27T12:30:02.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '315a713c65baf5390fcf4232df3d1669']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ca-40f4-4717-8a36-4854950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:02.000Z",
|
|
"modified": "2016-04-27T12:30:02.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '318513f9f14fbf78ec037b62b221c91b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cb-89a0-4738-806b-4570950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:03.000Z",
|
|
"modified": "2016-04-27T12:30:03.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3199b7e9b27c1aa619bc6959c6eab458']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cb-8c60-4346-9e78-4240950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:03.000Z",
|
|
"modified": "2016-04-27T12:30:03.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '31eddefcadb1d4a6bbc55e610d085638']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cb-b6a4-478d-aa59-405b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:03.000Z",
|
|
"modified": "2016-04-27T12:30:03.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '34788c0c80687e1488d3c9b688de9991']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cc-552c-45de-bca7-4837950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:04.000Z",
|
|
"modified": "2016-04-27T12:30:04.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '34e8dfc3d5fe5a936d556ac79e53412f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cc-472c-4fee-83fc-4dde950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:04.000Z",
|
|
"modified": "2016-04-27T12:30:04.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '356393e8c85864fa2e31e30d28c13067']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cc-671c-4d95-bbf4-4d98950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:04.000Z",
|
|
"modified": "2016-04-27T12:30:04.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '35666c9ef8d3d81d8641578259982e57']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cc-5aa0-4682-bca0-4b13950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:04.000Z",
|
|
"modified": "2016-04-27T12:30:04.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '37506bcd79e0a39d56edda2f0713ce34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cd-7a5c-41bc-9056-427f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:05.000Z",
|
|
"modified": "2016-04-27T12:30:05.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '38b9c800c9787ea6de3f5a9436444435']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cd-7e48-4de4-bd7a-4741950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:05.000Z",
|
|
"modified": "2016-04-27T12:30:05.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '391a74f46c7f7c34e98be38228fc94b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cd-9d78-4011-9e8f-4806950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:05.000Z",
|
|
"modified": "2016-04-27T12:30:05.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3a0baa509a54359d10696d995dfe783e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ce-7e8c-42dd-818e-49b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:06.000Z",
|
|
"modified": "2016-04-27T12:30:06.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3abe743871688eb542a36bdd4f5ba196']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ce-c3ac-4dd3-a212-4c1b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:06.000Z",
|
|
"modified": "2016-04-27T12:30:06.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3b2dda7dafbc3f690f179999b367f743']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cf-be28-418c-8c20-4424950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:07.000Z",
|
|
"modified": "2016-04-27T12:30:07.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3b39743b98e7223c93f15026c009e2ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cf-e590-4fdd-be54-4707950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:07.000Z",
|
|
"modified": "2016-04-27T12:30:07.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3d3dac2656f5850d6e2cababc06edd23']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0cf-4cec-4a98-8829-40da950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:07.000Z",
|
|
"modified": "2016-04-27T12:30:07.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3d4e135e647fba30e67415e5ebc5af42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d0-1248-4ea4-886e-4371950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:08.000Z",
|
|
"modified": "2016-04-27T12:30:08.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3de3c1ff2db0f75d18c10c1d682596a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d0-d688-4b9c-a557-4188950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:08.000Z",
|
|
"modified": "2016-04-27T12:30:08.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '3f9376bd042b5c9b111dde1b460ab9b5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d1-afa4-43be-be1b-4986950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:09.000Z",
|
|
"modified": "2016-04-27T12:30:09.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '40f7cec380c6904bbeaac5c42bc99fb6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d1-0fa0-455e-8f47-4cf7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:09.000Z",
|
|
"modified": "2016-04-27T12:30:09.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '412e4f59e3a7a7d870581e83bffa33d1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d1-1fb4-4e0b-881f-4544950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:09.000Z",
|
|
"modified": "2016-04-27T12:30:09.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '41b946bf78606d4f94a7206f024914bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d2-31a0-4a96-b99f-46d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:10.000Z",
|
|
"modified": "2016-04-27T12:30:10.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '422fc3634a8a575945fc96bd85465275']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d2-630c-425d-9fd8-4ba3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:10.000Z",
|
|
"modified": "2016-04-27T12:30:10.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4294589c588b577529150b01ce588a13']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d3-c048-46b3-b829-42d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:11.000Z",
|
|
"modified": "2016-04-27T12:30:11.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '437db1d8d84e245875064ba7cccc9ae0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d3-50c4-43db-8c4c-4198950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:11.000Z",
|
|
"modified": "2016-04-27T12:30:11.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '44a56e288d906cbfec85f6715554f83b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d3-bdf4-4db3-9b78-4786950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:11.000Z",
|
|
"modified": "2016-04-27T12:30:11.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '472187a7eba0fd0479130711df34a409']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d4-f918-43b8-b09b-4e34950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:12.000Z",
|
|
"modified": "2016-04-27T12:30:12.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4827e46a2382fdfa2847db0d376c2c52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d4-1a40-41aa-8332-49bf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:12.000Z",
|
|
"modified": "2016-04-27T12:30:12.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '48378433f79ac304d0bb86ee6f99958e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d5-89e0-46e0-af59-4d53950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:13.000Z",
|
|
"modified": "2016-04-27T12:30:13.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4841a521f95ea744243566cc69904bd1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d5-3f5c-44a9-a015-47b7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:13.000Z",
|
|
"modified": "2016-04-27T12:30:13.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4aa78398d9a927d2c67bf6a5fb0c8db8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d5-f1b0-4fb9-9b24-455e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:13.000Z",
|
|
"modified": "2016-04-27T12:30:13.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4b478ad35ad285ff4ff2623cb8c63ff7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d6-4a60-4a76-af4a-4073950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:14.000Z",
|
|
"modified": "2016-04-27T12:30:14.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4be9cb7e3cdab4766411a0d2506a2cf7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d6-16f8-4576-ad5e-4c74950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:14.000Z",
|
|
"modified": "2016-04-27T12:30:14.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4d7ce984313b06835b72a4e6ad6e61fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d7-c2f0-4621-952f-4037950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:15.000Z",
|
|
"modified": "2016-04-27T12:30:15.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4e60269982182b1cb8139dd5159a6b78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d7-ad44-4740-9f5f-4bd9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:15.000Z",
|
|
"modified": "2016-04-27T12:30:15.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4ed59658844835a222e09c6ca5701bf8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d7-27f4-4324-8109-497a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:15.000Z",
|
|
"modified": "2016-04-27T12:30:15.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4eda51773b46975d47b8932fee4cd168']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d8-0534-4361-ac58-464a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:16.000Z",
|
|
"modified": "2016-04-27T12:30:16.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4f837a3eee0a228c1c7cb13916f14fe8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d8-79ac-4c82-8b62-406e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:16.000Z",
|
|
"modified": "2016-04-27T12:30:16.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4fad9557973f3451be04efbbf9f51b8d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d9-aca8-451f-857a-4171950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:17.000Z",
|
|
"modified": "2016-04-27T12:30:17.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4faefac63b3876604945f11effc6042a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d9-77c4-4b4b-89f2-4d2d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:17.000Z",
|
|
"modified": "2016-04-27T12:30:17.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5044a06f037118627899abd1229895fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0d9-687c-4a78-bd61-4b1c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:17.000Z",
|
|
"modified": "2016-04-27T12:30:17.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '50aa9c662a508c9a9bda508bbb5b4ac7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0da-9e98-47be-981e-4d6d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:18.000Z",
|
|
"modified": "2016-04-27T12:30:18.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '50cccf3ee065977de3a2c07249313411']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0da-a5f8-4753-aec6-4c8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:18.000Z",
|
|
"modified": "2016-04-27T12:30:18.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '512c580db356e18c51b051a7b04fa0c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0db-bb68-4242-befa-4249950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:19.000Z",
|
|
"modified": "2016-04-27T12:30:19.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5144790d272daacc7210fc9e2ae41f12']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0db-5fcc-47f7-9705-4858950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:19.000Z",
|
|
"modified": "2016-04-27T12:30:19.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '516d74358ef2f61fbb90e9d1a17f59f9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0dc-312c-4009-b722-415f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:20.000Z",
|
|
"modified": "2016-04-27T12:30:20.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '52c5cc858d528fd0554ef800d16e0f8f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0dc-c1a8-4dcb-9bfd-4bd4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:20.000Z",
|
|
"modified": "2016-04-27T12:30:20.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '53281564e50a8dfab1d7d068f5f3bae3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0dc-6b58-4537-ac63-47f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:20.000Z",
|
|
"modified": "2016-04-27T12:30:20.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '53baf60ae4611b844e54a600f05c9bbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0dd-2240-4155-88df-43e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:21.000Z",
|
|
"modified": "2016-04-27T12:30:21.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5510c69693819baf9ad2e4a346f805b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0dd-c660-419e-bb16-4446950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:21.000Z",
|
|
"modified": "2016-04-27T12:30:21.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5527ffe6768f3b61d69ee83039f6e487']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0de-9914-4f66-981e-4622950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:22.000Z",
|
|
"modified": "2016-04-27T12:30:22.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5678e4c2cfe9c2bd25cde662b026550e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0de-ff04-4153-be56-48f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:22.000Z",
|
|
"modified": "2016-04-27T12:30:22.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '56d95aa243571ccd85b516d0f393ed37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0de-1910-4627-9a63-471f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:22.000Z",
|
|
"modified": "2016-04-27T12:30:22.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '56dedd0ca8849891486e23a53acb66ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0df-c284-4667-a9df-4421950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:23.000Z",
|
|
"modified": "2016-04-27T12:30:23.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5702f860032be6a67d5ead51191f90a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0df-5998-47be-ba01-491e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:23.000Z",
|
|
"modified": "2016-04-27T12:30:23.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '57343fd964265e6472e87a4f6c626763']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e0-1d00-40ff-84cf-46cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:24.000Z",
|
|
"modified": "2016-04-27T12:30:24.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5814b9a4b3f10abe74b61901ee151a9f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e0-4a60-48ca-a1c1-43b7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:24.000Z",
|
|
"modified": "2016-04-27T12:30:24.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5a95d673b2c2d758c7d456c421ba1719']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e0-d660-47e2-b8a9-4800950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:24.000Z",
|
|
"modified": "2016-04-27T12:30:24.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5b6c7341a08f5cd4c27f443e3c057dd1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e1-23d8-42d7-b47e-44ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:25.000Z",
|
|
"modified": "2016-04-27T12:30:25.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5b7b1c1d3102a04e88ddfe8f27ffa2f2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e1-f214-4646-b36f-490f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:25.000Z",
|
|
"modified": "2016-04-27T12:30:25.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5bc0678baa1f30b89b80dcc7cf4431dc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e2-da44-45f6-96a3-4641950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:26.000Z",
|
|
"modified": "2016-04-27T12:30:26.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5c318b3ba77d0052427c7bffeb02a09f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e2-eed0-47df-a0f2-47e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:26.000Z",
|
|
"modified": "2016-04-27T12:30:26.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5de94bc0c4cc183c0ee5a48a7ae5ae43']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e2-6e5c-420e-b345-4a5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:26.000Z",
|
|
"modified": "2016-04-27T12:30:26.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5e47b31cf973beba682c2973ed3dc787']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e3-54a4-43d8-adef-4377950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:27.000Z",
|
|
"modified": "2016-04-27T12:30:27.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5e5f6b1fe260475872192d2ec3cb1462']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e3-cdb0-40e7-a583-499e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:27.000Z",
|
|
"modified": "2016-04-27T12:30:27.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5e9773741a5e18672664121f8e5f4191']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e4-cfb4-4a64-9854-4290950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:28.000Z",
|
|
"modified": "2016-04-27T12:30:28.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '5f08343486e42a0f8db0c0647c8255d1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e4-8974-4d01-be2d-42c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:28.000Z",
|
|
"modified": "2016-04-27T12:30:28.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '609e0b1940d034b6d222138e312c8dd2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e4-856c-4826-b3fc-4564950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:28.000Z",
|
|
"modified": "2016-04-27T12:30:28.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '60b89dc654ed71053466b6c1f9bec260']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e5-db58-48c8-8c88-4f72950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:29.000Z",
|
|
"modified": "2016-04-27T12:30:29.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '6148b71d713c80af2acfd3506d72a7a4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e5-6624-4066-9cf8-4813950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:29.000Z",
|
|
"modified": "2016-04-27T12:30:29.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '6179d744808ad893dabb7b7de6b4a488']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e6-eb04-4607-b349-42f2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:30.000Z",
|
|
"modified": "2016-04-27T12:30:30.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '619dade7c5a7444397b25c8e9a477e96']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e6-39c4-4a1a-b004-45a2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:30.000Z",
|
|
"modified": "2016-04-27T12:30:30.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '61e67e7f1e2644bb559902ba90e438a5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e6-630c-439b-90b6-47ba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:30.000Z",
|
|
"modified": "2016-04-27T12:30:30.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '62186f41850c54a46252a7291060760d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e7-2bec-4ec8-ad54-4214950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:31.000Z",
|
|
"modified": "2016-04-27T12:30:31.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '64c2cbc4bfd487e30f7b925fbbc751b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e7-8788-4bd2-9260-4daa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:31.000Z",
|
|
"modified": "2016-04-27T12:30:31.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '65eab2ed600f5ae45fe916a573ce72b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e8-db5c-49e1-86c8-42cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:32.000Z",
|
|
"modified": "2016-04-27T12:30:32.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '66e9dca8bb42dd41684c961951557109']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e8-c54c-4a58-b8ba-4f50950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:32.000Z",
|
|
"modified": "2016-04-27T12:30:32.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '67fe7190cefc9dad506ed3c1734ff708']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e8-b558-42a6-90cd-4f80950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:32.000Z",
|
|
"modified": "2016-04-27T12:30:32.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '692989b9681f80e9051359d15ec2297f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e9-656c-4cf0-96cb-402d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:33.000Z",
|
|
"modified": "2016-04-27T12:30:33.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '6ae2e0ed9ae6dca4ea1ba71ae287406c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0e9-4b08-4cd8-9241-40fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:33.000Z",
|
|
"modified": "2016-04-27T12:30:33.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '6de02d603b741c7a5fc949952088f567']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ea-f740-4337-a708-473f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:34.000Z",
|
|
"modified": "2016-04-27T12:30:34.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '6e2b5af3acf5306d8ac264a47193fe49']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ea-9150-474b-93cc-404c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:34.000Z",
|
|
"modified": "2016-04-27T12:30:34.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '6ee8919bd388494e5694b39ae24bd484']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ea-3234-4252-a3a9-4297950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:34.000Z",
|
|
"modified": "2016-04-27T12:30:34.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '6ef671cfdf28c7252db1c451ca37ec9a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0eb-da78-4111-a565-469b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:35.000Z",
|
|
"modified": "2016-04-27T12:30:35.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '70122f367b82c8dd489b0fafa32d0362']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0eb-3cb4-4b2b-9d14-45ac950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:35.000Z",
|
|
"modified": "2016-04-27T12:30:35.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7064de8a83750bd1b38c23324b3757e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ec-1fb4-4ab4-946d-4843950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:36.000Z",
|
|
"modified": "2016-04-27T12:30:36.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7089021c4ac0a7f38d52206653070af9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ec-1f84-40e0-ae3e-4d8b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:36.000Z",
|
|
"modified": "2016-04-27T12:30:36.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7211a069239cb354c6029f963c2a5f06']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ed-233c-4e11-ac57-48e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:36.000Z",
|
|
"modified": "2016-04-27T12:30:36.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '73d14b09f12eca5af555e5d205808064']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ed-7ee4-4626-886c-4851950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:37.000Z",
|
|
"modified": "2016-04-27T12:30:37.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7511ed572f555af27c47f2a02b64302d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ed-d160-4bf9-8e8f-4699950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:37.000Z",
|
|
"modified": "2016-04-27T12:30:37.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '75aab55e822bbca87f60970d37c8d7b3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ee-e010-4844-b8eb-43c6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:38.000Z",
|
|
"modified": "2016-04-27T12:30:38.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '75d87e15a789770c242fec0867359588']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ee-4918-43b9-a806-4478950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:38.000Z",
|
|
"modified": "2016-04-27T12:30:38.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '75e18289c8e9cc484e7e43ca656be24a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ef-1940-405f-a53a-4533950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:39.000Z",
|
|
"modified": "2016-04-27T12:30:39.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '76546e44fe4761503cb807a8d96a6719']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ef-9924-4fa2-86dd-4819950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:39.000Z",
|
|
"modified": "2016-04-27T12:30:39.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '766084da85eab06dc639a62ff381b541']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ef-34ac-4096-8ee3-4973950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:39.000Z",
|
|
"modified": "2016-04-27T12:30:39.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '778cc7e83ad27c92f30cea519989f47b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f0-bbe4-4ef5-accd-495f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:40.000Z",
|
|
"modified": "2016-04-27T12:30:40.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '788f75bf8f1330ec78d5d454bf88d17f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f0-e76c-4d30-b871-4a32950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:40.000Z",
|
|
"modified": "2016-04-27T12:30:40.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '79736c03eeda35ab7c3b6656048c0247']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f1-5c00-4ec6-8c65-4253950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:41.000Z",
|
|
"modified": "2016-04-27T12:30:41.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7b853f8219384485b8753a58259ad171']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f1-5968-46e8-961a-4711950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:41.000Z",
|
|
"modified": "2016-04-27T12:30:41.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7c3e5bace659e9ddf7444b744a8667e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f1-810c-4a43-8c25-4e6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:41.000Z",
|
|
"modified": "2016-04-27T12:30:41.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7d1c2d11a9b68a107ffb32c86675d8e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f2-d344-4852-a3a3-4cda950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:42.000Z",
|
|
"modified": "2016-04-27T12:30:42.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7d91f480e5a0c4372a43103f678eb328']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f2-f618-462d-96b0-41ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:42.000Z",
|
|
"modified": "2016-04-27T12:30:42.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7e0671fc66f9a482000414212bf725e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f2-df34-4bc4-8c65-4ba4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:42.000Z",
|
|
"modified": "2016-04-27T12:30:42.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '7f79a0ccc91f654de59c361af1964354']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f3-1da8-4282-8f68-472a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:43.000Z",
|
|
"modified": "2016-04-27T12:30:43.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '80a80e9f0b241ab3d0d9febab34d0e56']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f3-439c-4d0d-acb2-4383950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:43.000Z",
|
|
"modified": "2016-04-27T12:30:43.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '822c9b26e833e83790433895fe7e2d3b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f4-926c-4e59-8410-4a20950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:44.000Z",
|
|
"modified": "2016-04-27T12:30:44.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '836e64f3e9046e08cdf66b944718e48b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f4-1aac-4c6b-bc21-4b5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:44.000Z",
|
|
"modified": "2016-04-27T12:30:44.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '83e4610c9500a48b8d1721c11e5797e2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f4-37a4-401d-8e94-465d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:44.000Z",
|
|
"modified": "2016-04-27T12:30:44.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '84354edd9292441aeed05c548fdaed7c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f5-d5a8-4446-a13a-4c14950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:45.000Z",
|
|
"modified": "2016-04-27T12:30:45.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '84d600d85a061fa137e4b8fc82e1de2f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f5-7410-498f-9fc0-4881950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:45.000Z",
|
|
"modified": "2016-04-27T12:30:45.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '851953bee7687d96891f45f24297a50b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f6-1388-4c0f-82f1-40c5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:46.000Z",
|
|
"modified": "2016-04-27T12:30:46.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8599910e19552c9aa26db7be3e04be55']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f6-aa0c-45bf-831f-4f56950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:46.000Z",
|
|
"modified": "2016-04-27T12:30:46.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '859e9dbcbd0db577ff401537ae560e74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f6-6ba4-4185-950f-4afe950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:46.000Z",
|
|
"modified": "2016-04-27T12:30:46.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '85d866a99d6b130cbdde3949c015fec4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f7-16f8-4118-b3b5-4ed5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:47.000Z",
|
|
"modified": "2016-04-27T12:30:47.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '86484d0e432e8c7e8f1b213413157138']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f7-b6c4-4a47-8390-4cb0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:47.000Z",
|
|
"modified": "2016-04-27T12:30:47.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8895d772158f5456a80a2093aad516a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f8-bc5c-4665-b58c-4f55950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:48.000Z",
|
|
"modified": "2016-04-27T12:30:48.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '895a3b66c76c169b02843468062b1c5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f8-54dc-40eb-8471-410b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:48.000Z",
|
|
"modified": "2016-04-27T12:30:48.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '895ef967c9ee97c5b9f3bdc426f6ad0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f8-22ac-400d-b396-4f34950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:48.000Z",
|
|
"modified": "2016-04-27T12:30:48.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '898683c4f39ad83f53f38460e170fd77']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f9-e198-4f4e-9dad-43d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:49.000Z",
|
|
"modified": "2016-04-27T12:30:49.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8a0aae077c62d37ba9aeed2ad441dcf3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0f9-0644-49b7-a81a-4488950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:49.000Z",
|
|
"modified": "2016-04-27T12:30:49.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8a5c4d1d946a01b56f180c930438c1e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fa-ec4c-489c-868b-4464950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:50.000Z",
|
|
"modified": "2016-04-27T12:30:50.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8b56c493375d3b65d509793751509ba5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fa-da88-4388-bc7a-4e50950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:50.000Z",
|
|
"modified": "2016-04-27T12:30:50.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8ceb4223e6238955fa7e154a794d5d04']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fa-f358-470c-88c7-4162950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:50.000Z",
|
|
"modified": "2016-04-27T12:30:50.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8d7c7392767415031d9ded205f0b29ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fb-1d2c-43c6-8b07-4770950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:51.000Z",
|
|
"modified": "2016-04-27T12:30:51.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8dadd1162d01911160a5dbcdf081c5ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fb-93d8-4214-888c-44eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:51.000Z",
|
|
"modified": "2016-04-27T12:30:51.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8e1207efd35f03caf74fdff314368da9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fc-8f1c-40b9-b710-43d8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:52.000Z",
|
|
"modified": "2016-04-27T12:30:52.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8e5e0eb98e813371653b09864d4fc76a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fc-81b4-47c1-8d9f-4de2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:52.000Z",
|
|
"modified": "2016-04-27T12:30:52.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8f0243b5077bdb23baa1ceeedc697ff0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fc-a9ec-4bca-b471-4566950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:52.000Z",
|
|
"modified": "2016-04-27T12:30:52.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8f11770349001409163245422b8d4442']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fd-dedc-423c-b26b-4171950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:53.000Z",
|
|
"modified": "2016-04-27T12:30:53.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '8f1fa31155a38ce3d6bc0fba43a82362']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fd-e29c-419c-ac82-4c18950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:53.000Z",
|
|
"modified": "2016-04-27T12:30:53.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '90366f0731b60cf0c9959f06509d9ff5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fe-b98c-4e5d-8300-4104950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:54.000Z",
|
|
"modified": "2016-04-27T12:30:54.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '91a2746500d253633dd953692183fd76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fe-5ffc-42c8-af12-4174950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:54.000Z",
|
|
"modified": "2016-04-27T12:30:54.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '91c6a4e86d72c60beef95b75f9b4be82']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0fe-5320-4744-a1b5-41d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:54.000Z",
|
|
"modified": "2016-04-27T12:30:54.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '93323852f58c4e1b436a671651cc4998']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ff-4850-43c2-a1c7-4fb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:55.000Z",
|
|
"modified": "2016-04-27T12:30:55.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '93b8d4d9704c13d983cf99a1296259d2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b0ff-b270-4a5b-979d-4832950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:55.000Z",
|
|
"modified": "2016-04-27T12:30:55.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '940981070911dee2e2818216047d2ecb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b100-f700-40f8-9e24-4754950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:56.000Z",
|
|
"modified": "2016-04-27T12:30:56.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9461365a2bed17fb5b41536bf07ba165']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b100-5024-4afd-9cb1-43ac950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:56.000Z",
|
|
"modified": "2016-04-27T12:30:56.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '95921f248cd912e301c6b04120714d1f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b101-9b8c-4dbb-8548-493c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:57.000Z",
|
|
"modified": "2016-04-27T12:30:57.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '960d7dfa6f9c110732c34025687d5b60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b101-cb4c-4846-94ad-41a4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:57.000Z",
|
|
"modified": "2016-04-27T12:30:57.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9621369183946ebb60d9959828dd5e16']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b101-f51c-45c4-a2c0-48c8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:57.000Z",
|
|
"modified": "2016-04-27T12:30:57.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '97cbd88d4414b41939571e994add3756']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b102-733c-417d-a6c8-4771950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:58.000Z",
|
|
"modified": "2016-04-27T12:30:58.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '99236003238f8ee88b5c4c8d02fdd17d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b102-6e60-4737-bf52-4bb6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:58.000Z",
|
|
"modified": "2016-04-27T12:30:58.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9ab4cbd602ad8e5434e863bf0d84be2f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b103-4b08-4b73-883d-420e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:59.000Z",
|
|
"modified": "2016-04-27T12:30:59.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9ba65c06057c179efbc8a62f86f2db71']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b103-886c-40d3-8fc0-49c8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:59.000Z",
|
|
"modified": "2016-04-27T12:30:59.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9bdb39a159774154fabc23d06ad8d131']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b103-e078-4777-adea-45e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:30:59.000Z",
|
|
"modified": "2016-04-27T12:30:59.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9c3ba2e8d172253e9d8ce30735bfbf78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:30:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b104-92f0-48d8-9d86-4213950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:00.000Z",
|
|
"modified": "2016-04-27T12:31:00.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9cf27a07e0a4a6f6b1a8958241a6a83f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b104-6de4-4a3f-b943-4b78950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:00.000Z",
|
|
"modified": "2016-04-27T12:31:00.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9e173831c7f300e9dca9ee8725a34c5a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b105-072c-479f-b1a8-4f21950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:01.000Z",
|
|
"modified": "2016-04-27T12:31:01.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9e7d24027621c0ecfd13995f2e098e8c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b105-d838-4705-93b1-49b5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:01.000Z",
|
|
"modified": "2016-04-27T12:31:01.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '9f723da52e774a6c5d03d8ba5f6af51f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b105-2e84-40fc-978e-4acc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:01.000Z",
|
|
"modified": "2016-04-27T12:31:01.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a0c486b879e20d5ac1774736b48e832b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b106-be5c-43ba-b55f-4781950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:02.000Z",
|
|
"modified": "2016-04-27T12:31:02.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a152ea9ee04ca9790d195f9f3209b24a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b106-e08c-4137-b129-4e6b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:02.000Z",
|
|
"modified": "2016-04-27T12:31:02.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a1803ced57c1917f642ed407fc006659']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b107-2b80-40ec-9fcc-4579950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:03.000Z",
|
|
"modified": "2016-04-27T12:31:03.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a1c504f51654200e6d0e424f38700f14']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b107-d788-40a5-9627-4050950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:03.000Z",
|
|
"modified": "2016-04-27T12:31:03.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a1d5f30ea6fc30d611c2636da4e763d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b107-e310-4812-93a8-4981950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:03.000Z",
|
|
"modified": "2016-04-27T12:31:03.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a1e7602b96d78fc37b5e1d271dbab273']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b108-8668-41b1-8110-4884950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:04.000Z",
|
|
"modified": "2016-04-27T12:31:04.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a2c5ffc33a96c6b10ae9afdaf5d00e62']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b108-f83c-4220-9b71-4f39950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:04.000Z",
|
|
"modified": "2016-04-27T12:31:04.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a31adc93ea76a4e2dfb6ae199fc0a294']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b109-30d4-4ea7-9156-4575950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:05.000Z",
|
|
"modified": "2016-04-27T12:31:05.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a3aaff686bf34d60b8319ef2525387d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b109-cd74-434e-9105-4594950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:05.000Z",
|
|
"modified": "2016-04-27T12:31:05.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a3ecea301bbe612ef9e17a502ee94b21']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b109-a214-47cc-b47a-4232950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:05.000Z",
|
|
"modified": "2016-04-27T12:31:05.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a44b5c01378dd89c1c17565736f6c47b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10a-63c8-467f-bb47-46be950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:06.000Z",
|
|
"modified": "2016-04-27T12:31:06.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a4c8b0199f92f9be7b482df2bcce8162']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10a-a578-4439-9da4-4285950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:06.000Z",
|
|
"modified": "2016-04-27T12:31:06.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a4cba22ecfa33d1a4ad69be4616eeaf7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10b-fd7c-4982-bca3-4dfc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:07.000Z",
|
|
"modified": "2016-04-27T12:31:07.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a4f19520957bee3d68755a3978fb16be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10b-7354-4094-a985-4dd3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:07.000Z",
|
|
"modified": "2016-04-27T12:31:07.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a61d0ea6e5711135383a3592e6b31e49']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10b-9fb4-4ae3-9ba2-4e6d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:07.000Z",
|
|
"modified": "2016-04-27T12:31:07.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a639338fd99cfd50292425d36618074c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10c-0034-4908-a8db-4dd9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:08.000Z",
|
|
"modified": "2016-04-27T12:31:08.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a6c5d89df0774fdd1643080548bfe718']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10c-4b8c-4a2c-a498-48e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:08.000Z",
|
|
"modified": "2016-04-27T12:31:08.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a893d3cfce6e8869b35a8140089ec854']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10d-6068-4d3f-87f0-427c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:09.000Z",
|
|
"modified": "2016-04-27T12:31:09.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a8f2d507661b76a94971dcf7d593fc8a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10d-7104-44d0-bcc0-422b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:09.000Z",
|
|
"modified": "2016-04-27T12:31:09.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a9776f2633565419e55f6842a0b74278']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10d-e97c-483f-ac3c-4169950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:09.000Z",
|
|
"modified": "2016-04-27T12:31:09.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'a9ce99d1788c13edaa3fb7f92ebb1240']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10e-ccd0-4417-879c-472b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:10.000Z",
|
|
"modified": "2016-04-27T12:31:10.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'aa48cd40fcfe561bb5cd274549c94d6f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10e-ffa8-4dee-897f-4a28950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:10.000Z",
|
|
"modified": "2016-04-27T12:31:10.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'aa5216ce42e1c279042662c018509140']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10f-a37c-424f-bc25-4bed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:11.000Z",
|
|
"modified": "2016-04-27T12:31:11.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'aa735ae056b57471bbe3499517afd057']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b10f-7cbc-4041-97e7-41e8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:11.000Z",
|
|
"modified": "2016-04-27T12:31:11.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'ac6a922fd8c604eb56da5413c2368be7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b110-2ea4-4948-8016-4de9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:12.000Z",
|
|
"modified": "2016-04-27T12:31:12.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'ac8ad3eb56d2a94db30d3f4acfe4b548']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b110-6284-4399-8022-4a47950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:12.000Z",
|
|
"modified": "2016-04-27T12:31:12.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'acfc48ed626369cf0fb6e1872c92e1bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b110-e5c8-440e-b241-42ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:12.000Z",
|
|
"modified": "2016-04-27T12:31:12.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'ad75d090f865cbab68c411682ad2eb89']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b111-fd2c-4d74-9449-4e9d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:13.000Z",
|
|
"modified": "2016-04-27T12:31:13.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'ad99f483836492e34c072764db219fe4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b111-c0a4-4fc0-9167-48e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:13.000Z",
|
|
"modified": "2016-04-27T12:31:13.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'addd10c396fb3c1998ea451710f6f6f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b112-3ee8-4fb0-aa1e-4375950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:14.000Z",
|
|
"modified": "2016-04-27T12:31:14.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'aea04d46b9a4097155afcb3a80aafb8f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b112-9a84-4d3f-b4b0-4f4e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:14.000Z",
|
|
"modified": "2016-04-27T12:31:14.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'af60a1f801ee3d5ba256c9354d8e9ca3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b112-eea8-42ce-866d-45c3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:14.000Z",
|
|
"modified": "2016-04-27T12:31:14.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'af732879ff0b20eb02386a16581c8a4b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b113-286c-4abe-b07f-4184950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:15.000Z",
|
|
"modified": "2016-04-27T12:31:15.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'afbfbb0fc1e7cbf56732d2afaeb21302']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b113-7f4c-4882-90ff-411e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:15.000Z",
|
|
"modified": "2016-04-27T12:31:15.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b0737a9732647803bab45e64b4dc8f42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b114-4ee4-4d51-9574-4834950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:16.000Z",
|
|
"modified": "2016-04-27T12:31:16.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b11bb0abd2a72e0ca88fe9817d42e139']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b114-cf38-4bec-b932-420a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:16.000Z",
|
|
"modified": "2016-04-27T12:31:16.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b2e0eae1d879287da6155ffa1ffff440']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b114-3924-4a2f-a4f4-4c1d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:16.000Z",
|
|
"modified": "2016-04-27T12:31:16.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b371fd7024687fa205135e2f3425822d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b115-fbe0-45e6-98a0-4fb9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:17.000Z",
|
|
"modified": "2016-04-27T12:31:17.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b4298ce2eab75b9729ae3ac54e44e4d1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b115-1748-447f-a02c-4d15950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:17.000Z",
|
|
"modified": "2016-04-27T12:31:17.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b536f2134d75a4ac257071615e227a7d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b116-aac0-437d-8bce-4c15950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:18.000Z",
|
|
"modified": "2016-04-27T12:31:18.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b56b456488358fcdc0ce95df7e0309cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b116-e71c-4b88-9a6b-4c69950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:18.000Z",
|
|
"modified": "2016-04-27T12:31:18.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b57618a7098fa9fcc14b8779b71ba62a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b116-b6bc-4f0c-8ecb-448f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:18.000Z",
|
|
"modified": "2016-04-27T12:31:18.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b5afb1b35f7ee56218ee1c0d6ba92fb7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b117-f630-4bec-a72b-49a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:19.000Z",
|
|
"modified": "2016-04-27T12:31:19.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b5f1fe0ab8ef34d6429916b6257e682b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b117-9bdc-46a9-b604-410c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:19.000Z",
|
|
"modified": "2016-04-27T12:31:19.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b66eb248e1ca0c35bc7e518fa4d5757a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b118-50bc-4d06-9133-4730950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:20.000Z",
|
|
"modified": "2016-04-27T12:31:20.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b6f52abceb49c6d38e29de6951f768fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b118-dbf4-4b4a-ab2f-45a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:20.000Z",
|
|
"modified": "2016-04-27T12:31:20.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b7343a1094f139699bc4698343d2b7ad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b118-92a4-4807-8a49-4706950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:20.000Z",
|
|
"modified": "2016-04-27T12:31:20.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b80f53f44e737aa1ecc40a1c5cf10a5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b119-d370-4634-80c9-4046950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:21.000Z",
|
|
"modified": "2016-04-27T12:31:21.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b9057cc24a9d4bde42198d3956ee46e6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b119-0580-4006-9774-4329950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:21.000Z",
|
|
"modified": "2016-04-27T12:31:21.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'b9680d7e427bc2a3ed0320fb15023a88']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11a-93c8-4fb4-a57a-4195950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:22.000Z",
|
|
"modified": "2016-04-27T12:31:22.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'ba1c5315933c1a4d446bf90eb9d7c8c6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11a-40c0-4394-891c-4412950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:22.000Z",
|
|
"modified": "2016-04-27T12:31:22.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'bbb20fe1b97f12934b70cb1a7d2399d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11a-ab2c-48f6-b27e-4f7d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:22.000Z",
|
|
"modified": "2016-04-27T12:31:22.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'bbfac3011f9e3b239e4eb9f9d6b82763']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11b-6330-423e-b7d7-4a47950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:23.000Z",
|
|
"modified": "2016-04-27T12:31:23.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'bcd595f9eb7fba9fa82c21805ebb1535']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11b-7c38-4113-8b8d-4291950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:23.000Z",
|
|
"modified": "2016-04-27T12:31:23.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'bd8c50221e6ec939f7b4df54795bca20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11c-a240-40aa-a0a5-4328950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:24.000Z",
|
|
"modified": "2016-04-27T12:31:24.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'bd9ebb6baf95d25fc54568bb4c37567b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11c-8e14-421d-abfb-479e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:24.000Z",
|
|
"modified": "2016-04-27T12:31:24.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'bddd52910f0c40b538418144ae0b63ac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11d-a7c0-4057-a504-4fab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:25.000Z",
|
|
"modified": "2016-04-27T12:31:25.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'bde66ebf8cd08b301b0b6c3140df5fed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11d-99f8-4f77-af83-446b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:25.000Z",
|
|
"modified": "2016-04-27T12:31:25.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'be10e76060c3bbc59c1d87bdc3abeb12']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11d-8e20-4db4-b0a2-4a7e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:25.000Z",
|
|
"modified": "2016-04-27T12:31:25.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'c23c4130ffebf9ffe60136b7099f8603']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11e-886c-42b1-aba7-437d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:26.000Z",
|
|
"modified": "2016-04-27T12:31:26.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'c2eb3eed3f2082cf05e7c785cfab5487']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11e-bd5c-4688-97c2-4ae2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:26.000Z",
|
|
"modified": "2016-04-27T12:31:26.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'c36230f577cfa4d25e29be00ada59d91']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11f-72b4-4dda-967b-4802950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:27.000Z",
|
|
"modified": "2016-04-27T12:31:27.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'c39f6e984efcbf40612a3acb780b638a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11f-1140-45a6-b362-4b1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:27.000Z",
|
|
"modified": "2016-04-27T12:31:27.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'c528caa8cffd76825748507b8b0ad03e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b11f-8a9c-4b51-9143-4cf9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:27.000Z",
|
|
"modified": "2016-04-27T12:31:27.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'c5dd6c26c4c1e03fd1ec51cb1dec91ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b120-2608-43de-b8b5-401f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:28.000Z",
|
|
"modified": "2016-04-27T12:31:28.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'c620fef9ebfa83e84c51134d14d44ec8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b120-0cfc-4c25-a8b4-4f91950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:28.000Z",
|
|
"modified": "2016-04-27T12:31:28.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '27660806ff465edbe0f285ab67a9a348']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b121-687c-4127-8b45-47f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:29.000Z",
|
|
"modified": "2016-04-27T12:31:29.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '36966643d45c09afb42a40fa6f71b38c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b121-c3d8-4cf4-975f-401a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:29.000Z",
|
|
"modified": "2016-04-27T12:31:29.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '458a8c5f99417f5031885116e40117ae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b121-a13c-48cf-98bc-4083950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:29.000Z",
|
|
"modified": "2016-04-27T12:31:29.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '4aebe1ff92fad7c4dba9f8a26b6a61d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b122-31d4-4485-ab3d-4e86950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:30.000Z",
|
|
"modified": "2016-04-27T12:31:30.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '551f94100c04ed328ddeaf4817734eb5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b122-67b0-407f-af3a-4a73950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:30.000Z",
|
|
"modified": "2016-04-27T12:31:30.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = '6fb3c026537a0248f4ef40b98a9f1821']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b123-8228-4897-920a-4311950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:31.000Z",
|
|
"modified": "2016-04-27T12:31:31.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'acf114610271e97cb58b172d135564bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b123-78fc-4820-a092-405a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:31.000Z",
|
|
"modified": "2016-04-27T12:31:31.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'ccabfa1d72797c635eb241f82a892e22']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b123-0a80-4e7a-84c4-4c02950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:31.000Z",
|
|
"modified": "2016-04-27T12:31:31.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'cf5451b8b53092266321a421ba9224ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b124-7a60-4071-9fae-47db950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:32.000Z",
|
|
"modified": "2016-04-27T12:31:32.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'd5ea3a22bce77e4bc279ca7903c3288a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b124-fc4c-4934-a9b9-4d89950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:31:32.000Z",
|
|
"modified": "2016-04-27T12:31:32.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:hashes.MD5 = 'eb7d7dacebba8741c2d483f0fcabdc82']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:31:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b2e6-1024-41d4-89a4-499a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:39:02.000Z",
|
|
"modified": "2016-04-27T12:39:02.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[file:name = 'org.starsizew' AND file:hashes.MD5 = 'd8caad151e07025fdbf5f3c26e3ceaff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:39:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename|md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b33f-f968-4e42-a4e8-4fed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:40:31.000Z",
|
|
"modified": "2016-04-27T12:40:31.000Z",
|
|
"description": "Number of RuMMMS Apps connected: 277",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.1.207.31']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:40:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b340-1128-4d91-aaf3-4dd6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:40:32.000Z",
|
|
"modified": "2016-04-27T12:40:32.000Z",
|
|
"description": "Number of RuMMMS Apps connected: 15",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.1.207.115']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:40:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b340-3cac-405c-b0a6-4732950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:40:32.000Z",
|
|
"modified": "2016-04-27T12:40:32.000Z",
|
|
"description": "Number of RuMMMS Apps connected: 3",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.45.75.4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:40:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b340-20c4-439f-afc2-45cb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:40:32.000Z",
|
|
"modified": "2016-04-27T12:40:32.000Z",
|
|
"description": "Number of RuMMMS Apps connected: 2",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.45.73.20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:40:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b4fc-5d9c-47a4-972b-49af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:47:56.000Z",
|
|
"modified": "2016-04-27T12:47:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: eb7d7dacebba8741c2d483f0fcabdc82",
|
|
"pattern": "[file:hashes.SHA256 = 'c880ea568000c5ceeabc03b5af014e05ce3453d65d374027d450e203e5e8d461']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:47:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b4fc-a2f4-4e49-9860-483602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:47:56.000Z",
|
|
"modified": "2016-04-27T12:47:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: eb7d7dacebba8741c2d483f0fcabdc82",
|
|
"pattern": "[file:hashes.SHA1 = '05ed712f75066aaf827813b81bdff9f31e7f75ee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:47:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b4fd-4a20-4507-8bdb-471d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:47:57.000Z",
|
|
"modified": "2016-04-27T12:47:57.000Z",
|
|
"first_observed": "2016-04-27T12:47:57Z",
|
|
"last_observed": "2016-04-27T12:47:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b4fd-4a20-4507-8bdb-471d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b4fd-4a20-4507-8bdb-471d02de0b81",
|
|
"value": "https://www.virustotal.com/file/c880ea568000c5ceeabc03b5af014e05ce3453d65d374027d450e203e5e8d461/analysis/1459237150/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b4fd-5ab4-447a-ab41-45b602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:47:57.000Z",
|
|
"modified": "2016-04-27T12:47:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: d5ea3a22bce77e4bc279ca7903c3288a",
|
|
"pattern": "[file:hashes.SHA256 = '2a3489c4096adc6b6d4b07ad4dbfc10bde077519461e6cb36bc14ef2cc21108d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:47:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b4ff-fa20-4ac7-84f0-499602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:47:59.000Z",
|
|
"modified": "2016-04-27T12:47:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: d5ea3a22bce77e4bc279ca7903c3288a",
|
|
"pattern": "[file:hashes.SHA1 = 'c1a80db179dc75e530937f8cc732d2d6294495e0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:47:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b4ff-82d8-432e-a884-412502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:47:59.000Z",
|
|
"modified": "2016-04-27T12:47:59.000Z",
|
|
"first_observed": "2016-04-27T12:47:59Z",
|
|
"last_observed": "2016-04-27T12:47:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b4ff-82d8-432e-a884-412502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b4ff-82d8-432e-a884-412502de0b81",
|
|
"value": "https://www.virustotal.com/file/2a3489c4096adc6b6d4b07ad4dbfc10bde077519461e6cb36bc14ef2cc21108d/analysis/1460129759/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b500-e5e0-40b7-904f-4f1c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:00.000Z",
|
|
"modified": "2016-04-27T12:48:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: cf5451b8b53092266321a421ba9224ca",
|
|
"pattern": "[file:hashes.SHA256 = '15c33a470e8a05c2646848b972fd6475b951a22e6880994a3a8bb2d7f5245ed8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b500-9ed4-4f7b-8c85-418c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:00.000Z",
|
|
"modified": "2016-04-27T12:48:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: cf5451b8b53092266321a421ba9224ca",
|
|
"pattern": "[file:hashes.SHA1 = '1ac860e6ba7e697144e261d89886bd7fd463b924']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b501-b874-4291-a650-46c702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:01.000Z",
|
|
"modified": "2016-04-27T12:48:01.000Z",
|
|
"first_observed": "2016-04-27T12:48:01Z",
|
|
"last_observed": "2016-04-27T12:48:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b501-b874-4291-a650-46c702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b501-b874-4291-a650-46c702de0b81",
|
|
"value": "https://www.virustotal.com/file/15c33a470e8a05c2646848b972fd6475b951a22e6880994a3a8bb2d7f5245ed8/analysis/1460136298/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b501-25c0-4819-88a3-46d402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:01.000Z",
|
|
"modified": "2016-04-27T12:48:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ccabfa1d72797c635eb241f82a892e22",
|
|
"pattern": "[file:hashes.SHA256 = '68f69026df5dcd2696a217bc7083a19665939c4012e0893ec2f0e29336a949db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b502-607c-483f-9e43-4c0102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:02.000Z",
|
|
"modified": "2016-04-27T12:48:02.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ccabfa1d72797c635eb241f82a892e22",
|
|
"pattern": "[file:hashes.SHA1 = '6685698264238f04ce75d47d26e393d15a0a818e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b502-5608-4540-a287-479c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:02.000Z",
|
|
"modified": "2016-04-27T12:48:02.000Z",
|
|
"first_observed": "2016-04-27T12:48:02Z",
|
|
"last_observed": "2016-04-27T12:48:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b502-5608-4540-a287-479c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b502-5608-4540-a287-479c02de0b81",
|
|
"value": "https://www.virustotal.com/file/68f69026df5dcd2696a217bc7083a19665939c4012e0893ec2f0e29336a949db/analysis/1455745697/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b503-a8c4-47b8-8d77-474602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:02.000Z",
|
|
"modified": "2016-04-27T12:48:02.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: acf114610271e97cb58b172d135564bb",
|
|
"pattern": "[file:hashes.SHA256 = '8c18e0144527029f1a0fc87fc246f19f619b12dd7440451f0040cd6b428085c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b503-b404-4f9e-b10c-466302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:03.000Z",
|
|
"modified": "2016-04-27T12:48:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: acf114610271e97cb58b172d135564bb",
|
|
"pattern": "[file:hashes.SHA1 = '4cbe069daf2e45d7cb4bd0d1379b4664402071c4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b503-10d0-49da-8f38-408502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:03.000Z",
|
|
"modified": "2016-04-27T12:48:03.000Z",
|
|
"first_observed": "2016-04-27T12:48:03Z",
|
|
"last_observed": "2016-04-27T12:48:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b503-10d0-49da-8f38-408502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b503-10d0-49da-8f38-408502de0b81",
|
|
"value": "https://www.virustotal.com/file/8c18e0144527029f1a0fc87fc246f19f619b12dd7440451f0040cd6b428085c8/analysis/1455743675/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b504-9ed4-4dc4-ba46-430102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:04.000Z",
|
|
"modified": "2016-04-27T12:48:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6fb3c026537a0248f4ef40b98a9f1821",
|
|
"pattern": "[file:hashes.SHA256 = '0d3a592e5ef89dd9bc7afa2418214646d81305730bb32237827a3d2fbc829520']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b504-7878-47d5-9321-401c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:04.000Z",
|
|
"modified": "2016-04-27T12:48:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6fb3c026537a0248f4ef40b98a9f1821",
|
|
"pattern": "[file:hashes.SHA1 = '74282a8c1463b1b8ef0230e1281e23659cbb459b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b504-0780-4e98-b7aa-4c6902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:04.000Z",
|
|
"modified": "2016-04-27T12:48:04.000Z",
|
|
"first_observed": "2016-04-27T12:48:04Z",
|
|
"last_observed": "2016-04-27T12:48:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b504-0780-4e98-b7aa-4c6902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b504-0780-4e98-b7aa-4c6902de0b81",
|
|
"value": "https://www.virustotal.com/file/0d3a592e5ef89dd9bc7afa2418214646d81305730bb32237827a3d2fbc829520/analysis/1460138843/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b505-da98-457c-888d-46d802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:05.000Z",
|
|
"modified": "2016-04-27T12:48:05.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 551f94100c04ed328ddeaf4817734eb5",
|
|
"pattern": "[file:hashes.SHA256 = '799ceec0169b21d15062ae444ae87c776e77c2d14b8ae5d61ec121ee1ea277d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b505-e75c-4d82-b2fa-42e602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:05.000Z",
|
|
"modified": "2016-04-27T12:48:05.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 551f94100c04ed328ddeaf4817734eb5",
|
|
"pattern": "[file:hashes.SHA1 = '709a29bad49f1af014371a8ae8d5f5507825ec4e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b505-6b18-4b54-be23-4fd702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:05.000Z",
|
|
"modified": "2016-04-27T12:48:05.000Z",
|
|
"first_observed": "2016-04-27T12:48:05Z",
|
|
"last_observed": "2016-04-27T12:48:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b505-6b18-4b54-be23-4fd702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b505-6b18-4b54-be23-4fd702de0b81",
|
|
"value": "https://www.virustotal.com/file/799ceec0169b21d15062ae444ae87c776e77c2d14b8ae5d61ec121ee1ea277d5/analysis/1459996371/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b506-b7b0-40ec-9824-436102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:06.000Z",
|
|
"modified": "2016-04-27T12:48:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4aebe1ff92fad7c4dba9f8a26b6a61d3",
|
|
"pattern": "[file:hashes.SHA256 = 'b220dafc03e9625ec8a6c6e0eba7b914bbd407b7b43ce47cd0aa3c76660d981e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b506-42e4-4111-a720-4b5202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:06.000Z",
|
|
"modified": "2016-04-27T12:48:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4aebe1ff92fad7c4dba9f8a26b6a61d3",
|
|
"pattern": "[file:hashes.SHA1 = '45a684f901229ce1bae9a8c855a61e7f210a1202']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b507-d798-4936-8177-4beb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:07.000Z",
|
|
"modified": "2016-04-27T12:48:07.000Z",
|
|
"first_observed": "2016-04-27T12:48:07Z",
|
|
"last_observed": "2016-04-27T12:48:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b507-d798-4936-8177-4beb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b507-d798-4936-8177-4beb02de0b81",
|
|
"value": "https://www.virustotal.com/file/b220dafc03e9625ec8a6c6e0eba7b914bbd407b7b43ce47cd0aa3c76660d981e/analysis/1455736334/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b507-c7e8-42cd-a3c0-4f1502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:07.000Z",
|
|
"modified": "2016-04-27T12:48:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 458a8c5f99417f5031885116e40117ae",
|
|
"pattern": "[file:hashes.SHA256 = 'f0b48d2e1811b0af7b0e96644b2f5c472f209f346b11e19f01cd75f908393eca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b508-bbf0-4973-be9a-443602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:08.000Z",
|
|
"modified": "2016-04-27T12:48:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 458a8c5f99417f5031885116e40117ae",
|
|
"pattern": "[file:hashes.SHA1 = 'c8983e41af101d4d70427105b24eb185734ac99a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b508-bb40-4399-b31e-421602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:08.000Z",
|
|
"modified": "2016-04-27T12:48:08.000Z",
|
|
"first_observed": "2016-04-27T12:48:08Z",
|
|
"last_observed": "2016-04-27T12:48:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b508-bb40-4399-b31e-421602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b508-bb40-4399-b31e-421602de0b81",
|
|
"value": "https://www.virustotal.com/file/f0b48d2e1811b0af7b0e96644b2f5c472f209f346b11e19f01cd75f908393eca/analysis/1455736094/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b508-d894-4f22-96cb-429c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:08.000Z",
|
|
"modified": "2016-04-27T12:48:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 36966643d45c09afb42a40fa6f71b38c",
|
|
"pattern": "[file:hashes.SHA256 = 'c08afcd6213787455e56c54a303822221a954d5ec8f4937ecd734ca2a753d7f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b509-0f48-42d3-9411-48fa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:09.000Z",
|
|
"modified": "2016-04-27T12:48:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 36966643d45c09afb42a40fa6f71b38c",
|
|
"pattern": "[file:hashes.SHA1 = '39f07bdf68e935135d5ff95b948f7e4aa581838b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b509-5f0c-42cd-96c7-4de002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:09.000Z",
|
|
"modified": "2016-04-27T12:48:09.000Z",
|
|
"first_observed": "2016-04-27T12:48:09Z",
|
|
"last_observed": "2016-04-27T12:48:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b509-5f0c-42cd-96c7-4de002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b509-5f0c-42cd-96c7-4de002de0b81",
|
|
"value": "https://www.virustotal.com/file/c08afcd6213787455e56c54a303822221a954d5ec8f4937ecd734ca2a753d7f3/analysis/1455735189/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50a-a1ac-45e0-beda-47b002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:10.000Z",
|
|
"modified": "2016-04-27T12:48:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 27660806ff465edbe0f285ab67a9a348",
|
|
"pattern": "[file:hashes.SHA256 = '537e0e9d762ab89f6607ed31fd407142909c652958f4522bf8b1a9958b3c10de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50a-13b0-469b-9c60-40bc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:10.000Z",
|
|
"modified": "2016-04-27T12:48:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 27660806ff465edbe0f285ab67a9a348",
|
|
"pattern": "[file:hashes.SHA1 = 'c8b8d7b5fbb0a2653a819aee252e0de7509f645c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b50b-91fc-4a93-9887-4dfc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:11.000Z",
|
|
"modified": "2016-04-27T12:48:11.000Z",
|
|
"first_observed": "2016-04-27T12:48:11Z",
|
|
"last_observed": "2016-04-27T12:48:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b50b-91fc-4a93-9887-4dfc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b50b-91fc-4a93-9887-4dfc02de0b81",
|
|
"value": "https://www.virustotal.com/file/537e0e9d762ab89f6607ed31fd407142909c652958f4522bf8b1a9958b3c10de/analysis/1460712133/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50b-32e0-4b80-97da-4b3b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:11.000Z",
|
|
"modified": "2016-04-27T12:48:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c620fef9ebfa83e84c51134d14d44ec8",
|
|
"pattern": "[file:hashes.SHA256 = 'd1802102b1a99bbc8729781899a93959ac5b34926be3517456bbb6a0253586c7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50b-76d8-4fbe-9389-44cc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:11.000Z",
|
|
"modified": "2016-04-27T12:48:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c620fef9ebfa83e84c51134d14d44ec8",
|
|
"pattern": "[file:hashes.SHA1 = '7f4c2abb177f989aef5276a8a0dc18dec2931ef6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b50c-ffec-45a8-833e-4ce202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:12.000Z",
|
|
"modified": "2016-04-27T12:48:12.000Z",
|
|
"first_observed": "2016-04-27T12:48:12Z",
|
|
"last_observed": "2016-04-27T12:48:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b50c-ffec-45a8-833e-4ce202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b50c-ffec-45a8-833e-4ce202de0b81",
|
|
"value": "https://www.virustotal.com/file/d1802102b1a99bbc8729781899a93959ac5b34926be3517456bbb6a0253586c7/analysis/1455745202/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50c-1b9c-4575-a13d-4a6202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:12.000Z",
|
|
"modified": "2016-04-27T12:48:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c5dd6c26c4c1e03fd1ec51cb1dec91ca",
|
|
"pattern": "[file:hashes.SHA256 = 'ad978fc3e7efa123a8920fa75b8d7047df7a98ddc4ed88a3845c99626942e0d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50d-fe94-47d3-b3ea-45ea02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:13.000Z",
|
|
"modified": "2016-04-27T12:48:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c5dd6c26c4c1e03fd1ec51cb1dec91ca",
|
|
"pattern": "[file:hashes.SHA1 = '41b6c55ed0c62a6854c351df33b133c47ad9658c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b50d-ff88-4035-a9ea-4f4002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:13.000Z",
|
|
"modified": "2016-04-27T12:48:13.000Z",
|
|
"first_observed": "2016-04-27T12:48:13Z",
|
|
"last_observed": "2016-04-27T12:48:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b50d-ff88-4035-a9ea-4f4002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b50d-ff88-4035-a9ea-4f4002de0b81",
|
|
"value": "https://www.virustotal.com/file/ad978fc3e7efa123a8920fa75b8d7047df7a98ddc4ed88a3845c99626942e0d3/analysis/1455745220/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50d-7a40-4872-a12c-4c7602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:13.000Z",
|
|
"modified": "2016-04-27T12:48:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c528caa8cffd76825748507b8b0ad03e",
|
|
"pattern": "[file:hashes.SHA256 = '85d3b6918fb87b03c8e0177352d7fd4950978c4d0c58bd4134d4a72ebc8e4d0c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50e-d350-4e37-8ad5-497a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:14.000Z",
|
|
"modified": "2016-04-27T12:48:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c528caa8cffd76825748507b8b0ad03e",
|
|
"pattern": "[file:hashes.SHA1 = '6b99834b0fdd294ed40b7880aca1a4a42d931f52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b50e-9350-4586-9964-47fe02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:14.000Z",
|
|
"modified": "2016-04-27T12:48:14.000Z",
|
|
"first_observed": "2016-04-27T12:48:14Z",
|
|
"last_observed": "2016-04-27T12:48:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b50e-9350-4586-9964-47fe02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b50e-9350-4586-9964-47fe02de0b81",
|
|
"value": "https://www.virustotal.com/file/85d3b6918fb87b03c8e0177352d7fd4950978c4d0c58bd4134d4a72ebc8e4d0c/analysis/1459180853/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50f-94f0-4e39-9e12-4f6802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:15.000Z",
|
|
"modified": "2016-04-27T12:48:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c39f6e984efcbf40612a3acb780b638a",
|
|
"pattern": "[file:hashes.SHA256 = 'f8688223e6cf11a39b6f7a59b0146bb2121bc153116053d3d257c4565a0010e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b50f-b86c-454f-a91e-4d8a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:15.000Z",
|
|
"modified": "2016-04-27T12:48:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c39f6e984efcbf40612a3acb780b638a",
|
|
"pattern": "[file:hashes.SHA1 = 'e4146c1fad649cb5604bdc0a7f79d837fa56610f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b510-d190-4731-bf2c-423702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:16.000Z",
|
|
"modified": "2016-04-27T12:48:16.000Z",
|
|
"first_observed": "2016-04-27T12:48:16Z",
|
|
"last_observed": "2016-04-27T12:48:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b510-d190-4731-bf2c-423702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b510-d190-4731-bf2c-423702de0b81",
|
|
"value": "https://www.virustotal.com/file/f8688223e6cf11a39b6f7a59b0146bb2121bc153116053d3d257c4565a0010e4/analysis/1454319696/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b510-ca7c-4f06-b42c-46e702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:16.000Z",
|
|
"modified": "2016-04-27T12:48:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c36230f577cfa4d25e29be00ada59d91",
|
|
"pattern": "[file:hashes.SHA256 = '37292ab423ef462b4df34e84116f85f1d0fcf8f8095045170c332cd7164fdda3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b510-9718-4053-9c5a-4eae02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:16.000Z",
|
|
"modified": "2016-04-27T12:48:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c36230f577cfa4d25e29be00ada59d91",
|
|
"pattern": "[file:hashes.SHA1 = 'a5f5cc5c552eddd684571d07dcac8887ac53f17a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b511-5444-4a6a-bf74-433f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:17.000Z",
|
|
"modified": "2016-04-27T12:48:17.000Z",
|
|
"first_observed": "2016-04-27T12:48:17Z",
|
|
"last_observed": "2016-04-27T12:48:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b511-5444-4a6a-bf74-433f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b511-5444-4a6a-bf74-433f02de0b81",
|
|
"value": "https://www.virustotal.com/file/37292ab423ef462b4df34e84116f85f1d0fcf8f8095045170c332cd7164fdda3/analysis/1460126145/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b511-0050-47f0-86a3-41e102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:17.000Z",
|
|
"modified": "2016-04-27T12:48:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c2eb3eed3f2082cf05e7c785cfab5487",
|
|
"pattern": "[file:hashes.SHA256 = '1c5d7d88273c2055d11a0bd008745a4e4ee78879d7ea69af637cfa1da280fe15']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b512-2c30-41d3-a6ae-47ce02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:18.000Z",
|
|
"modified": "2016-04-27T12:48:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c2eb3eed3f2082cf05e7c785cfab5487",
|
|
"pattern": "[file:hashes.SHA1 = '4b5d6992dab97651e0a1b06521db086ae621ea68']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b512-6830-4017-825c-438002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:18.000Z",
|
|
"modified": "2016-04-27T12:48:18.000Z",
|
|
"first_observed": "2016-04-27T12:48:18Z",
|
|
"last_observed": "2016-04-27T12:48:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b512-6830-4017-825c-438002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b512-6830-4017-825c-438002de0b81",
|
|
"value": "https://www.virustotal.com/file/1c5d7d88273c2055d11a0bd008745a4e4ee78879d7ea69af637cfa1da280fe15/analysis/1456606214/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b513-cf54-4adc-b49e-44c402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:19.000Z",
|
|
"modified": "2016-04-27T12:48:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c23c4130ffebf9ffe60136b7099f8603",
|
|
"pattern": "[file:hashes.SHA256 = '4251745b1e2ecd332f21b0ad04c4ab30c453ea188f888268bdd26e2cb59f19c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b513-991c-46e1-944e-4c4302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:19.000Z",
|
|
"modified": "2016-04-27T12:48:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: c23c4130ffebf9ffe60136b7099f8603",
|
|
"pattern": "[file:hashes.SHA1 = 'e98153efaa69946ec7e1740545e7f518f5c9acec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b513-3aec-47f7-9cb5-4d2202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:19.000Z",
|
|
"modified": "2016-04-27T12:48:19.000Z",
|
|
"first_observed": "2016-04-27T12:48:19Z",
|
|
"last_observed": "2016-04-27T12:48:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b513-3aec-47f7-9cb5-4d2202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b513-3aec-47f7-9cb5-4d2202de0b81",
|
|
"value": "https://www.virustotal.com/file/4251745b1e2ecd332f21b0ad04c4ab30c453ea188f888268bdd26e2cb59f19c3/analysis/1455744969/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b514-3e50-41fd-b507-405f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:20.000Z",
|
|
"modified": "2016-04-27T12:48:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: be10e76060c3bbc59c1d87bdc3abeb12",
|
|
"pattern": "[file:hashes.SHA256 = 'abfa7c6e6948d8b6a9e5e2e2e7bb2c24f49b6fb5cce58ad29022d2c7d1282e7c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b514-538c-4897-bb51-4f9802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:20.000Z",
|
|
"modified": "2016-04-27T12:48:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: be10e76060c3bbc59c1d87bdc3abeb12",
|
|
"pattern": "[file:hashes.SHA1 = '1678276c96a3c3f69bfcbaaca625ee164597dfe4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b515-1398-428a-b1c7-4c8102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:21.000Z",
|
|
"modified": "2016-04-27T12:48:21.000Z",
|
|
"first_observed": "2016-04-27T12:48:21Z",
|
|
"last_observed": "2016-04-27T12:48:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b515-1398-428a-b1c7-4c8102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b515-1398-428a-b1c7-4c8102de0b81",
|
|
"value": "https://www.virustotal.com/file/abfa7c6e6948d8b6a9e5e2e2e7bb2c24f49b6fb5cce58ad29022d2c7d1282e7c/analysis/1455744657/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b515-de2c-4ff8-91a6-491602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:21.000Z",
|
|
"modified": "2016-04-27T12:48:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bde66ebf8cd08b301b0b6c3140df5fed",
|
|
"pattern": "[file:hashes.SHA256 = '4c5fa5cfb6afe7fc1def579d6f4b469c803178294d3c7bac0fbbe79779fa8451']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b515-9b24-47e3-931d-483602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:21.000Z",
|
|
"modified": "2016-04-27T12:48:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bde66ebf8cd08b301b0b6c3140df5fed",
|
|
"pattern": "[file:hashes.SHA1 = 'f3f0aee569fd25de5a67773edd446c34ec222d91']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b516-7048-46af-acc0-4fe002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:22.000Z",
|
|
"modified": "2016-04-27T12:48:22.000Z",
|
|
"first_observed": "2016-04-27T12:48:22Z",
|
|
"last_observed": "2016-04-27T12:48:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b516-7048-46af-acc0-4fe002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b516-7048-46af-acc0-4fe002de0b81",
|
|
"value": "https://www.virustotal.com/file/4c5fa5cfb6afe7fc1def579d6f4b469c803178294d3c7bac0fbbe79779fa8451/analysis/1457936471/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b516-9628-45fe-af67-47d902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:22.000Z",
|
|
"modified": "2016-04-27T12:48:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bddd52910f0c40b538418144ae0b63ac",
|
|
"pattern": "[file:hashes.SHA256 = '963d6f524194f19c66c42d1a1383cc3fe6a0844880037c255e4a3b6bd2cc9e34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b517-d348-4c3d-9813-416902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:23.000Z",
|
|
"modified": "2016-04-27T12:48:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bddd52910f0c40b538418144ae0b63ac",
|
|
"pattern": "[file:hashes.SHA1 = '69881e4147f55145896be7c09505c6014c51efa1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b517-5714-40a0-b68d-4bf702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:23.000Z",
|
|
"modified": "2016-04-27T12:48:23.000Z",
|
|
"first_observed": "2016-04-27T12:48:23Z",
|
|
"last_observed": "2016-04-27T12:48:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b517-5714-40a0-b68d-4bf702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b517-5714-40a0-b68d-4bf702de0b81",
|
|
"value": "https://www.virustotal.com/file/963d6f524194f19c66c42d1a1383cc3fe6a0844880037c255e4a3b6bd2cc9e34/analysis/1458111556/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b518-fe1c-4b71-b228-433d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:24.000Z",
|
|
"modified": "2016-04-27T12:48:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bd9ebb6baf95d25fc54568bb4c37567b",
|
|
"pattern": "[file:hashes.SHA256 = 'cc3501475c0c4b96843e86c35a14aa4c829da30356b8caf11c0b37d00c9463f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b518-1e34-4bb9-99be-493602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:24.000Z",
|
|
"modified": "2016-04-27T12:48:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bd9ebb6baf95d25fc54568bb4c37567b",
|
|
"pattern": "[file:hashes.SHA1 = 'a7746510db248b80ad9abf3eee597314c71c9d91']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b518-a0fc-4f0c-8399-482402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:24.000Z",
|
|
"modified": "2016-04-27T12:48:24.000Z",
|
|
"first_observed": "2016-04-27T12:48:24Z",
|
|
"last_observed": "2016-04-27T12:48:24Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b518-a0fc-4f0c-8399-482402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b518-a0fc-4f0c-8399-482402de0b81",
|
|
"value": "https://www.virustotal.com/file/cc3501475c0c4b96843e86c35a14aa4c829da30356b8caf11c0b37d00c9463f6/analysis/1460368832/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b519-3d0c-4db2-8b5b-411802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:25.000Z",
|
|
"modified": "2016-04-27T12:48:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bd8c50221e6ec939f7b4df54795bca20",
|
|
"pattern": "[file:hashes.SHA256 = 'a48298f66fc12f01bff04ea3d7bfa281e56925380de1d657274c4fdf30307c86']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b519-6a44-4f8c-9152-498402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:25.000Z",
|
|
"modified": "2016-04-27T12:48:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bd8c50221e6ec939f7b4df54795bca20",
|
|
"pattern": "[file:hashes.SHA1 = 'a8bf415b35927dcc507e1f0e7458e13b139c0777']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b51a-2b84-4088-80e1-4f0502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:26.000Z",
|
|
"modified": "2016-04-27T12:48:26.000Z",
|
|
"first_observed": "2016-04-27T12:48:26Z",
|
|
"last_observed": "2016-04-27T12:48:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b51a-2b84-4088-80e1-4f0502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b51a-2b84-4088-80e1-4f0502de0b81",
|
|
"value": "https://www.virustotal.com/file/a48298f66fc12f01bff04ea3d7bfa281e56925380de1d657274c4fdf30307c86/analysis/1455744711/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51a-e248-4add-8f26-463b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:26.000Z",
|
|
"modified": "2016-04-27T12:48:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bcd595f9eb7fba9fa82c21805ebb1535",
|
|
"pattern": "[file:hashes.SHA256 = '97e1e8618dea5b46f15489b8c5df22214bb6c20db5a06e86f202064864824cba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51a-ff3c-4de4-8f66-405d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:26.000Z",
|
|
"modified": "2016-04-27T12:48:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bcd595f9eb7fba9fa82c21805ebb1535",
|
|
"pattern": "[file:hashes.SHA1 = 'b62ebcad39597b5bee0d9c66958172c3a07769da']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b51b-e918-4e7a-a877-4efc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:27.000Z",
|
|
"modified": "2016-04-27T12:48:27.000Z",
|
|
"first_observed": "2016-04-27T12:48:27Z",
|
|
"last_observed": "2016-04-27T12:48:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b51b-e918-4e7a-a877-4efc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b51b-e918-4e7a-a877-4efc02de0b81",
|
|
"value": "https://www.virustotal.com/file/97e1e8618dea5b46f15489b8c5df22214bb6c20db5a06e86f202064864824cba/analysis/1456731438/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51b-539c-4d98-842b-4fe802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:27.000Z",
|
|
"modified": "2016-04-27T12:48:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bbfac3011f9e3b239e4eb9f9d6b82763",
|
|
"pattern": "[file:hashes.SHA256 = '6f90cdb041fffc89ff47b110383b5fb6546d9b74cebc94005fc33f238189e47b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51c-23a4-46b1-b8b5-432702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:28.000Z",
|
|
"modified": "2016-04-27T12:48:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bbfac3011f9e3b239e4eb9f9d6b82763",
|
|
"pattern": "[file:hashes.SHA1 = '8c9948474dcb3c5cf0e50b65b9d47d51f523e978']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b51c-4668-407b-a5bb-4b2d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:28.000Z",
|
|
"modified": "2016-04-27T12:48:28.000Z",
|
|
"first_observed": "2016-04-27T12:48:28Z",
|
|
"last_observed": "2016-04-27T12:48:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b51c-4668-407b-a5bb-4b2d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b51c-4668-407b-a5bb-4b2d02de0b81",
|
|
"value": "https://www.virustotal.com/file/6f90cdb041fffc89ff47b110383b5fb6546d9b74cebc94005fc33f238189e47b/analysis/1456763633/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51d-a7f0-417f-b1d2-419b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:29.000Z",
|
|
"modified": "2016-04-27T12:48:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bbb20fe1b97f12934b70cb1a7d2399d4",
|
|
"pattern": "[file:hashes.SHA256 = '1a592eb8555bb168fd693daecd7d8c9b35f68bd92b01b7bd1fbc9ce1292ba6c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51d-0f50-47f5-b458-4fc002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:29.000Z",
|
|
"modified": "2016-04-27T12:48:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: bbb20fe1b97f12934b70cb1a7d2399d4",
|
|
"pattern": "[file:hashes.SHA1 = 'c9ef26ebbab3fd7408d3008ebb1acb4b79b55eb5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b51d-40a4-46c8-ba06-46fb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:29.000Z",
|
|
"modified": "2016-04-27T12:48:29.000Z",
|
|
"first_observed": "2016-04-27T12:48:29Z",
|
|
"last_observed": "2016-04-27T12:48:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b51d-40a4-46c8-ba06-46fb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b51d-40a4-46c8-ba06-46fb02de0b81",
|
|
"value": "https://www.virustotal.com/file/1a592eb8555bb168fd693daecd7d8c9b35f68bd92b01b7bd1fbc9ce1292ba6c2/analysis/1460134881/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51e-ef88-408e-b2a6-4e7d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:30.000Z",
|
|
"modified": "2016-04-27T12:48:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ba1c5315933c1a4d446bf90eb9d7c8c6",
|
|
"pattern": "[file:hashes.SHA256 = '7916e4be7c248170420b06a8da8ec83936fd4a197ffb4282a9f9b54f2301fde2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51e-968c-472c-9d4f-4b4702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:30.000Z",
|
|
"modified": "2016-04-27T12:48:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ba1c5315933c1a4d446bf90eb9d7c8c6",
|
|
"pattern": "[file:hashes.SHA1 = 'd97075c8d5bf0a1b5013e8657b02afb6f2449d84']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b51f-a9d4-4d9a-a547-463e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:31.000Z",
|
|
"modified": "2016-04-27T12:48:31.000Z",
|
|
"first_observed": "2016-04-27T12:48:31Z",
|
|
"last_observed": "2016-04-27T12:48:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b51f-a9d4-4d9a-a547-463e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b51f-a9d4-4d9a-a547-463e02de0b81",
|
|
"value": "https://www.virustotal.com/file/7916e4be7c248170420b06a8da8ec83936fd4a197ffb4282a9f9b54f2301fde2/analysis/1457364393/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51f-49ac-41b7-815a-499102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:31.000Z",
|
|
"modified": "2016-04-27T12:48:31.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b9680d7e427bc2a3ed0320fb15023a88",
|
|
"pattern": "[file:hashes.SHA256 = 'da9b59bed8729ef7fbc29b9bd855eeed2fb75df8ea07bc41e2f050f54c07f596']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b51f-fe68-487c-9c59-464502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:31.000Z",
|
|
"modified": "2016-04-27T12:48:31.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b9680d7e427bc2a3ed0320fb15023a88",
|
|
"pattern": "[file:hashes.SHA1 = '85d58d8cc42a8710e47eb5cf492d2ebed877f917']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b520-3edc-4aaa-9faa-4f3d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:32.000Z",
|
|
"modified": "2016-04-27T12:48:32.000Z",
|
|
"first_observed": "2016-04-27T12:48:32Z",
|
|
"last_observed": "2016-04-27T12:48:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b520-3edc-4aaa-9faa-4f3d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b520-3edc-4aaa-9faa-4f3d02de0b81",
|
|
"value": "https://www.virustotal.com/file/da9b59bed8729ef7fbc29b9bd855eeed2fb75df8ea07bc41e2f050f54c07f596/analysis/1454639865/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b520-8bc4-43fd-a00a-456602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:32.000Z",
|
|
"modified": "2016-04-27T12:48:32.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b9057cc24a9d4bde42198d3956ee46e6",
|
|
"pattern": "[file:hashes.SHA256 = '845a1a581208d3f2368a86a2c30b070cc585db041c85dc7236a9ac5400a24adf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b521-bd20-44b4-968c-46c202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:33.000Z",
|
|
"modified": "2016-04-27T12:48:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b9057cc24a9d4bde42198d3956ee46e6",
|
|
"pattern": "[file:hashes.SHA1 = '7ecf6c75e2abf38596e9079df6d505486b44a114']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b521-11a8-4051-8006-4f2702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:33.000Z",
|
|
"modified": "2016-04-27T12:48:33.000Z",
|
|
"first_observed": "2016-04-27T12:48:33Z",
|
|
"last_observed": "2016-04-27T12:48:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b521-11a8-4051-8006-4f2702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b521-11a8-4051-8006-4f2702de0b81",
|
|
"value": "https://www.virustotal.com/file/845a1a581208d3f2368a86a2c30b070cc585db041c85dc7236a9ac5400a24adf/analysis/1460326893/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b521-0158-4614-8f2d-488c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:33.000Z",
|
|
"modified": "2016-04-27T12:48:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b80f53f44e737aa1ecc40a1c5cf10a5d",
|
|
"pattern": "[file:hashes.SHA256 = 'c34b9fd7089c2b3f366df97369c8bd4ce57313cf73c03c29d879bcca7ca02fcf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b522-1b34-49c6-9c9d-417802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:34.000Z",
|
|
"modified": "2016-04-27T12:48:34.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b80f53f44e737aa1ecc40a1c5cf10a5d",
|
|
"pattern": "[file:hashes.SHA1 = '60d2cd72ebbc05b3db3bbecafdc6f9f8b0cf6b0d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b522-f838-4005-878b-40ad02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:34.000Z",
|
|
"modified": "2016-04-27T12:48:34.000Z",
|
|
"first_observed": "2016-04-27T12:48:34Z",
|
|
"last_observed": "2016-04-27T12:48:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b522-f838-4005-878b-40ad02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b522-f838-4005-878b-40ad02de0b81",
|
|
"value": "https://www.virustotal.com/file/c34b9fd7089c2b3f366df97369c8bd4ce57313cf73c03c29d879bcca7ca02fcf/analysis/1457267170/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b523-3e24-46f7-881b-418002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:35.000Z",
|
|
"modified": "2016-04-27T12:48:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b7343a1094f139699bc4698343d2b7ad",
|
|
"pattern": "[file:hashes.SHA256 = '510059abe1e42e239226fa436cc6b840d87c72f0a82086150161c4ee0c1c2dd0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b523-e298-4033-b8b0-45e502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:35.000Z",
|
|
"modified": "2016-04-27T12:48:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b7343a1094f139699bc4698343d2b7ad",
|
|
"pattern": "[file:hashes.SHA1 = 'a8cdc9d3155d6a6f4847c8fcb405dd52dfef64d1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b524-d56c-463e-bd42-492802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:36.000Z",
|
|
"modified": "2016-04-27T12:48:36.000Z",
|
|
"first_observed": "2016-04-27T12:48:36Z",
|
|
"last_observed": "2016-04-27T12:48:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b524-d56c-463e-bd42-492802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b524-d56c-463e-bd42-492802de0b81",
|
|
"value": "https://www.virustotal.com/file/510059abe1e42e239226fa436cc6b840d87c72f0a82086150161c4ee0c1c2dd0/analysis/1460117610/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b524-b068-4aa6-8146-4c1202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:36.000Z",
|
|
"modified": "2016-04-27T12:48:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b6f52abceb49c6d38e29de6951f768fa",
|
|
"pattern": "[file:hashes.SHA256 = 'ff6b183495c4be7655747d4d1a1101c6efa780b97a456cd68701df3127ae9e58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b524-6a34-477f-8eb5-4f9c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:36.000Z",
|
|
"modified": "2016-04-27T12:48:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b6f52abceb49c6d38e29de6951f768fa",
|
|
"pattern": "[file:hashes.SHA1 = '14b4fb7d7b6f750f5996a802d880eab3703241ae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b525-2b34-4b1d-8b02-4d8002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:37.000Z",
|
|
"modified": "2016-04-27T12:48:37.000Z",
|
|
"first_observed": "2016-04-27T12:48:37Z",
|
|
"last_observed": "2016-04-27T12:48:37Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b525-2b34-4b1d-8b02-4d8002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b525-2b34-4b1d-8b02-4d8002de0b81",
|
|
"value": "https://www.virustotal.com/file/ff6b183495c4be7655747d4d1a1101c6efa780b97a456cd68701df3127ae9e58/analysis/1455744105/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b525-c498-467f-ba31-4bf502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:37.000Z",
|
|
"modified": "2016-04-27T12:48:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b66eb248e1ca0c35bc7e518fa4d5757a",
|
|
"pattern": "[file:hashes.SHA256 = 'd32d98751178ce0a307254a989d1d26c5601abc1b4ea092b1cb5dd470b48bb32']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b526-abc4-4147-93a6-462802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:38.000Z",
|
|
"modified": "2016-04-27T12:48:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b66eb248e1ca0c35bc7e518fa4d5757a",
|
|
"pattern": "[file:hashes.SHA1 = 'c76f014ae59c06814a0034b2f1faf3cd0f036bcd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b526-4804-40d3-a056-415902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:38.000Z",
|
|
"modified": "2016-04-27T12:48:38.000Z",
|
|
"first_observed": "2016-04-27T12:48:38Z",
|
|
"last_observed": "2016-04-27T12:48:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b526-4804-40d3-a056-415902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b526-4804-40d3-a056-415902de0b81",
|
|
"value": "https://www.virustotal.com/file/d32d98751178ce0a307254a989d1d26c5601abc1b4ea092b1cb5dd470b48bb32/analysis/1457870283/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b526-9804-4079-8893-417302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:38.000Z",
|
|
"modified": "2016-04-27T12:48:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b5f1fe0ab8ef34d6429916b6257e682b",
|
|
"pattern": "[file:hashes.SHA256 = '27e2a4a9333d62e2158b13b1e205490ef447121e701cd50d7ddd9c1a2e7d762d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b527-a640-464b-89cc-445e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:39.000Z",
|
|
"modified": "2016-04-27T12:48:39.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b5f1fe0ab8ef34d6429916b6257e682b",
|
|
"pattern": "[file:hashes.SHA1 = '338bcefc2dbbaa8acd8ac1449ceee8692f9c8be7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b527-02ac-4123-88f3-427d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:39.000Z",
|
|
"modified": "2016-04-27T12:48:39.000Z",
|
|
"first_observed": "2016-04-27T12:48:39Z",
|
|
"last_observed": "2016-04-27T12:48:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b527-02ac-4123-88f3-427d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b527-02ac-4123-88f3-427d02de0b81",
|
|
"value": "https://www.virustotal.com/file/27e2a4a9333d62e2158b13b1e205490ef447121e701cd50d7ddd9c1a2e7d762d/analysis/1460130383/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b528-e8e0-4c5f-9228-4f1702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:40.000Z",
|
|
"modified": "2016-04-27T12:48:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b5afb1b35f7ee56218ee1c0d6ba92fb7",
|
|
"pattern": "[file:hashes.SHA256 = '72dfb9f433bb2da61b0f596602d5321355a33eb3da2a72d2f9efc8301dcd870d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b528-13b4-4aaf-a5aa-499c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:40.000Z",
|
|
"modified": "2016-04-27T12:48:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b5afb1b35f7ee56218ee1c0d6ba92fb7",
|
|
"pattern": "[file:hashes.SHA1 = '177ba868e2549af8cb0fc57231ab64aaf8028caf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b529-11dc-44ee-a822-419202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:41.000Z",
|
|
"modified": "2016-04-27T12:48:41.000Z",
|
|
"first_observed": "2016-04-27T12:48:41Z",
|
|
"last_observed": "2016-04-27T12:48:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b529-11dc-44ee-a822-419202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b529-11dc-44ee-a822-419202de0b81",
|
|
"value": "https://www.virustotal.com/file/72dfb9f433bb2da61b0f596602d5321355a33eb3da2a72d2f9efc8301dcd870d/analysis/1455744123/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b529-0c70-4636-8649-4f2402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:41.000Z",
|
|
"modified": "2016-04-27T12:48:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b57618a7098fa9fcc14b8779b71ba62a",
|
|
"pattern": "[file:hashes.SHA256 = 'f134ddc39068cebea57ceb60579dd21ad1313588c7818aead1abaccc4be4a0e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b529-3f38-4bf7-ab95-46de02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:41.000Z",
|
|
"modified": "2016-04-27T12:48:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b57618a7098fa9fcc14b8779b71ba62a",
|
|
"pattern": "[file:hashes.SHA1 = '9b1e6ca32f90e1e40f7d608645346e09702a1756']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b52a-ae68-49b0-b020-477402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:42.000Z",
|
|
"modified": "2016-04-27T12:48:42.000Z",
|
|
"first_observed": "2016-04-27T12:48:42Z",
|
|
"last_observed": "2016-04-27T12:48:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b52a-ae68-49b0-b020-477402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b52a-ae68-49b0-b020-477402de0b81",
|
|
"value": "https://www.virustotal.com/file/f134ddc39068cebea57ceb60579dd21ad1313588c7818aead1abaccc4be4a0e7/analysis/1456718247/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52a-0e34-4ffe-861d-417802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:42.000Z",
|
|
"modified": "2016-04-27T12:48:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b56b456488358fcdc0ce95df7e0309cf",
|
|
"pattern": "[file:hashes.SHA256 = '71c515f43b9dc836e3fbea053cb4a15dc670537827b539951cccbbd88dd22265']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52b-f150-4a56-a87f-483102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:43.000Z",
|
|
"modified": "2016-04-27T12:48:43.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b56b456488358fcdc0ce95df7e0309cf",
|
|
"pattern": "[file:hashes.SHA1 = '50a1e47856b9fd7c2a5bed3cad283aecfaa85248']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b52b-3d20-4364-ae66-48ca02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:43.000Z",
|
|
"modified": "2016-04-27T12:48:43.000Z",
|
|
"first_observed": "2016-04-27T12:48:43Z",
|
|
"last_observed": "2016-04-27T12:48:43Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b52b-3d20-4364-ae66-48ca02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b52b-3d20-4364-ae66-48ca02de0b81",
|
|
"value": "https://www.virustotal.com/file/71c515f43b9dc836e3fbea053cb4a15dc670537827b539951cccbbd88dd22265/analysis/1454680930/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52b-7d08-48d8-b08d-45a202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:43.000Z",
|
|
"modified": "2016-04-27T12:48:43.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b536f2134d75a4ac257071615e227a7d",
|
|
"pattern": "[file:hashes.SHA256 = '9e65a8a911ff123f0d610efda58bf20a15089b7fa3788470c59a1c8cfd63e12e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52c-0f94-478c-b3d7-42ca02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:44.000Z",
|
|
"modified": "2016-04-27T12:48:44.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b536f2134d75a4ac257071615e227a7d",
|
|
"pattern": "[file:hashes.SHA1 = '350edf46bb80fbb28ac6ddfeb25d74db8c619325']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b52c-5cac-427a-b015-40cb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:44.000Z",
|
|
"modified": "2016-04-27T12:48:44.000Z",
|
|
"first_observed": "2016-04-27T12:48:44Z",
|
|
"last_observed": "2016-04-27T12:48:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b52c-5cac-427a-b015-40cb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b52c-5cac-427a-b015-40cb02de0b81",
|
|
"value": "https://www.virustotal.com/file/9e65a8a911ff123f0d610efda58bf20a15089b7fa3788470c59a1c8cfd63e12e/analysis/1458541455/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52d-7f08-40f1-a276-4b6102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:45.000Z",
|
|
"modified": "2016-04-27T12:48:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b4298ce2eab75b9729ae3ac54e44e4d1",
|
|
"pattern": "[file:hashes.SHA256 = '8c942cb86133e9d6833b44da1f78817179851fd1fcd0bc1d4a44871eb2064627']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52d-ff8c-4f9f-aab3-4bc802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:45.000Z",
|
|
"modified": "2016-04-27T12:48:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b4298ce2eab75b9729ae3ac54e44e4d1",
|
|
"pattern": "[file:hashes.SHA1 = '21c68eb194c704735d9401a692a54e2442045774']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b52e-4b54-4ad1-93b7-47b402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:46.000Z",
|
|
"modified": "2016-04-27T12:48:46.000Z",
|
|
"first_observed": "2016-04-27T12:48:46Z",
|
|
"last_observed": "2016-04-27T12:48:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b52e-4b54-4ad1-93b7-47b402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b52e-4b54-4ad1-93b7-47b402de0b81",
|
|
"value": "https://www.virustotal.com/file/8c942cb86133e9d6833b44da1f78817179851fd1fcd0bc1d4a44871eb2064627/analysis/1460324103/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52e-50d4-4042-b2b7-46a802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:46.000Z",
|
|
"modified": "2016-04-27T12:48:46.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b371fd7024687fa205135e2f3425822d",
|
|
"pattern": "[file:hashes.SHA256 = '9605e83e769543c19220882f4e6a664b2690995ff4e8fbcefc12b32c21731d63']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52e-9a18-4a9a-b673-4d9902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:46.000Z",
|
|
"modified": "2016-04-27T12:48:46.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b371fd7024687fa205135e2f3425822d",
|
|
"pattern": "[file:hashes.SHA1 = '0a0e5dc873a15bba03dbbac2cb6707e52c936d35']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b52f-2f20-46bb-9cc8-4f9a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:47.000Z",
|
|
"modified": "2016-04-27T12:48:47.000Z",
|
|
"first_observed": "2016-04-27T12:48:47Z",
|
|
"last_observed": "2016-04-27T12:48:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b52f-2f20-46bb-9cc8-4f9a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b52f-2f20-46bb-9cc8-4f9a02de0b81",
|
|
"value": "https://www.virustotal.com/file/9605e83e769543c19220882f4e6a664b2690995ff4e8fbcefc12b32c21731d63/analysis/1455743867/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b52f-caf8-4755-b719-4af602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:47.000Z",
|
|
"modified": "2016-04-27T12:48:47.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b2e0eae1d879287da6155ffa1ffff440",
|
|
"pattern": "[file:hashes.SHA256 = 'f667b646c123caa86612b5d5c3b1c273bbf1ae43b00be0c6356f0f8b34d83f5f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b530-40a8-41bc-a1df-404a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:48.000Z",
|
|
"modified": "2016-04-27T12:48:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b2e0eae1d879287da6155ffa1ffff440",
|
|
"pattern": "[file:hashes.SHA1 = '4d08c506bb6170fb36b2c7b5643188a0b90be75c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b530-07fc-4add-af51-4e7602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:48.000Z",
|
|
"modified": "2016-04-27T12:48:48.000Z",
|
|
"first_observed": "2016-04-27T12:48:48Z",
|
|
"last_observed": "2016-04-27T12:48:48Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b530-07fc-4add-af51-4e7602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b530-07fc-4add-af51-4e7602de0b81",
|
|
"value": "https://www.virustotal.com/file/f667b646c123caa86612b5d5c3b1c273bbf1ae43b00be0c6356f0f8b34d83f5f/analysis/1459149230/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b530-9e64-4933-adb4-443f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:48.000Z",
|
|
"modified": "2016-04-27T12:48:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b11bb0abd2a72e0ca88fe9817d42e139",
|
|
"pattern": "[file:hashes.SHA256 = '7fe84032f58c25ccdcd71c01464c750bd81a0e6042c3170ed116258bf83e65c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b531-fc88-4145-a28e-40cf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:49.000Z",
|
|
"modified": "2016-04-27T12:48:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b11bb0abd2a72e0ca88fe9817d42e139",
|
|
"pattern": "[file:hashes.SHA1 = 'd30f1a96f0c0722be4192e80ac2469868de1bc72']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b531-506c-4765-8c5a-49f102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:49.000Z",
|
|
"modified": "2016-04-27T12:48:49.000Z",
|
|
"first_observed": "2016-04-27T12:48:49Z",
|
|
"last_observed": "2016-04-27T12:48:49Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b531-506c-4765-8c5a-49f102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b531-506c-4765-8c5a-49f102de0b81",
|
|
"value": "https://www.virustotal.com/file/7fe84032f58c25ccdcd71c01464c750bd81a0e6042c3170ed116258bf83e65c3/analysis/1460328490/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b531-d090-4a06-b333-432902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:49.000Z",
|
|
"modified": "2016-04-27T12:48:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b0737a9732647803bab45e64b4dc8f42",
|
|
"pattern": "[file:hashes.SHA256 = 'ad949baf455bfc9ca99342b5439083b704be4d94b2f25a315e2e55f9deea17f0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b532-6a20-45c0-ac0d-483002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:50.000Z",
|
|
"modified": "2016-04-27T12:48:50.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: b0737a9732647803bab45e64b4dc8f42",
|
|
"pattern": "[file:hashes.SHA1 = '8b98aa41568b260587ddff9fd584545b2e5b1df4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b532-f964-48d5-b8d6-401702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:50.000Z",
|
|
"modified": "2016-04-27T12:48:50.000Z",
|
|
"first_observed": "2016-04-27T12:48:50Z",
|
|
"last_observed": "2016-04-27T12:48:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b532-f964-48d5-b8d6-401702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b532-f964-48d5-b8d6-401702de0b81",
|
|
"value": "https://www.virustotal.com/file/ad949baf455bfc9ca99342b5439083b704be4d94b2f25a315e2e55f9deea17f0/analysis/1455743869/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b532-73cc-4163-a9b0-41f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:50.000Z",
|
|
"modified": "2016-04-27T12:48:50.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: afbfbb0fc1e7cbf56732d2afaeb21302",
|
|
"pattern": "[file:hashes.SHA256 = 'c5fb97788a2e895312d9f0fc835d42ad603b19fd9527802cc2dfdc0e0c6957ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b533-1370-43bd-90ad-488e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:51.000Z",
|
|
"modified": "2016-04-27T12:48:51.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: afbfbb0fc1e7cbf56732d2afaeb21302",
|
|
"pattern": "[file:hashes.SHA1 = '0f5ba835d2ab585bb1e5961857a251d5b9f60f74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b533-f350-482e-834d-4f2c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:51.000Z",
|
|
"modified": "2016-04-27T12:48:51.000Z",
|
|
"first_observed": "2016-04-27T12:48:51Z",
|
|
"last_observed": "2016-04-27T12:48:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b533-f350-482e-834d-4f2c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b533-f350-482e-834d-4f2c02de0b81",
|
|
"value": "https://www.virustotal.com/file/c5fb97788a2e895312d9f0fc835d42ad603b19fd9527802cc2dfdc0e0c6957ba/analysis/1455743635/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b533-4fe0-4bdb-a29a-410202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:51.000Z",
|
|
"modified": "2016-04-27T12:48:51.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: af732879ff0b20eb02386a16581c8a4b",
|
|
"pattern": "[file:hashes.SHA256 = '82711ccf65b8a43f067d26b6a4d7295efcc8a2061e2163808f87d72f5c071b2e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b534-4fb0-484d-b8ea-48c502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:52.000Z",
|
|
"modified": "2016-04-27T12:48:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: af732879ff0b20eb02386a16581c8a4b",
|
|
"pattern": "[file:hashes.SHA1 = 'e819dc2cb453ec6ad82d343a81e15bd0f9780c60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b534-a568-4333-9e6b-469d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:52.000Z",
|
|
"modified": "2016-04-27T12:48:52.000Z",
|
|
"first_observed": "2016-04-27T12:48:52Z",
|
|
"last_observed": "2016-04-27T12:48:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b534-a568-4333-9e6b-469d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b534-a568-4333-9e6b-469d02de0b81",
|
|
"value": "https://www.virustotal.com/file/82711ccf65b8a43f067d26b6a4d7295efcc8a2061e2163808f87d72f5c071b2e/analysis/1454936262/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b534-ae28-4c34-8be9-4f8802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:52.000Z",
|
|
"modified": "2016-04-27T12:48:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: af60a1f801ee3d5ba256c9354d8e9ca3",
|
|
"pattern": "[file:hashes.SHA256 = '1c9cd08143da6805c15daed92a9b0e962db4f9a96babba23f858ff073af00c1b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b535-d554-4028-938c-4fe002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:53.000Z",
|
|
"modified": "2016-04-27T12:48:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: af60a1f801ee3d5ba256c9354d8e9ca3",
|
|
"pattern": "[file:hashes.SHA1 = 'e0aee263a1ef9b35da2e2abeeddc24cd06b81c29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b535-1f88-4c34-b95a-413802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:53.000Z",
|
|
"modified": "2016-04-27T12:48:53.000Z",
|
|
"first_observed": "2016-04-27T12:48:53Z",
|
|
"last_observed": "2016-04-27T12:48:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b535-1f88-4c34-b95a-413802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b535-1f88-4c34-b95a-413802de0b81",
|
|
"value": "https://www.virustotal.com/file/1c9cd08143da6805c15daed92a9b0e962db4f9a96babba23f858ff073af00c1b/analysis/1454642373/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b536-a4b8-4131-80e6-4fe902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:54.000Z",
|
|
"modified": "2016-04-27T12:48:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: aea04d46b9a4097155afcb3a80aafb8f",
|
|
"pattern": "[file:hashes.SHA256 = '1396eab786724830a9f21ae71c3cee0fca3d41f5eaa814e6d80a63c893344bfd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b536-a0a4-43fa-972b-4f7902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:54.000Z",
|
|
"modified": "2016-04-27T12:48:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: aea04d46b9a4097155afcb3a80aafb8f",
|
|
"pattern": "[file:hashes.SHA1 = '035b01513c10543678335f98abf67fa8b733b6fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b536-6fe4-4f1d-89fa-46f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:54.000Z",
|
|
"modified": "2016-04-27T12:48:54.000Z",
|
|
"first_observed": "2016-04-27T12:48:54Z",
|
|
"last_observed": "2016-04-27T12:48:54Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b536-6fe4-4f1d-89fa-46f502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b536-6fe4-4f1d-89fa-46f502de0b81",
|
|
"value": "https://www.virustotal.com/file/1396eab786724830a9f21ae71c3cee0fca3d41f5eaa814e6d80a63c893344bfd/analysis/1454935785/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b537-19b8-4f85-8415-4e1d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:55.000Z",
|
|
"modified": "2016-04-27T12:48:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: addd10c396fb3c1998ea451710f6f6f6",
|
|
"pattern": "[file:hashes.SHA256 = '0e3b50c91d3c4863bc9a9fcc48c539e2f44652be517df6c658782d4e9acbbb9a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b537-1548-4b25-b259-402b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:55.000Z",
|
|
"modified": "2016-04-27T12:48:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: addd10c396fb3c1998ea451710f6f6f6",
|
|
"pattern": "[file:hashes.SHA1 = '204fbc5414217d7cc86e5949a9606f0e65861da5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b538-4d48-4153-9c68-4df302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:56.000Z",
|
|
"modified": "2016-04-27T12:48:56.000Z",
|
|
"first_observed": "2016-04-27T12:48:56Z",
|
|
"last_observed": "2016-04-27T12:48:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b538-4d48-4153-9c68-4df302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b538-4d48-4153-9c68-4df302de0b81",
|
|
"value": "https://www.virustotal.com/file/0e3b50c91d3c4863bc9a9fcc48c539e2f44652be517df6c658782d4e9acbbb9a/analysis/1458038255/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b538-124c-4cdb-83c5-427f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:56.000Z",
|
|
"modified": "2016-04-27T12:48:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ad99f483836492e34c072764db219fe4",
|
|
"pattern": "[file:hashes.SHA256 = 'a2524305a7d8e481e42c5cba295b992c45fb1675300030b37d11fb88da47562e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b539-b4fc-4922-b716-400b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:57.000Z",
|
|
"modified": "2016-04-27T12:48:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ad99f483836492e34c072764db219fe4",
|
|
"pattern": "[file:hashes.SHA1 = '60da77bf5bc327086a2ba3f75cd09f3a0fbacf5b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b539-da44-4953-831b-485f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:57.000Z",
|
|
"modified": "2016-04-27T12:48:57.000Z",
|
|
"first_observed": "2016-04-27T12:48:57Z",
|
|
"last_observed": "2016-04-27T12:48:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b539-da44-4953-831b-485f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b539-da44-4953-831b-485f02de0b81",
|
|
"value": "https://www.virustotal.com/file/a2524305a7d8e481e42c5cba295b992c45fb1675300030b37d11fb88da47562e/analysis/1457845595/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b539-8138-4896-b280-494002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:57.000Z",
|
|
"modified": "2016-04-27T12:48:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ad75d090f865cbab68c411682ad2eb89",
|
|
"pattern": "[file:hashes.SHA256 = '3f74dd9eb9a9bf3c6a6063b98a7ebee9af6c50d3e2bae458e1d5384e560df0c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53a-e834-4661-ba22-435402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:58.000Z",
|
|
"modified": "2016-04-27T12:48:58.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ad75d090f865cbab68c411682ad2eb89",
|
|
"pattern": "[file:hashes.SHA1 = '0b7555791f79bc18e104f06737a691b2cf9257d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b53a-072c-420e-b28b-4f8702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:58.000Z",
|
|
"modified": "2016-04-27T12:48:58.000Z",
|
|
"first_observed": "2016-04-27T12:48:58Z",
|
|
"last_observed": "2016-04-27T12:48:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b53a-072c-420e-b28b-4f8702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b53a-072c-420e-b28b-4f8702de0b81",
|
|
"value": "https://www.virustotal.com/file/3f74dd9eb9a9bf3c6a6063b98a7ebee9af6c50d3e2bae458e1d5384e560df0c3/analysis/1457481900/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53b-ca94-4788-9e48-43d402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:59.000Z",
|
|
"modified": "2016-04-27T12:48:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: acfc48ed626369cf0fb6e1872c92e1bd",
|
|
"pattern": "[file:hashes.SHA256 = 'f8ad77737130d043afaf4b58bce9b38e7383d987196b90e1f4bab9fd82de9bcb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53b-8c54-43b3-8864-4d9802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:59.000Z",
|
|
"modified": "2016-04-27T12:48:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: acfc48ed626369cf0fb6e1872c92e1bd",
|
|
"pattern": "[file:hashes.SHA1 = '5d4e01ec2ebcba5457d228d7c974eff5d1bafdfd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:48:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b53b-4bf4-48de-ae66-4e9b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:48:59.000Z",
|
|
"modified": "2016-04-27T12:48:59.000Z",
|
|
"first_observed": "2016-04-27T12:48:59Z",
|
|
"last_observed": "2016-04-27T12:48:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b53b-4bf4-48de-ae66-4e9b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b53b-4bf4-48de-ae66-4e9b02de0b81",
|
|
"value": "https://www.virustotal.com/file/f8ad77737130d043afaf4b58bce9b38e7383d987196b90e1f4bab9fd82de9bcb/analysis/1455743627/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53c-2538-41e4-a351-4fc602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:00.000Z",
|
|
"modified": "2016-04-27T12:49:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ac8ad3eb56d2a94db30d3f4acfe4b548",
|
|
"pattern": "[file:hashes.SHA256 = 'f4e3d4038d226b87b341f120fd8a5860f137487dd62e18dcb232fe45f63dc4a5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53c-7680-4ac5-891c-451c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:00.000Z",
|
|
"modified": "2016-04-27T12:49:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ac8ad3eb56d2a94db30d3f4acfe4b548",
|
|
"pattern": "[file:hashes.SHA1 = '8cf5192d0f6e30d3a0848e5db075ad05604a580a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b53d-76f4-4712-b487-42f602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:01.000Z",
|
|
"modified": "2016-04-27T12:49:01.000Z",
|
|
"first_observed": "2016-04-27T12:49:01Z",
|
|
"last_observed": "2016-04-27T12:49:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b53d-76f4-4712-b487-42f602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b53d-76f4-4712-b487-42f602de0b81",
|
|
"value": "https://www.virustotal.com/file/f4e3d4038d226b87b341f120fd8a5860f137487dd62e18dcb232fe45f63dc4a5/analysis/1456656076/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53d-8540-4f19-a44f-479802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:01.000Z",
|
|
"modified": "2016-04-27T12:49:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ac6a922fd8c604eb56da5413c2368be7",
|
|
"pattern": "[file:hashes.SHA256 = '6a7cbbb0ce37fb304388519cd1e1d2f29eb3d47f696a03b2a5861700f907fefa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53d-ea08-41f5-8034-448202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:01.000Z",
|
|
"modified": "2016-04-27T12:49:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: ac6a922fd8c604eb56da5413c2368be7",
|
|
"pattern": "[file:hashes.SHA1 = '1a06696fe83c48609a17d73f1c470659023ec708']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b53e-0db0-470f-aac6-45d602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:02.000Z",
|
|
"modified": "2016-04-27T12:49:02.000Z",
|
|
"first_observed": "2016-04-27T12:49:02Z",
|
|
"last_observed": "2016-04-27T12:49:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b53e-0db0-470f-aac6-45d602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b53e-0db0-470f-aac6-45d602de0b81",
|
|
"value": "https://www.virustotal.com/file/6a7cbbb0ce37fb304388519cd1e1d2f29eb3d47f696a03b2a5861700f907fefa/analysis/1455743429/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53e-89b4-4883-a888-450602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:02.000Z",
|
|
"modified": "2016-04-27T12:49:02.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: aa735ae056b57471bbe3499517afd057",
|
|
"pattern": "[file:hashes.SHA256 = 'f8115931348da7eb065341aa019962290e8ca54c65c98653921edab27a80d433']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53f-2168-411d-90ca-4cb902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:03.000Z",
|
|
"modified": "2016-04-27T12:49:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: aa735ae056b57471bbe3499517afd057",
|
|
"pattern": "[file:hashes.SHA1 = '7c21d2ab6d0d4ee4c6734de6c191d28443be855a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b53f-2270-4608-a187-40cd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:03.000Z",
|
|
"modified": "2016-04-27T12:49:03.000Z",
|
|
"first_observed": "2016-04-27T12:49:03Z",
|
|
"last_observed": "2016-04-27T12:49:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b53f-2270-4608-a187-40cd02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b53f-2270-4608-a187-40cd02de0b81",
|
|
"value": "https://www.virustotal.com/file/f8115931348da7eb065341aa019962290e8ca54c65c98653921edab27a80d433/analysis/1455743371/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b53f-8024-4eb4-abac-4cc002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:03.000Z",
|
|
"modified": "2016-04-27T12:49:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: aa5216ce42e1c279042662c018509140",
|
|
"pattern": "[file:hashes.SHA256 = '66b5171d8f2f854e515fa2246b4341bda724b37cfbe0801668b9e689196cbb58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b540-9ce8-4897-80c8-447502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:04.000Z",
|
|
"modified": "2016-04-27T12:49:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: aa5216ce42e1c279042662c018509140",
|
|
"pattern": "[file:hashes.SHA1 = '9c69f9f30e46c11a6ef35f964893653855808fc9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b540-949c-461a-a9ed-4f3602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:04.000Z",
|
|
"modified": "2016-04-27T12:49:04.000Z",
|
|
"first_observed": "2016-04-27T12:49:04Z",
|
|
"last_observed": "2016-04-27T12:49:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b540-949c-461a-a9ed-4f3602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b540-949c-461a-a9ed-4f3602de0b81",
|
|
"value": "https://www.virustotal.com/file/66b5171d8f2f854e515fa2246b4341bda724b37cfbe0801668b9e689196cbb58/analysis/1456652452/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b541-b3e8-403c-bcc8-480702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:05.000Z",
|
|
"modified": "2016-04-27T12:49:05.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: aa48cd40fcfe561bb5cd274549c94d6f",
|
|
"pattern": "[file:hashes.SHA256 = '4ee2b843b3cc565a3b682b75218d583a83926d7fbcee148c7aa39fb1db975fdc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b541-eed4-4439-bb6a-43d402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:05.000Z",
|
|
"modified": "2016-04-27T12:49:05.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: aa48cd40fcfe561bb5cd274549c94d6f",
|
|
"pattern": "[file:hashes.SHA1 = '7571f9d64c5bd457fad254ec011176594667740a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b541-3a78-455c-aa3e-410d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:05.000Z",
|
|
"modified": "2016-04-27T12:49:05.000Z",
|
|
"first_observed": "2016-04-27T12:49:05Z",
|
|
"last_observed": "2016-04-27T12:49:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b541-3a78-455c-aa3e-410d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b541-3a78-455c-aa3e-410d02de0b81",
|
|
"value": "https://www.virustotal.com/file/4ee2b843b3cc565a3b682b75218d583a83926d7fbcee148c7aa39fb1db975fdc/analysis/1460118290/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b542-e3bc-4270-bd52-413102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:06.000Z",
|
|
"modified": "2016-04-27T12:49:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a9ce99d1788c13edaa3fb7f92ebb1240",
|
|
"pattern": "[file:hashes.SHA256 = 'e93abc426a6793c010d66b5989ea2d733978816f34a9c7bdb3c584c1e4a42cbd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b542-9c5c-4be6-a8a9-4f6602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:06.000Z",
|
|
"modified": "2016-04-27T12:49:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a9ce99d1788c13edaa3fb7f92ebb1240",
|
|
"pattern": "[file:hashes.SHA1 = '689322b047267a1a3df093c6f6c0291a5175f096']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b543-be64-4e7e-ae40-4de702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:07.000Z",
|
|
"modified": "2016-04-27T12:49:07.000Z",
|
|
"first_observed": "2016-04-27T12:49:07Z",
|
|
"last_observed": "2016-04-27T12:49:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b543-be64-4e7e-ae40-4de702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b543-be64-4e7e-ae40-4de702de0b81",
|
|
"value": "https://www.virustotal.com/file/e93abc426a6793c010d66b5989ea2d733978816f34a9c7bdb3c584c1e4a42cbd/analysis/1456343977/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b543-6df4-4fab-a87e-4a7302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:07.000Z",
|
|
"modified": "2016-04-27T12:49:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a9776f2633565419e55f6842a0b74278",
|
|
"pattern": "[file:hashes.SHA256 = '423be1e703a56758bd8e26129eb0cc84bd91453df40ad6f1cfe9978c852fa60a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b543-3b64-4b2d-87ff-4f1002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:07.000Z",
|
|
"modified": "2016-04-27T12:49:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a9776f2633565419e55f6842a0b74278",
|
|
"pattern": "[file:hashes.SHA1 = 'ff607db40471f2e2d722aeadf613fa13efb22d3c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b544-513c-4577-8ec4-4fa002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:08.000Z",
|
|
"modified": "2016-04-27T12:49:08.000Z",
|
|
"first_observed": "2016-04-27T12:49:08Z",
|
|
"last_observed": "2016-04-27T12:49:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b544-513c-4577-8ec4-4fa002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b544-513c-4577-8ec4-4fa002de0b81",
|
|
"value": "https://www.virustotal.com/file/423be1e703a56758bd8e26129eb0cc84bd91453df40ad6f1cfe9978c852fa60a/analysis/1458086450/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b544-022c-40e8-837f-4e6002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:08.000Z",
|
|
"modified": "2016-04-27T12:49:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a8f2d507661b76a94971dcf7d593fc8a",
|
|
"pattern": "[file:hashes.SHA256 = '0d972817dda797bbcf5d9211608e2311ab1888648f0e49d27f187191575c1752']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b545-2538-4908-a78e-463302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:09.000Z",
|
|
"modified": "2016-04-27T12:49:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a8f2d507661b76a94971dcf7d593fc8a",
|
|
"pattern": "[file:hashes.SHA1 = '9b0fbc216f95d4f8f40b3752f5321a589f961077']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b545-9c8c-4d4b-86ec-47de02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:09.000Z",
|
|
"modified": "2016-04-27T12:49:09.000Z",
|
|
"first_observed": "2016-04-27T12:49:09Z",
|
|
"last_observed": "2016-04-27T12:49:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b545-9c8c-4d4b-86ec-47de02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b545-9c8c-4d4b-86ec-47de02de0b81",
|
|
"value": "https://www.virustotal.com/file/0d972817dda797bbcf5d9211608e2311ab1888648f0e49d27f187191575c1752/analysis/1456605958/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b545-572c-4695-8d98-42c102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:09.000Z",
|
|
"modified": "2016-04-27T12:49:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a893d3cfce6e8869b35a8140089ec854",
|
|
"pattern": "[file:hashes.SHA256 = '594e78d0158eb7a917dd0959f9e9cddc09755a9f70d0fe8a63921d326946c99d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b546-a764-4a31-81dc-4f1302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:10.000Z",
|
|
"modified": "2016-04-27T12:49:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a893d3cfce6e8869b35a8140089ec854",
|
|
"pattern": "[file:hashes.SHA1 = '5dc3c548b5fd3670da2d0d809aeccc50fe309ffd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b546-0b64-4b6b-96ba-41ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:10.000Z",
|
|
"modified": "2016-04-27T12:49:10.000Z",
|
|
"first_observed": "2016-04-27T12:49:10Z",
|
|
"last_observed": "2016-04-27T12:49:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b546-0b64-4b6b-96ba-41ec02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b546-0b64-4b6b-96ba-41ec02de0b81",
|
|
"value": "https://www.virustotal.com/file/594e78d0158eb7a917dd0959f9e9cddc09755a9f70d0fe8a63921d326946c99d/analysis/1460645274/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b547-d1e0-4803-bf62-411b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:11.000Z",
|
|
"modified": "2016-04-27T12:49:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a6c5d89df0774fdd1643080548bfe718",
|
|
"pattern": "[file:hashes.SHA256 = 'ec427f4b20ccd41fdeabff7d6d0d002d2d31d5f38d40d62a77c7483a0956a816']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b547-bbdc-4e9c-9e1a-4d7802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:11.000Z",
|
|
"modified": "2016-04-27T12:49:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a6c5d89df0774fdd1643080548bfe718",
|
|
"pattern": "[file:hashes.SHA1 = '162c9fc3aac1b3cfd3a2f22f17b72425b52f113d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b547-22f4-4118-b524-405d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:11.000Z",
|
|
"modified": "2016-04-27T12:49:11.000Z",
|
|
"first_observed": "2016-04-27T12:49:11Z",
|
|
"last_observed": "2016-04-27T12:49:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b547-22f4-4118-b524-405d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b547-22f4-4118-b524-405d02de0b81",
|
|
"value": "https://www.virustotal.com/file/ec427f4b20ccd41fdeabff7d6d0d002d2d31d5f38d40d62a77c7483a0956a816/analysis/1454318869/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b548-4fa4-4d43-b246-45f602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:12.000Z",
|
|
"modified": "2016-04-27T12:49:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a639338fd99cfd50292425d36618074c",
|
|
"pattern": "[file:hashes.SHA256 = '932245fd854865ce49bca473a81bb32f1a363ad4b08c952af90e6c118a1c267a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b548-b658-4fac-8b75-4fbc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:12.000Z",
|
|
"modified": "2016-04-27T12:49:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a639338fd99cfd50292425d36618074c",
|
|
"pattern": "[file:hashes.SHA1 = '253b606bdf623c5a3c93ebb87ca5dda638265709']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b549-f794-4310-b0aa-4eee02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:13.000Z",
|
|
"modified": "2016-04-27T12:49:13.000Z",
|
|
"first_observed": "2016-04-27T12:49:13Z",
|
|
"last_observed": "2016-04-27T12:49:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b549-f794-4310-b0aa-4eee02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b549-f794-4310-b0aa-4eee02de0b81",
|
|
"value": "https://www.virustotal.com/file/932245fd854865ce49bca473a81bb32f1a363ad4b08c952af90e6c118a1c267a/analysis/1454318893/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b549-dd80-491a-b61f-41b202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:13.000Z",
|
|
"modified": "2016-04-27T12:49:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a61d0ea6e5711135383a3592e6b31e49",
|
|
"pattern": "[file:hashes.SHA256 = '1eca935655cce0b67456b66cdd6e83410ff2d0d6cef99e91e843b265829d7821']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54a-3728-48c0-8f2c-431f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:13.000Z",
|
|
"modified": "2016-04-27T12:49:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a61d0ea6e5711135383a3592e6b31e49",
|
|
"pattern": "[file:hashes.SHA1 = 'ae9e82e1e9cb95e97d4ca22e69e3fd2fa9736863']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b54a-fb1c-47dc-a5bf-4a1502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:14.000Z",
|
|
"modified": "2016-04-27T12:49:14.000Z",
|
|
"first_observed": "2016-04-27T12:49:14Z",
|
|
"last_observed": "2016-04-27T12:49:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b54a-fb1c-47dc-a5bf-4a1502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b54a-fb1c-47dc-a5bf-4a1502de0b81",
|
|
"value": "https://www.virustotal.com/file/1eca935655cce0b67456b66cdd6e83410ff2d0d6cef99e91e843b265829d7821/analysis/1460133319/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54a-277c-47fa-850f-472602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:14.000Z",
|
|
"modified": "2016-04-27T12:49:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a4f19520957bee3d68755a3978fb16be",
|
|
"pattern": "[file:hashes.SHA256 = 'ce228529a90f8403e9d3b439be452b15e8c2be0b2b4fe413d4f6f7465aece61d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54b-ef3c-428d-88b7-415302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:15.000Z",
|
|
"modified": "2016-04-27T12:49:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a4f19520957bee3d68755a3978fb16be",
|
|
"pattern": "[file:hashes.SHA1 = '0f92736ea6e70324dc84188a7667a4d29d1e5da5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b54b-4a00-4913-ad8b-402f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:15.000Z",
|
|
"modified": "2016-04-27T12:49:15.000Z",
|
|
"first_observed": "2016-04-27T12:49:15Z",
|
|
"last_observed": "2016-04-27T12:49:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b54b-4a00-4913-ad8b-402f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b54b-4a00-4913-ad8b-402f02de0b81",
|
|
"value": "https://www.virustotal.com/file/ce228529a90f8403e9d3b439be452b15e8c2be0b2b4fe413d4f6f7465aece61d/analysis/1454318848/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54c-117c-4a43-be9a-454702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:16.000Z",
|
|
"modified": "2016-04-27T12:49:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a4cba22ecfa33d1a4ad69be4616eeaf7",
|
|
"pattern": "[file:hashes.SHA256 = 'c79eb303d4997b07e488c5f86d73453acdd37b69a46136524ab97c1d91c977f2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54c-8810-4af4-9c30-40b802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:16.000Z",
|
|
"modified": "2016-04-27T12:49:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a4cba22ecfa33d1a4ad69be4616eeaf7",
|
|
"pattern": "[file:hashes.SHA1 = 'c11ebb238c966c33e0e6596002164e32b181c9bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b54c-b7c8-41cb-a2b0-43b002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:16.000Z",
|
|
"modified": "2016-04-27T12:49:16.000Z",
|
|
"first_observed": "2016-04-27T12:49:16Z",
|
|
"last_observed": "2016-04-27T12:49:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b54c-b7c8-41cb-a2b0-43b002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b54c-b7c8-41cb-a2b0-43b002de0b81",
|
|
"value": "https://www.virustotal.com/file/c79eb303d4997b07e488c5f86d73453acdd37b69a46136524ab97c1d91c977f2/analysis/1460370348/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54d-235c-45b2-9eaa-4a9202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:17.000Z",
|
|
"modified": "2016-04-27T12:49:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a4c8b0199f92f9be7b482df2bcce8162",
|
|
"pattern": "[file:hashes.SHA256 = '6aa903258cc630f99e59a84dacdf9d7e5e843b227ba21b985ef7291f9d2e4513']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54d-79b0-4ef6-8f9a-4eca02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:17.000Z",
|
|
"modified": "2016-04-27T12:49:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a4c8b0199f92f9be7b482df2bcce8162",
|
|
"pattern": "[file:hashes.SHA1 = '520eea93b78953899114800bed0b9c6248283e95']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b54e-052c-4837-a75b-4acd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:18.000Z",
|
|
"modified": "2016-04-27T12:49:18.000Z",
|
|
"first_observed": "2016-04-27T12:49:18Z",
|
|
"last_observed": "2016-04-27T12:49:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b54e-052c-4837-a75b-4acd02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b54e-052c-4837-a75b-4acd02de0b81",
|
|
"value": "https://www.virustotal.com/file/6aa903258cc630f99e59a84dacdf9d7e5e843b227ba21b985ef7291f9d2e4513/analysis/1455742815/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54e-0e80-4861-a9c9-4d6402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:18.000Z",
|
|
"modified": "2016-04-27T12:49:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a44b5c01378dd89c1c17565736f6c47b",
|
|
"pattern": "[file:hashes.SHA256 = '6c8e814326588570470b47d9c227d0c5d69a543fee0378306af2d8da67d877b9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54e-e214-4079-a8e0-48d202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:18.000Z",
|
|
"modified": "2016-04-27T12:49:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a44b5c01378dd89c1c17565736f6c47b",
|
|
"pattern": "[file:hashes.SHA1 = '4014ff06f022b2045d68cfd9fd29182757b48e45']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b54f-fb88-4d91-a7a5-4be802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:19.000Z",
|
|
"modified": "2016-04-27T12:49:19.000Z",
|
|
"first_observed": "2016-04-27T12:49:19Z",
|
|
"last_observed": "2016-04-27T12:49:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b54f-fb88-4d91-a7a5-4be802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b54f-fb88-4d91-a7a5-4be802de0b81",
|
|
"value": "https://www.virustotal.com/file/6c8e814326588570470b47d9c227d0c5d69a543fee0378306af2d8da67d877b9/analysis/1460335097/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b54f-b8d4-4406-90b4-455a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:19.000Z",
|
|
"modified": "2016-04-27T12:49:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a3ecea301bbe612ef9e17a502ee94b21",
|
|
"pattern": "[file:hashes.SHA256 = '4f77cd71bcccd6cf36f3b366e263a82d764a136c92f840b283882199720ee613']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b550-b67c-4c11-86cb-45b702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:20.000Z",
|
|
"modified": "2016-04-27T12:49:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a3ecea301bbe612ef9e17a502ee94b21",
|
|
"pattern": "[file:hashes.SHA1 = 'e49640d9754e05f729cb9eb1fc36ce76f5ae9714']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b550-1c64-421f-b7b3-4c0902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:20.000Z",
|
|
"modified": "2016-04-27T12:49:20.000Z",
|
|
"first_observed": "2016-04-27T12:49:20Z",
|
|
"last_observed": "2016-04-27T12:49:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b550-1c64-421f-b7b3-4c0902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b550-1c64-421f-b7b3-4c0902de0b81",
|
|
"value": "https://www.virustotal.com/file/4f77cd71bcccd6cf36f3b366e263a82d764a136c92f840b283882199720ee613/analysis/1455742853/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b551-badc-4a2c-90d8-451402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:21.000Z",
|
|
"modified": "2016-04-27T12:49:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a3aaff686bf34d60b8319ef2525387d3",
|
|
"pattern": "[file:hashes.SHA256 = '6063f2c6bb955b459e40308ba82a69607b675866a051066f8d85a0dc39fd59c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b551-0bb0-493d-9a03-4d6502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:21.000Z",
|
|
"modified": "2016-04-27T12:49:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a3aaff686bf34d60b8319ef2525387d3",
|
|
"pattern": "[file:hashes.SHA1 = '95df87e3f603735be49acc1f0d59b2e6906d6bad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b551-5a64-4cf3-be9c-44ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:21.000Z",
|
|
"modified": "2016-04-27T12:49:21.000Z",
|
|
"first_observed": "2016-04-27T12:49:21Z",
|
|
"last_observed": "2016-04-27T12:49:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b551-5a64-4cf3-be9c-44ab02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b551-5a64-4cf3-be9c-44ab02de0b81",
|
|
"value": "https://www.virustotal.com/file/6063f2c6bb955b459e40308ba82a69607b675866a051066f8d85a0dc39fd59c2/analysis/1455938481/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b552-e6c8-481e-a99b-444f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:22.000Z",
|
|
"modified": "2016-04-27T12:49:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a31adc93ea76a4e2dfb6ae199fc0a294",
|
|
"pattern": "[file:hashes.SHA256 = '3d1650f0f74ce4f54f3013d9b8778e49c7238688f46c709fea43f5d63a06062a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b552-0370-460e-b115-42d502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:22.000Z",
|
|
"modified": "2016-04-27T12:49:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a31adc93ea76a4e2dfb6ae199fc0a294",
|
|
"pattern": "[file:hashes.SHA1 = '4288dd65119b65c52de601012dc0da747b1497f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b553-a7ec-4e77-a05d-46fa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:23.000Z",
|
|
"modified": "2016-04-27T12:49:23.000Z",
|
|
"first_observed": "2016-04-27T12:49:23Z",
|
|
"last_observed": "2016-04-27T12:49:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b553-a7ec-4e77-a05d-46fa02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b553-a7ec-4e77-a05d-46fa02de0b81",
|
|
"value": "https://www.virustotal.com/file/3d1650f0f74ce4f54f3013d9b8778e49c7238688f46c709fea43f5d63a06062a/analysis/1454319190/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b553-1d84-43bb-a321-462602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:23.000Z",
|
|
"modified": "2016-04-27T12:49:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a2c5ffc33a96c6b10ae9afdaf5d00e62",
|
|
"pattern": "[file:hashes.SHA256 = '200047d0db980109eb51deca6a6d7fcff233eb0d85a435224e20615109a4149c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b553-cef8-4bb0-a18e-44da02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:23.000Z",
|
|
"modified": "2016-04-27T12:49:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a2c5ffc33a96c6b10ae9afdaf5d00e62",
|
|
"pattern": "[file:hashes.SHA1 = 'dfedfc7fce7898398c8ec574eb779e7f6bc2b8cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b554-7100-4032-9631-44f402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:24.000Z",
|
|
"modified": "2016-04-27T12:49:24.000Z",
|
|
"first_observed": "2016-04-27T12:49:24Z",
|
|
"last_observed": "2016-04-27T12:49:24Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b554-7100-4032-9631-44f402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b554-7100-4032-9631-44f402de0b81",
|
|
"value": "https://www.virustotal.com/file/200047d0db980109eb51deca6a6d7fcff233eb0d85a435224e20615109a4149c/analysis/1456760667/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b554-49dc-485d-8e60-414402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:24.000Z",
|
|
"modified": "2016-04-27T12:49:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a1e7602b96d78fc37b5e1d271dbab273",
|
|
"pattern": "[file:hashes.SHA256 = 'ddf9d9f4ba623e53724e134fac96fa401a5428870670ccc3ca43eda32df9a895']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b555-38d8-4a05-9f09-47a902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:25.000Z",
|
|
"modified": "2016-04-27T12:49:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a1e7602b96d78fc37b5e1d271dbab273",
|
|
"pattern": "[file:hashes.SHA1 = '81a457267ba822e77891cb9674bb72ce50652223']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b555-1204-4363-82d3-44f102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:25.000Z",
|
|
"modified": "2016-04-27T12:49:25.000Z",
|
|
"first_observed": "2016-04-27T12:49:25Z",
|
|
"last_observed": "2016-04-27T12:49:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b555-1204-4363-82d3-44f102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b555-1204-4363-82d3-44f102de0b81",
|
|
"value": "https://www.virustotal.com/file/ddf9d9f4ba623e53724e134fac96fa401a5428870670ccc3ca43eda32df9a895/analysis/1455742514/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b555-43a4-40e8-a704-4fc202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:25.000Z",
|
|
"modified": "2016-04-27T12:49:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a1d5f30ea6fc30d611c2636da4e763d4",
|
|
"pattern": "[file:hashes.SHA256 = 'b9b7600c1ffa023854249947e44dfe95d8b53c53a67ce1c6c98298ad5257e2e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b556-f670-42e0-b712-40e402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:26.000Z",
|
|
"modified": "2016-04-27T12:49:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a1d5f30ea6fc30d611c2636da4e763d4",
|
|
"pattern": "[file:hashes.SHA1 = 'cf2d3d9ca0ab3b2114afb7ce3d7386e2ff757f2b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b556-99dc-4ed2-95c9-436102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:26.000Z",
|
|
"modified": "2016-04-27T12:49:26.000Z",
|
|
"first_observed": "2016-04-27T12:49:26Z",
|
|
"last_observed": "2016-04-27T12:49:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b556-99dc-4ed2-95c9-436102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b556-99dc-4ed2-95c9-436102de0b81",
|
|
"value": "https://www.virustotal.com/file/b9b7600c1ffa023854249947e44dfe95d8b53c53a67ce1c6c98298ad5257e2e7/analysis/1456731344/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b557-bf84-4061-aec0-491902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:27.000Z",
|
|
"modified": "2016-04-27T12:49:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a1c504f51654200e6d0e424f38700f14",
|
|
"pattern": "[file:hashes.SHA256 = 'c19eb385c8c9b1523c697aa739dcdb5207fe9d7b8b16d2800401ad8065362ac3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b557-bc80-4b9f-8433-41ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:27.000Z",
|
|
"modified": "2016-04-27T12:49:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a1c504f51654200e6d0e424f38700f14",
|
|
"pattern": "[file:hashes.SHA1 = 'c36a56d26446ccf4584ec5f5059c35bf428c0a1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b558-044c-44e5-ac7f-436902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:28.000Z",
|
|
"modified": "2016-04-27T12:49:28.000Z",
|
|
"first_observed": "2016-04-27T12:49:28Z",
|
|
"last_observed": "2016-04-27T12:49:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b558-044c-44e5-ac7f-436902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b558-044c-44e5-ac7f-436902de0b81",
|
|
"value": "https://www.virustotal.com/file/c19eb385c8c9b1523c697aa739dcdb5207fe9d7b8b16d2800401ad8065362ac3/analysis/1456406760/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b558-7354-48ec-b01c-416e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:28.000Z",
|
|
"modified": "2016-04-27T12:49:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a1803ced57c1917f642ed407fc006659",
|
|
"pattern": "[file:hashes.SHA256 = '8920b31bbb293aa9ea0b83caaec1345a7498dd5123c2b8f0132438b9c56e1e01']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b558-0980-4aa3-a322-474202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:28.000Z",
|
|
"modified": "2016-04-27T12:49:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a1803ced57c1917f642ed407fc006659",
|
|
"pattern": "[file:hashes.SHA1 = 'fd05b33e64510f2d7cb99ad7fe6da320de047ff1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b559-9730-4196-bdb5-47e302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:29.000Z",
|
|
"modified": "2016-04-27T12:49:29.000Z",
|
|
"first_observed": "2016-04-27T12:49:29Z",
|
|
"last_observed": "2016-04-27T12:49:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b559-9730-4196-bdb5-47e302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b559-9730-4196-bdb5-47e302de0b81",
|
|
"value": "https://www.virustotal.com/file/8920b31bbb293aa9ea0b83caaec1345a7498dd5123c2b8f0132438b9c56e1e01/analysis/1460325211/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b559-488c-4b56-ba5e-456c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:29.000Z",
|
|
"modified": "2016-04-27T12:49:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a152ea9ee04ca9790d195f9f3209b24a",
|
|
"pattern": "[file:hashes.SHA256 = '0651194dea64b9eda769a540d00108eba54b9ec08de5ab943e45218daaf0e17d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55a-76a4-4a01-bb6f-43da02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:30.000Z",
|
|
"modified": "2016-04-27T12:49:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a152ea9ee04ca9790d195f9f3209b24a",
|
|
"pattern": "[file:hashes.SHA1 = 'ea2fa379af861dd48b86e6d0ce394b96484d4dbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b55a-d018-4646-a8ae-422f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:30.000Z",
|
|
"modified": "2016-04-27T12:49:30.000Z",
|
|
"first_observed": "2016-04-27T12:49:30Z",
|
|
"last_observed": "2016-04-27T12:49:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b55a-d018-4646-a8ae-422f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b55a-d018-4646-a8ae-422f02de0b81",
|
|
"value": "https://www.virustotal.com/file/0651194dea64b9eda769a540d00108eba54b9ec08de5ab943e45218daaf0e17d/analysis/1460140836/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55a-611c-4464-8149-412002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:30.000Z",
|
|
"modified": "2016-04-27T12:49:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a0c486b879e20d5ac1774736b48e832b",
|
|
"pattern": "[file:hashes.SHA256 = 'b9a818cd978bf645392d3b01aec56b20140bb95eb77a27b2497ec5c311823a3d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55b-5160-425b-8fe4-443302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:31.000Z",
|
|
"modified": "2016-04-27T12:49:31.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: a0c486b879e20d5ac1774736b48e832b",
|
|
"pattern": "[file:hashes.SHA1 = '13e1d24c828421cf6d2342a57ce6f9aa3f40a44a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b55b-74e0-4c83-9983-4df002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:31.000Z",
|
|
"modified": "2016-04-27T12:49:31.000Z",
|
|
"first_observed": "2016-04-27T12:49:31Z",
|
|
"last_observed": "2016-04-27T12:49:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b55b-74e0-4c83-9983-4df002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b55b-74e0-4c83-9983-4df002de0b81",
|
|
"value": "https://www.virustotal.com/file/b9a818cd978bf645392d3b01aec56b20140bb95eb77a27b2497ec5c311823a3d/analysis/1457936437/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55c-18a4-4a18-a1ab-435802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:32.000Z",
|
|
"modified": "2016-04-27T12:49:32.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9f723da52e774a6c5d03d8ba5f6af51f",
|
|
"pattern": "[file:hashes.SHA256 = '53cda9f14dc351c714ccead02837e84219095790314b5d2284ef2c231a76d5cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55c-2c74-426d-b517-498902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:32.000Z",
|
|
"modified": "2016-04-27T12:49:32.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9f723da52e774a6c5d03d8ba5f6af51f",
|
|
"pattern": "[file:hashes.SHA1 = 'b4d1a9001de50036186b110004f0c376cec6b9b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b55c-6130-4a54-9669-4be402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:32.000Z",
|
|
"modified": "2016-04-27T12:49:32.000Z",
|
|
"first_observed": "2016-04-27T12:49:32Z",
|
|
"last_observed": "2016-04-27T12:49:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b55c-6130-4a54-9669-4be402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b55c-6130-4a54-9669-4be402de0b81",
|
|
"value": "https://www.virustotal.com/file/53cda9f14dc351c714ccead02837e84219095790314b5d2284ef2c231a76d5cd/analysis/1460343270/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55d-3cb4-4e6c-a013-4d8702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:33.000Z",
|
|
"modified": "2016-04-27T12:49:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9e7d24027621c0ecfd13995f2e098e8c",
|
|
"pattern": "[file:hashes.SHA256 = '7bb94eebde5415307def6ef5ccfcd0c5b3f8a844c03b4e1901ae5809f71db380']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55d-bbc0-4cef-8db4-4fc302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:33.000Z",
|
|
"modified": "2016-04-27T12:49:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9e7d24027621c0ecfd13995f2e098e8c",
|
|
"pattern": "[file:hashes.SHA1 = 'c289dc9987bf39967bdbd0929a9c2860b5e11013']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b55e-9cc0-4b09-800e-422702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:34.000Z",
|
|
"modified": "2016-04-27T12:49:34.000Z",
|
|
"first_observed": "2016-04-27T12:49:34Z",
|
|
"last_observed": "2016-04-27T12:49:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b55e-9cc0-4b09-800e-422702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b55e-9cc0-4b09-800e-422702de0b81",
|
|
"value": "https://www.virustotal.com/file/7bb94eebde5415307def6ef5ccfcd0c5b3f8a844c03b4e1901ae5809f71db380/analysis/1458541466/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55e-80b8-4b37-8a22-4a9302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:34.000Z",
|
|
"modified": "2016-04-27T12:49:34.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9e173831c7f300e9dca9ee8725a34c5a",
|
|
"pattern": "[file:hashes.SHA256 = '65a893664cb6ca52615e32eaa1bbe841d0c991ba4abe35240a3f3a5387e1b568']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55f-561c-4b29-9ede-461b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:35.000Z",
|
|
"modified": "2016-04-27T12:49:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9e173831c7f300e9dca9ee8725a34c5a",
|
|
"pattern": "[file:hashes.SHA1 = 'feaac966b3cb27e844389bc06d7c6068cb19c582']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b55f-a320-408b-90d6-4fa302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:35.000Z",
|
|
"modified": "2016-04-27T12:49:35.000Z",
|
|
"first_observed": "2016-04-27T12:49:35Z",
|
|
"last_observed": "2016-04-27T12:49:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b55f-a320-408b-90d6-4fa302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b55f-a320-408b-90d6-4fa302de0b81",
|
|
"value": "https://www.virustotal.com/file/65a893664cb6ca52615e32eaa1bbe841d0c991ba4abe35240a3f3a5387e1b568/analysis/1455938414/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b55f-5250-4dbe-873e-494002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:35.000Z",
|
|
"modified": "2016-04-27T12:49:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9cf27a07e0a4a6f6b1a8958241a6a83f",
|
|
"pattern": "[file:hashes.SHA256 = 'e24b44496dd56cf1e8fefe161420f5f332ec238f3910274daf8ec1d018f613fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b560-d52c-4b85-bd76-4e3302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:36.000Z",
|
|
"modified": "2016-04-27T12:49:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9cf27a07e0a4a6f6b1a8958241a6a83f",
|
|
"pattern": "[file:hashes.SHA1 = '8e60f842122cc5d8b46fe0cd2cad9eb1d6bc5250']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b560-aa50-42a8-a7c4-49a502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:36.000Z",
|
|
"modified": "2016-04-27T12:49:36.000Z",
|
|
"first_observed": "2016-04-27T12:49:36Z",
|
|
"last_observed": "2016-04-27T12:49:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b560-aa50-42a8-a7c4-49a502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b560-aa50-42a8-a7c4-49a502de0b81",
|
|
"value": "https://www.virustotal.com/file/e24b44496dd56cf1e8fefe161420f5f332ec238f3910274daf8ec1d018f613fa/analysis/1454319679/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b561-b374-45dd-95b6-451c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:37.000Z",
|
|
"modified": "2016-04-27T12:49:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9c3ba2e8d172253e9d8ce30735bfbf78",
|
|
"pattern": "[file:hashes.SHA256 = '35858ae08e67a93915dc66765d8f8fefa86d22d96e7276eb42cd83ddc0150521']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b561-b178-4782-bc22-449302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:37.000Z",
|
|
"modified": "2016-04-27T12:49:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9c3ba2e8d172253e9d8ce30735bfbf78",
|
|
"pattern": "[file:hashes.SHA1 = '34957acbbb78ef0b589c24aacad4f10f120a7ab3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b561-e24c-462b-a9d8-47f002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:37.000Z",
|
|
"modified": "2016-04-27T12:49:37.000Z",
|
|
"first_observed": "2016-04-27T12:49:37Z",
|
|
"last_observed": "2016-04-27T12:49:37Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b561-e24c-462b-a9d8-47f002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b561-e24c-462b-a9d8-47f002de0b81",
|
|
"value": "https://www.virustotal.com/file/35858ae08e67a93915dc66765d8f8fefa86d22d96e7276eb42cd83ddc0150521/analysis/1458299382/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b562-7bf0-45ee-a00a-45e002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:38.000Z",
|
|
"modified": "2016-04-27T12:49:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9bdb39a159774154fabc23d06ad8d131",
|
|
"pattern": "[file:hashes.SHA256 = 'a035d2c70d98dd4fc827fe31fe353e1f9d4453699ba15617398e8e3558b8746e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b562-c324-447c-b62d-44c802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:38.000Z",
|
|
"modified": "2016-04-27T12:49:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9bdb39a159774154fabc23d06ad8d131",
|
|
"pattern": "[file:hashes.SHA1 = '0d41e6259e730a0ba128ff0f6110b042aec9a772']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b563-e0d4-4cd1-b0d7-462402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:39.000Z",
|
|
"modified": "2016-04-27T12:49:39.000Z",
|
|
"first_observed": "2016-04-27T12:49:39Z",
|
|
"last_observed": "2016-04-27T12:49:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b563-e0d4-4cd1-b0d7-462402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b563-e0d4-4cd1-b0d7-462402de0b81",
|
|
"value": "https://www.virustotal.com/file/a035d2c70d98dd4fc827fe31fe353e1f9d4453699ba15617398e8e3558b8746e/analysis/1456653005/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b563-512c-42e0-949e-479302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:39.000Z",
|
|
"modified": "2016-04-27T12:49:39.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9ba65c06057c179efbc8a62f86f2db71",
|
|
"pattern": "[file:hashes.SHA256 = '9dcda202b68453947d0c855f1ba4f62d3245bf9f1025489a706e7d63c8173530']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b564-160c-4e78-a5e7-418702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:40.000Z",
|
|
"modified": "2016-04-27T12:49:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9ba65c06057c179efbc8a62f86f2db71",
|
|
"pattern": "[file:hashes.SHA1 = 'ee6887173281eb5621a36bd340d96f1e3b1dd65b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b564-51ec-4463-8057-49a402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:40.000Z",
|
|
"modified": "2016-04-27T12:49:40.000Z",
|
|
"first_observed": "2016-04-27T12:49:40Z",
|
|
"last_observed": "2016-04-27T12:49:40Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b564-51ec-4463-8057-49a402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b564-51ec-4463-8057-49a402de0b81",
|
|
"value": "https://www.virustotal.com/file/9dcda202b68453947d0c855f1ba4f62d3245bf9f1025489a706e7d63c8173530/analysis/1457936442/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b564-ad34-42e1-877f-4cc902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:40.000Z",
|
|
"modified": "2016-04-27T12:49:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9ab4cbd602ad8e5434e863bf0d84be2f",
|
|
"pattern": "[file:hashes.SHA256 = '5ba2b902f0dbc042d1d98353744d01291b4201b7896820b337962c53f0ec8354']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b565-4e24-47ef-9890-428c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:41.000Z",
|
|
"modified": "2016-04-27T12:49:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9ab4cbd602ad8e5434e863bf0d84be2f",
|
|
"pattern": "[file:hashes.SHA1 = '078affef076f67eae5175d167b0d8b6477d875e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b565-79d4-4414-9ddf-43cd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:41.000Z",
|
|
"modified": "2016-04-27T12:49:41.000Z",
|
|
"first_observed": "2016-04-27T12:49:41Z",
|
|
"last_observed": "2016-04-27T12:49:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b565-79d4-4414-9ddf-43cd02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b565-79d4-4414-9ddf-43cd02de0b81",
|
|
"value": "https://www.virustotal.com/file/5ba2b902f0dbc042d1d98353744d01291b4201b7896820b337962c53f0ec8354/analysis/1457152794/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b566-cbac-4a9c-b23f-464702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:42.000Z",
|
|
"modified": "2016-04-27T12:49:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 99236003238f8ee88b5c4c8d02fdd17d",
|
|
"pattern": "[file:hashes.SHA256 = 'c40455e4d1782734c5dd660ce2dc0f62e888981bd77d7e4f66e26b79c6ea652d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b566-fdc8-4fcd-9d61-474d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:42.000Z",
|
|
"modified": "2016-04-27T12:49:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 99236003238f8ee88b5c4c8d02fdd17d",
|
|
"pattern": "[file:hashes.SHA1 = 'da9a80b56d5056bde7715db1b37829375c4a45b3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b566-7d40-4a4a-ac5d-476f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:42.000Z",
|
|
"modified": "2016-04-27T12:49:42.000Z",
|
|
"first_observed": "2016-04-27T12:49:42Z",
|
|
"last_observed": "2016-04-27T12:49:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b566-7d40-4a4a-ac5d-476f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b566-7d40-4a4a-ac5d-476f02de0b81",
|
|
"value": "https://www.virustotal.com/file/c40455e4d1782734c5dd660ce2dc0f62e888981bd77d7e4f66e26b79c6ea652d/analysis/1460645400/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b567-56ac-4bfc-a8d9-4d8a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:43.000Z",
|
|
"modified": "2016-04-27T12:49:43.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 97cbd88d4414b41939571e994add3756",
|
|
"pattern": "[file:hashes.SHA256 = '677ac80dc31143f1dde1d941d1584fa430a96a5f13af4e00a5b8bda4891e2018']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b567-f60c-420d-bce1-42cf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:43.000Z",
|
|
"modified": "2016-04-27T12:49:43.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 97cbd88d4414b41939571e994add3756",
|
|
"pattern": "[file:hashes.SHA1 = '7d6760dd53e4b08abeb0d49cfc79ab7e7524a8b3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b568-3548-4bab-aea2-40b902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:44.000Z",
|
|
"modified": "2016-04-27T12:49:44.000Z",
|
|
"first_observed": "2016-04-27T12:49:44Z",
|
|
"last_observed": "2016-04-27T12:49:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b568-3548-4bab-aea2-40b902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b568-3548-4bab-aea2-40b902de0b81",
|
|
"value": "https://www.virustotal.com/file/677ac80dc31143f1dde1d941d1584fa430a96a5f13af4e00a5b8bda4891e2018/analysis/1455741680/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b568-e064-45f3-9691-4b8e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:44.000Z",
|
|
"modified": "2016-04-27T12:49:44.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9621369183946ebb60d9959828dd5e16",
|
|
"pattern": "[file:hashes.SHA256 = '7b93aff53ce0a7b6ab2021e9830d3bbbc8eafe1c56fd3de0637bc5cb47bdc041']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b568-4228-4763-a273-436702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:44.000Z",
|
|
"modified": "2016-04-27T12:49:44.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9621369183946ebb60d9959828dd5e16",
|
|
"pattern": "[file:hashes.SHA1 = 'c8924249e24148accfc3b69907435a8ca0afa0ad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b569-8978-4eee-94be-48aa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:45.000Z",
|
|
"modified": "2016-04-27T12:49:45.000Z",
|
|
"first_observed": "2016-04-27T12:49:45Z",
|
|
"last_observed": "2016-04-27T12:49:45Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b569-8978-4eee-94be-48aa02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b569-8978-4eee-94be-48aa02de0b81",
|
|
"value": "https://www.virustotal.com/file/7b93aff53ce0a7b6ab2021e9830d3bbbc8eafe1c56fd3de0637bc5cb47bdc041/analysis/1460329909/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b569-fc0c-47e9-896a-495f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:45.000Z",
|
|
"modified": "2016-04-27T12:49:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 960d7dfa6f9c110732c34025687d5b60",
|
|
"pattern": "[file:hashes.SHA256 = '03985328adb2ece9e8838cebc7299842a6729d4809adbcaed081f9b23a3d51c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56a-154c-425d-9dac-4c1002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:46.000Z",
|
|
"modified": "2016-04-27T12:49:46.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 960d7dfa6f9c110732c34025687d5b60",
|
|
"pattern": "[file:hashes.SHA1 = 'c74297f2e56e643784e62972c5e20408a91f5c2b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b56a-1fbc-4488-a37b-481002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:46.000Z",
|
|
"modified": "2016-04-27T12:49:46.000Z",
|
|
"first_observed": "2016-04-27T12:49:46Z",
|
|
"last_observed": "2016-04-27T12:49:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b56a-1fbc-4488-a37b-481002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b56a-1fbc-4488-a37b-481002de0b81",
|
|
"value": "https://www.virustotal.com/file/03985328adb2ece9e8838cebc7299842a6729d4809adbcaed081f9b23a3d51c8/analysis/1455741648/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56b-b1ac-4b2b-8d3f-42f102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:47.000Z",
|
|
"modified": "2016-04-27T12:49:47.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 95921f248cd912e301c6b04120714d1f",
|
|
"pattern": "[file:hashes.SHA256 = '38e37071c391c6ef32065caf7cd201afb233f449ef85951705bee4d4556b8b28']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56b-a610-48fe-a05d-4aaf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:47.000Z",
|
|
"modified": "2016-04-27T12:49:47.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 95921f248cd912e301c6b04120714d1f",
|
|
"pattern": "[file:hashes.SHA1 = '2deaf66b0c6f4510d0eee35d3e84e458b32bff33']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b56b-1720-45c0-a529-4c1902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:47.000Z",
|
|
"modified": "2016-04-27T12:49:47.000Z",
|
|
"first_observed": "2016-04-27T12:49:47Z",
|
|
"last_observed": "2016-04-27T12:49:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b56b-1720-45c0-a529-4c1902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b56b-1720-45c0-a529-4c1902de0b81",
|
|
"value": "https://www.virustotal.com/file/38e37071c391c6ef32065caf7cd201afb233f449ef85951705bee4d4556b8b28/analysis/1457480659/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56c-579c-4496-9762-44a302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:48.000Z",
|
|
"modified": "2016-04-27T12:49:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9461365a2bed17fb5b41536bf07ba165",
|
|
"pattern": "[file:hashes.SHA256 = '4ee241be46226bde506d70e051cf8a16451195eb60c4b62edb2e7b4a9dd98a34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56c-7780-4dd9-9880-434102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:48.000Z",
|
|
"modified": "2016-04-27T12:49:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 9461365a2bed17fb5b41536bf07ba165",
|
|
"pattern": "[file:hashes.SHA1 = 'bf75b084dbf7c3bd31c028b5942b0dd8df27679e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b56d-21ec-4fed-9094-456c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:49.000Z",
|
|
"modified": "2016-04-27T12:49:49.000Z",
|
|
"first_observed": "2016-04-27T12:49:49Z",
|
|
"last_observed": "2016-04-27T12:49:49Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b56d-21ec-4fed-9094-456c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b56d-21ec-4fed-9094-456c02de0b81",
|
|
"value": "https://www.virustotal.com/file/4ee241be46226bde506d70e051cf8a16451195eb60c4b62edb2e7b4a9dd98a34/analysis/1457767216/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56d-2fc8-4c80-91b6-4bf902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:49.000Z",
|
|
"modified": "2016-04-27T12:49:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 940981070911dee2e2818216047d2ecb",
|
|
"pattern": "[file:hashes.SHA256 = '9ea284acca9c1f263be4a0b04b92fee0f60e1f3829101ef49886a95f7494e870']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56d-a7f4-4114-9456-416002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:49.000Z",
|
|
"modified": "2016-04-27T12:49:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 940981070911dee2e2818216047d2ecb",
|
|
"pattern": "[file:hashes.SHA1 = '4176fa740ee0d941eed32d8e722e7ddd8d641e1c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b56e-2d0c-47d6-9f9a-45a802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:50.000Z",
|
|
"modified": "2016-04-27T12:49:50.000Z",
|
|
"first_observed": "2016-04-27T12:49:50Z",
|
|
"last_observed": "2016-04-27T12:49:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b56e-2d0c-47d6-9f9a-45a802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b56e-2d0c-47d6-9f9a-45a802de0b81",
|
|
"value": "https://www.virustotal.com/file/9ea284acca9c1f263be4a0b04b92fee0f60e1f3829101ef49886a95f7494e870/analysis/1458111186/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56e-bb30-46aa-ae28-476702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:50.000Z",
|
|
"modified": "2016-04-27T12:49:50.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 93b8d4d9704c13d983cf99a1296259d2",
|
|
"pattern": "[file:hashes.SHA256 = '9ebc2e4e8d183c9a3d0be7b0d5eee8897da66349a30b87c387083c29c230425f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b56f-b7d8-4028-b5dd-43ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:51.000Z",
|
|
"modified": "2016-04-27T12:49:51.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 93b8d4d9704c13d983cf99a1296259d2",
|
|
"pattern": "[file:hashes.SHA1 = '96b5d6db892356819f1d3d404888a7491526103d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b56f-15c4-463a-a5b4-452902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:51.000Z",
|
|
"modified": "2016-04-27T12:49:51.000Z",
|
|
"first_observed": "2016-04-27T12:49:51Z",
|
|
"last_observed": "2016-04-27T12:49:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b56f-15c4-463a-a5b4-452902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b56f-15c4-463a-a5b4-452902de0b81",
|
|
"value": "https://www.virustotal.com/file/9ebc2e4e8d183c9a3d0be7b0d5eee8897da66349a30b87c387083c29c230425f/analysis/1460317652/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b570-4d88-40f1-a4b2-473302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:52.000Z",
|
|
"modified": "2016-04-27T12:49:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 93323852f58c4e1b436a671651cc4998",
|
|
"pattern": "[file:hashes.SHA256 = '5bcee1501a65dd2be72da9861c795f617db4a5ac5c48659ceca10b643b6dbc74']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b570-f0cc-4ec2-9fef-4e5002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:52.000Z",
|
|
"modified": "2016-04-27T12:49:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 93323852f58c4e1b436a671651cc4998",
|
|
"pattern": "[file:hashes.SHA1 = 'd6d0e3df01ed5c6d8e33ed5cc1f8bb73ae85a7ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b570-1474-48d8-a285-478202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:52.000Z",
|
|
"modified": "2016-04-27T12:49:52.000Z",
|
|
"first_observed": "2016-04-27T12:49:52Z",
|
|
"last_observed": "2016-04-27T12:49:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b570-1474-48d8-a285-478202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b570-1474-48d8-a285-478202de0b81",
|
|
"value": "https://www.virustotal.com/file/5bcee1501a65dd2be72da9861c795f617db4a5ac5c48659ceca10b643b6dbc74/analysis/1457421926/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b571-f8f4-411d-b01e-449e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:53.000Z",
|
|
"modified": "2016-04-27T12:49:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 91c6a4e86d72c60beef95b75f9b4be82",
|
|
"pattern": "[file:hashes.SHA256 = 'daf273e57886bd03f61dc3c7aa52e1b4ae7869d02ab9eb721f07fcaa967e563c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b571-bb58-4fd1-9c74-480d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:53.000Z",
|
|
"modified": "2016-04-27T12:49:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 91c6a4e86d72c60beef95b75f9b4be82",
|
|
"pattern": "[file:hashes.SHA1 = '9d79ef9df556441be4dc7753da8721ae20bf5ac0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b572-56ac-4982-a342-49b102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:54.000Z",
|
|
"modified": "2016-04-27T12:49:54.000Z",
|
|
"first_observed": "2016-04-27T12:49:54Z",
|
|
"last_observed": "2016-04-27T12:49:54Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b572-56ac-4982-a342-49b102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b572-56ac-4982-a342-49b102de0b81",
|
|
"value": "https://www.virustotal.com/file/daf273e57886bd03f61dc3c7aa52e1b4ae7869d02ab9eb721f07fcaa967e563c/analysis/1457936460/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b572-57cc-4636-a33a-4f4a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:54.000Z",
|
|
"modified": "2016-04-27T12:49:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 91a2746500d253633dd953692183fd76",
|
|
"pattern": "[file:hashes.SHA256 = 'ed997f5a357e10e705443a245beb6a3be8e9989c3fb02aa70eb8139661dcab5f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b572-a02c-4066-825c-476f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:54.000Z",
|
|
"modified": "2016-04-27T12:49:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 91a2746500d253633dd953692183fd76",
|
|
"pattern": "[file:hashes.SHA1 = '3425e68789614cbda4284169589f7aeab8e28b28']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b573-a048-4e81-9cd7-462402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:55.000Z",
|
|
"modified": "2016-04-27T12:49:55.000Z",
|
|
"first_observed": "2016-04-27T12:49:55Z",
|
|
"last_observed": "2016-04-27T12:49:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b573-a048-4e81-9cd7-462402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b573-a048-4e81-9cd7-462402de0b81",
|
|
"value": "https://www.virustotal.com/file/ed997f5a357e10e705443a245beb6a3be8e9989c3fb02aa70eb8139661dcab5f/analysis/1457268355/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b573-7c5c-4431-a383-4f3e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:55.000Z",
|
|
"modified": "2016-04-27T12:49:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 90366f0731b60cf0c9959f06509d9ff5",
|
|
"pattern": "[file:hashes.SHA256 = 'c631af5df169e54d7b5482d49e24d8bfb7c1fe62518bd00f646e959766f5a634']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b574-fd18-4fea-9bf0-499002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:56.000Z",
|
|
"modified": "2016-04-27T12:49:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 90366f0731b60cf0c9959f06509d9ff5",
|
|
"pattern": "[file:hashes.SHA1 = 'f73af520d678cc77b4ce87c054a93ea11788ac35']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b574-88dc-49d0-944f-4d6502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:56.000Z",
|
|
"modified": "2016-04-27T12:49:56.000Z",
|
|
"first_observed": "2016-04-27T12:49:56Z",
|
|
"last_observed": "2016-04-27T12:49:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b574-88dc-49d0-944f-4d6502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b574-88dc-49d0-944f-4d6502de0b81",
|
|
"value": "https://www.virustotal.com/file/c631af5df169e54d7b5482d49e24d8bfb7c1fe62518bd00f646e959766f5a634/analysis/1458181833/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b574-30c8-4380-a5d0-411f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:56.000Z",
|
|
"modified": "2016-04-27T12:49:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8f1fa31155a38ce3d6bc0fba43a82362",
|
|
"pattern": "[file:hashes.SHA256 = '426a2574e36d2a19d71b4388e4419c8ea2900045fd9a81583f48478c89a9c158']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b575-c87c-421c-8fff-488a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:57.000Z",
|
|
"modified": "2016-04-27T12:49:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8f1fa31155a38ce3d6bc0fba43a82362",
|
|
"pattern": "[file:hashes.SHA1 = 'f61e8ae0ec2c7b60d4720ac2e8867fb062092f06']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b575-b154-4101-9b82-4a6602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:57.000Z",
|
|
"modified": "2016-04-27T12:49:57.000Z",
|
|
"first_observed": "2016-04-27T12:49:57Z",
|
|
"last_observed": "2016-04-27T12:49:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b575-b154-4101-9b82-4a6602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b575-b154-4101-9b82-4a6602de0b81",
|
|
"value": "https://www.virustotal.com/file/426a2574e36d2a19d71b4388e4419c8ea2900045fd9a81583f48478c89a9c158/analysis/1460122549/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b576-63f0-48ab-8985-44de02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:58.000Z",
|
|
"modified": "2016-04-27T12:49:58.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8f11770349001409163245422b8d4442",
|
|
"pattern": "[file:hashes.SHA256 = 'd2cc4ea6c945c385320595a10ea1b3ca39dff85d5dcf4349f8cc2bfdabd6d00b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b576-92ec-49a3-8ec3-413802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:58.000Z",
|
|
"modified": "2016-04-27T12:49:58.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8f11770349001409163245422b8d4442",
|
|
"pattern": "[file:hashes.SHA1 = 'b912ce0d380189ccfc94fdf9717b519deb0085bc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b577-21f0-48e2-a410-456e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:59.000Z",
|
|
"modified": "2016-04-27T12:49:59.000Z",
|
|
"first_observed": "2016-04-27T12:49:59Z",
|
|
"last_observed": "2016-04-27T12:49:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b577-21f0-48e2-a410-456e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b577-21f0-48e2-a410-456e02de0b81",
|
|
"value": "https://www.virustotal.com/file/d2cc4ea6c945c385320595a10ea1b3ca39dff85d5dcf4349f8cc2bfdabd6d00b/analysis/1457421967/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b577-ddc8-4e53-a508-4fc802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:59.000Z",
|
|
"modified": "2016-04-27T12:49:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8f0243b5077bdb23baa1ceeedc697ff0",
|
|
"pattern": "[file:hashes.SHA256 = '26cca3e2465bc5f35943e9e4d830d127af542efa243802cb63112b3e62ee1ea1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b577-528c-4314-ade7-44c002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:49:59.000Z",
|
|
"modified": "2016-04-27T12:49:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8f0243b5077bdb23baa1ceeedc697ff0",
|
|
"pattern": "[file:hashes.SHA1 = '85cc68769f64d12a85c810904f62bb1f8d6fc146']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:49:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b578-b1dc-4390-a772-4d3002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:00.000Z",
|
|
"modified": "2016-04-27T12:50:00.000Z",
|
|
"first_observed": "2016-04-27T12:50:00Z",
|
|
"last_observed": "2016-04-27T12:50:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b578-b1dc-4390-a772-4d3002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b578-b1dc-4390-a772-4d3002de0b81",
|
|
"value": "https://www.virustotal.com/file/26cca3e2465bc5f35943e9e4d830d127af542efa243802cb63112b3e62ee1ea1/analysis/1455161228/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b578-4f84-4326-af70-47a902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:00.000Z",
|
|
"modified": "2016-04-27T12:50:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8e5e0eb98e813371653b09864d4fc76a",
|
|
"pattern": "[file:hashes.SHA256 = '6ff7ce3d027b02203f910ae74d3ad18417efec422b65af7b86b073919cd6bbec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b579-d314-4029-92ca-4a8e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:01.000Z",
|
|
"modified": "2016-04-27T12:50:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8e5e0eb98e813371653b09864d4fc76a",
|
|
"pattern": "[file:hashes.SHA1 = '41bba3f68b062746d05f25e96b6cbe6d102a1122']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b579-25e4-4d26-a626-45b702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:01.000Z",
|
|
"modified": "2016-04-27T12:50:01.000Z",
|
|
"first_observed": "2016-04-27T12:50:01Z",
|
|
"last_observed": "2016-04-27T12:50:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b579-25e4-4d26-a626-45b702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b579-25e4-4d26-a626-45b702de0b81",
|
|
"value": "https://www.virustotal.com/file/6ff7ce3d027b02203f910ae74d3ad18417efec422b65af7b86b073919cd6bbec/analysis/1455741071/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b579-6b04-4d0a-9a00-4bda02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:01.000Z",
|
|
"modified": "2016-04-27T12:50:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8e1207efd35f03caf74fdff314368da9",
|
|
"pattern": "[file:hashes.SHA256 = '37a9a7ba93e6d3b8518d7a4ee1fd0d552695bf51a6e22d11a0ab4608e8cb167e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57a-278c-467f-886d-4a1f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:02.000Z",
|
|
"modified": "2016-04-27T12:50:02.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8e1207efd35f03caf74fdff314368da9",
|
|
"pattern": "[file:hashes.SHA1 = '353387307a2d067cc6309b7ab0756e7df0bbc470']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b57a-13e0-4fa5-aa9e-45f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:02.000Z",
|
|
"modified": "2016-04-27T12:50:02.000Z",
|
|
"first_observed": "2016-04-27T12:50:02Z",
|
|
"last_observed": "2016-04-27T12:50:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b57a-13e0-4fa5-aa9e-45f502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b57a-13e0-4fa5-aa9e-45f502de0b81",
|
|
"value": "https://www.virustotal.com/file/37a9a7ba93e6d3b8518d7a4ee1fd0d552695bf51a6e22d11a0ab4608e8cb167e/analysis/1458111132/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57b-3ee8-464a-bf80-456c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:03.000Z",
|
|
"modified": "2016-04-27T12:50:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8dadd1162d01911160a5dbcdf081c5ba",
|
|
"pattern": "[file:hashes.SHA256 = '4b5d06ccb2d5ffe71a0d7e08b9a7f691d682ac48a445e32050aabd801e3c1dec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57b-cf04-4c5f-a31e-417202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:03.000Z",
|
|
"modified": "2016-04-27T12:50:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8dadd1162d01911160a5dbcdf081c5ba",
|
|
"pattern": "[file:hashes.SHA1 = 'aaa8bc57fe36c43c439dad67ed5fb3422fe1c74d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b57c-74ec-4a83-8a23-437c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:04.000Z",
|
|
"modified": "2016-04-27T12:50:04.000Z",
|
|
"first_observed": "2016-04-27T12:50:04Z",
|
|
"last_observed": "2016-04-27T12:50:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b57c-74ec-4a83-8a23-437c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b57c-74ec-4a83-8a23-437c02de0b81",
|
|
"value": "https://www.virustotal.com/file/4b5d06ccb2d5ffe71a0d7e08b9a7f691d682ac48a445e32050aabd801e3c1dec/analysis/1457421904/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57c-f414-4d34-9406-4c3302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:04.000Z",
|
|
"modified": "2016-04-27T12:50:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8d7c7392767415031d9ded205f0b29ef",
|
|
"pattern": "[file:hashes.SHA256 = 'caaa1ae2995aea06c5f3cf43d6cd205e56e08bc8111ae2e98dc4ee874e01a77f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57c-2d5c-4fe5-8d5f-40ff02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:04.000Z",
|
|
"modified": "2016-04-27T12:50:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8d7c7392767415031d9ded205f0b29ef",
|
|
"pattern": "[file:hashes.SHA1 = 'a35d0154bca56588625c9eb827bfc0d22fd26b7b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b57d-5168-43a6-a9cb-4ace02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:05.000Z",
|
|
"modified": "2016-04-27T12:50:05.000Z",
|
|
"first_observed": "2016-04-27T12:50:05Z",
|
|
"last_observed": "2016-04-27T12:50:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b57d-5168-43a6-a9cb-4ace02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b57d-5168-43a6-a9cb-4ace02de0b81",
|
|
"value": "https://www.virustotal.com/file/caaa1ae2995aea06c5f3cf43d6cd205e56e08bc8111ae2e98dc4ee874e01a77f/analysis/1455741019/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57d-2110-4b57-b49e-41f102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:05.000Z",
|
|
"modified": "2016-04-27T12:50:05.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8ceb4223e6238955fa7e154a794d5d04",
|
|
"pattern": "[file:hashes.SHA256 = '1ffd5b048917d0143dd37c989b2bb4c5d12582acd38bf36c31f508a20d2e2df3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57e-674c-4be6-a3d5-40e402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:06.000Z",
|
|
"modified": "2016-04-27T12:50:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8ceb4223e6238955fa7e154a794d5d04",
|
|
"pattern": "[file:hashes.SHA1 = '32886dfadabfa57d6f717577d5892939d6155f0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b57e-16e8-4827-a729-437f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:06.000Z",
|
|
"modified": "2016-04-27T12:50:06.000Z",
|
|
"first_observed": "2016-04-27T12:50:06Z",
|
|
"last_observed": "2016-04-27T12:50:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b57e-16e8-4827-a729-437f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b57e-16e8-4827-a729-437f02de0b81",
|
|
"value": "https://www.virustotal.com/file/1ffd5b048917d0143dd37c989b2bb4c5d12582acd38bf36c31f508a20d2e2df3/analysis/1457767223/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57e-0590-4bb5-ab26-47c002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:06.000Z",
|
|
"modified": "2016-04-27T12:50:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8b56c493375d3b65d509793751509ba5",
|
|
"pattern": "[file:hashes.SHA256 = 'f5aeddf50f32fdd92b6194c0cc74f4116bfeeda56ce55b2233436ee17c01f493']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b57f-312c-4d90-827d-43dc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:07.000Z",
|
|
"modified": "2016-04-27T12:50:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8b56c493375d3b65d509793751509ba5",
|
|
"pattern": "[file:hashes.SHA1 = '0e0b07e14bf2e764c16472acf6e66a54478b1591']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b57f-60f8-431a-a089-4fa902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:07.000Z",
|
|
"modified": "2016-04-27T12:50:07.000Z",
|
|
"first_observed": "2016-04-27T12:50:07Z",
|
|
"last_observed": "2016-04-27T12:50:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b57f-60f8-431a-a089-4fa902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b57f-60f8-431a-a089-4fa902de0b81",
|
|
"value": "https://www.virustotal.com/file/f5aeddf50f32fdd92b6194c0cc74f4116bfeeda56ce55b2233436ee17c01f493/analysis/1455740808/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b580-6750-400d-b41f-407402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:08.000Z",
|
|
"modified": "2016-04-27T12:50:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8a5c4d1d946a01b56f180c930438c1e9",
|
|
"pattern": "[file:hashes.SHA256 = 'e282b98cd977cc9f03e29480e76fc4b0cac09df9462b7cefad618bfddc3cffc7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b580-dfc4-4d85-97a3-4e8b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:08.000Z",
|
|
"modified": "2016-04-27T12:50:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8a5c4d1d946a01b56f180c930438c1e9",
|
|
"pattern": "[file:hashes.SHA1 = '84c6e3e7e5a93c15299aa8fa5e233d136a9df0e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b580-2e64-419c-ba86-4fc102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:08.000Z",
|
|
"modified": "2016-04-27T12:50:08.000Z",
|
|
"first_observed": "2016-04-27T12:50:08Z",
|
|
"last_observed": "2016-04-27T12:50:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b580-2e64-419c-ba86-4fc102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b580-2e64-419c-ba86-4fc102de0b81",
|
|
"value": "https://www.virustotal.com/file/e282b98cd977cc9f03e29480e76fc4b0cac09df9462b7cefad618bfddc3cffc7/analysis/1454318832/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b581-32ec-45ca-bd4e-4aa602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:09.000Z",
|
|
"modified": "2016-04-27T12:50:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8a0aae077c62d37ba9aeed2ad441dcf3",
|
|
"pattern": "[file:hashes.SHA256 = 'a2b9341099ab25a8e61637201115bed39d17990f99c99bd342f36826d4c536f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b581-5910-49a1-aba8-487602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:09.000Z",
|
|
"modified": "2016-04-27T12:50:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8a0aae077c62d37ba9aeed2ad441dcf3",
|
|
"pattern": "[file:hashes.SHA1 = 'f23ae72691c444188f9ba81b0efdd168c75720c6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b582-d21c-41b2-a5a6-4e0602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:10.000Z",
|
|
"modified": "2016-04-27T12:50:10.000Z",
|
|
"first_observed": "2016-04-27T12:50:10Z",
|
|
"last_observed": "2016-04-27T12:50:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b582-d21c-41b2-a5a6-4e0602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b582-d21c-41b2-a5a6-4e0602de0b81",
|
|
"value": "https://www.virustotal.com/file/a2b9341099ab25a8e61637201115bed39d17990f99c99bd342f36826d4c536f6/analysis/1455740779/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b582-c674-409e-9701-444002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:10.000Z",
|
|
"modified": "2016-04-27T12:50:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 898683c4f39ad83f53f38460e170fd77",
|
|
"pattern": "[file:hashes.SHA256 = 'de018c269bfa0e5ac475b69626ddbad29e8c98860e5e9b1beb09f74e7a79c905']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b583-d014-4c4b-9ff1-473002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:11.000Z",
|
|
"modified": "2016-04-27T12:50:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 898683c4f39ad83f53f38460e170fd77",
|
|
"pattern": "[file:hashes.SHA1 = '15d369cff39407389966cd2b1d76465525e7887b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b583-5f8c-4fb0-a9da-4d6c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:11.000Z",
|
|
"modified": "2016-04-27T12:50:11.000Z",
|
|
"first_observed": "2016-04-27T12:50:11Z",
|
|
"last_observed": "2016-04-27T12:50:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b583-5f8c-4fb0-a9da-4d6c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b583-5f8c-4fb0-a9da-4d6c02de0b81",
|
|
"value": "https://www.virustotal.com/file/de018c269bfa0e5ac475b69626ddbad29e8c98860e5e9b1beb09f74e7a79c905/analysis/1456605066/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b583-da4c-46e1-80db-477a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:11.000Z",
|
|
"modified": "2016-04-27T12:50:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 895ef967c9ee97c5b9f3bdc426f6ad0f",
|
|
"pattern": "[file:hashes.SHA256 = '8ea79be1f4a2b928a25357d20072a223f8c882ae313b7f91ca76474484de9911']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b584-2b28-4dbe-8217-4dc702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:12.000Z",
|
|
"modified": "2016-04-27T12:50:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 895ef967c9ee97c5b9f3bdc426f6ad0f",
|
|
"pattern": "[file:hashes.SHA1 = '35f7278234c4ec1d9c1574e23e2c1eae8c018b80']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b584-95cc-4396-8940-4daf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:12.000Z",
|
|
"modified": "2016-04-27T12:50:12.000Z",
|
|
"first_observed": "2016-04-27T12:50:12Z",
|
|
"last_observed": "2016-04-27T12:50:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b584-95cc-4396-8940-4daf02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b584-95cc-4396-8940-4daf02de0b81",
|
|
"value": "https://www.virustotal.com/file/8ea79be1f4a2b928a25357d20072a223f8c882ae313b7f91ca76474484de9911/analysis/1455740784/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b585-2734-445e-8847-457902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:13.000Z",
|
|
"modified": "2016-04-27T12:50:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 895a3b66c76c169b02843468062b1c5d",
|
|
"pattern": "[file:hashes.SHA256 = '2fafe21d33684179dac32aebdfcdd2749ed2a235a43591360c77864313d5b8c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b585-9064-4ef3-8174-40ed02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:13.000Z",
|
|
"modified": "2016-04-27T12:50:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 895a3b66c76c169b02843468062b1c5d",
|
|
"pattern": "[file:hashes.SHA1 = 'bbc26c255454d08d11cf0dc27ee1f948b05bd0a4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b585-ed54-4213-858b-4cb602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:13.000Z",
|
|
"modified": "2016-04-27T12:50:13.000Z",
|
|
"first_observed": "2016-04-27T12:50:13Z",
|
|
"last_observed": "2016-04-27T12:50:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b585-ed54-4213-858b-4cb602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b585-ed54-4213-858b-4cb602de0b81",
|
|
"value": "https://www.virustotal.com/file/2fafe21d33684179dac32aebdfcdd2749ed2a235a43591360c77864313d5b8c0/analysis/1456654819/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b586-2120-4d12-bf61-4ce702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:14.000Z",
|
|
"modified": "2016-04-27T12:50:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8895d772158f5456a80a2093aad516a2",
|
|
"pattern": "[file:hashes.SHA256 = '26910b2c3b5868c567ed10ddd132892d6e514100efee3a09d6a0c09c58f1335d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b586-76ec-48db-b812-4ea302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:14.000Z",
|
|
"modified": "2016-04-27T12:50:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8895d772158f5456a80a2093aad516a2",
|
|
"pattern": "[file:hashes.SHA1 = '27e532c61aa92598e1f2ee2d5943370fbd9e73e8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b587-3bdc-4a56-bb0e-49d602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:15.000Z",
|
|
"modified": "2016-04-27T12:50:15.000Z",
|
|
"first_observed": "2016-04-27T12:50:15Z",
|
|
"last_observed": "2016-04-27T12:50:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b587-3bdc-4a56-bb0e-49d602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b587-3bdc-4a56-bb0e-49d602de0b81",
|
|
"value": "https://www.virustotal.com/file/26910b2c3b5868c567ed10ddd132892d6e514100efee3a09d6a0c09c58f1335d/analysis/1457421926/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b587-91c0-476b-8c6a-4cbe02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:15.000Z",
|
|
"modified": "2016-04-27T12:50:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 86484d0e432e8c7e8f1b213413157138",
|
|
"pattern": "[file:hashes.SHA256 = '9a4d8d850046e98f2a0d611843eaa0e425cd91847e6b6d907d9e763328436146']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b588-21a4-42b6-8527-450202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:16.000Z",
|
|
"modified": "2016-04-27T12:50:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 86484d0e432e8c7e8f1b213413157138",
|
|
"pattern": "[file:hashes.SHA1 = '901905d7d7e1e1387c283361354d67feda1ac6ae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b588-bd48-4728-a2af-4d2102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:16.000Z",
|
|
"modified": "2016-04-27T12:50:16.000Z",
|
|
"first_observed": "2016-04-27T12:50:16Z",
|
|
"last_observed": "2016-04-27T12:50:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b588-bd48-4728-a2af-4d2102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b588-bd48-4728-a2af-4d2102de0b81",
|
|
"value": "https://www.virustotal.com/file/9a4d8d850046e98f2a0d611843eaa0e425cd91847e6b6d907d9e763328436146/analysis/1458087950/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b588-6800-4f5a-ae5d-4f7a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:16.000Z",
|
|
"modified": "2016-04-27T12:50:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 85d866a99d6b130cbdde3949c015fec4",
|
|
"pattern": "[file:hashes.SHA256 = '2331aa602faf40464cbd26c9737f3c84a05e72fe285d43532ad8c3fd3fc5a8a4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b589-a6c0-4c15-8e12-456002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:17.000Z",
|
|
"modified": "2016-04-27T12:50:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 85d866a99d6b130cbdde3949c015fec4",
|
|
"pattern": "[file:hashes.SHA1 = '2808ecb327ab3cae6b9173a669d4ca22178352db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b589-12e0-4651-a241-4c1902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:17.000Z",
|
|
"modified": "2016-04-27T12:50:17.000Z",
|
|
"first_observed": "2016-04-27T12:50:17Z",
|
|
"last_observed": "2016-04-27T12:50:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b589-12e0-4651-a241-4c1902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b589-12e0-4651-a241-4c1902de0b81",
|
|
"value": "https://www.virustotal.com/file/2331aa602faf40464cbd26c9737f3c84a05e72fe285d43532ad8c3fd3fc5a8a4/analysis/1455740604/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58a-4954-444b-9775-47fc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:18.000Z",
|
|
"modified": "2016-04-27T12:50:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 859e9dbcbd0db577ff401537ae560e74",
|
|
"pattern": "[file:hashes.SHA256 = 'e42d944bb4f042386b6bc479f67a02aca74303545965bd32c21fedf28712747d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58a-2ae4-4423-98dd-48ee02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:18.000Z",
|
|
"modified": "2016-04-27T12:50:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 859e9dbcbd0db577ff401537ae560e74",
|
|
"pattern": "[file:hashes.SHA1 = '221f0bf1db86bc0d780b528059fb059c7b934c18']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b58a-7218-49da-b0d0-48af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:18.000Z",
|
|
"modified": "2016-04-27T12:50:18.000Z",
|
|
"first_observed": "2016-04-27T12:50:18Z",
|
|
"last_observed": "2016-04-27T12:50:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b58a-7218-49da-b0d0-48af02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b58a-7218-49da-b0d0-48af02de0b81",
|
|
"value": "https://www.virustotal.com/file/e42d944bb4f042386b6bc479f67a02aca74303545965bd32c21fedf28712747d/analysis/1456764315/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58b-daa0-482c-8f4e-4ad202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:19.000Z",
|
|
"modified": "2016-04-27T12:50:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8599910e19552c9aa26db7be3e04be55",
|
|
"pattern": "[file:hashes.SHA256 = '9355e4149625e993190511e8889abadeec2857361f906dd2caba11424596970a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58b-84cc-4c83-91ff-449f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:19.000Z",
|
|
"modified": "2016-04-27T12:50:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 8599910e19552c9aa26db7be3e04be55",
|
|
"pattern": "[file:hashes.SHA1 = '0babc78b269eb5b34184686a67555995c9955556']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b58c-da34-43d9-a992-47fe02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:20.000Z",
|
|
"modified": "2016-04-27T12:50:20.000Z",
|
|
"first_observed": "2016-04-27T12:50:20Z",
|
|
"last_observed": "2016-04-27T12:50:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b58c-da34-43d9-a992-47fe02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b58c-da34-43d9-a992-47fe02de0b81",
|
|
"value": "https://www.virustotal.com/file/9355e4149625e993190511e8889abadeec2857361f906dd2caba11424596970a/analysis/1460321679/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58c-9fb4-4997-ad36-4ae602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:20.000Z",
|
|
"modified": "2016-04-27T12:50:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 851953bee7687d96891f45f24297a50b",
|
|
"pattern": "[file:hashes.SHA256 = '14d93dfe3adea00e7ebeb1dca0e0c391acbb52748c6be2466b2f4fb078624775']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58d-30bc-4b1b-9ec5-4ac802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:21.000Z",
|
|
"modified": "2016-04-27T12:50:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 851953bee7687d96891f45f24297a50b",
|
|
"pattern": "[file:hashes.SHA1 = '7d12c7963445cd816ef32e059a1339cf032e0700']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b58d-be50-4045-b187-4c3402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:21.000Z",
|
|
"modified": "2016-04-27T12:50:21.000Z",
|
|
"first_observed": "2016-04-27T12:50:21Z",
|
|
"last_observed": "2016-04-27T12:50:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b58d-be50-4045-b187-4c3402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b58d-be50-4045-b187-4c3402de0b81",
|
|
"value": "https://www.virustotal.com/file/14d93dfe3adea00e7ebeb1dca0e0c391acbb52748c6be2466b2f4fb078624775/analysis/1455740540/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58d-a530-4d80-a39b-459002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:21.000Z",
|
|
"modified": "2016-04-27T12:50:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 84d600d85a061fa137e4b8fc82e1de2f",
|
|
"pattern": "[file:hashes.SHA256 = '1508536fe1da146028f094e8a7f830b2a81e4c98d3b0fbd26baee455ad3a307a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58e-3468-48b5-acdc-461f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:22.000Z",
|
|
"modified": "2016-04-27T12:50:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 84d600d85a061fa137e4b8fc82e1de2f",
|
|
"pattern": "[file:hashes.SHA1 = 'ca1cb073bda76053055251ba7acc0f815b5a49b7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b58e-2020-4079-8e42-4d1b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:22.000Z",
|
|
"modified": "2016-04-27T12:50:22.000Z",
|
|
"first_observed": "2016-04-27T12:50:22Z",
|
|
"last_observed": "2016-04-27T12:50:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b58e-2020-4079-8e42-4d1b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b58e-2020-4079-8e42-4d1b02de0b81",
|
|
"value": "https://www.virustotal.com/file/1508536fe1da146028f094e8a7f830b2a81e4c98d3b0fbd26baee455ad3a307a/analysis/1455740378/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58f-77bc-433c-b88f-4aaa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:23.000Z",
|
|
"modified": "2016-04-27T12:50:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 84354edd9292441aeed05c548fdaed7c",
|
|
"pattern": "[file:hashes.SHA256 = '391489896a4c75ea0f3e87850daf73914f1ad8e922ead6a3f6f1e370ab63d931']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b58f-0884-49d7-8917-4a6802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:23.000Z",
|
|
"modified": "2016-04-27T12:50:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 84354edd9292441aeed05c548fdaed7c",
|
|
"pattern": "[file:hashes.SHA1 = '4c52d4b2d3b1ec98d5f12a7b73ed7e7017d335e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b58f-8998-4e89-b23c-467e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:23.000Z",
|
|
"modified": "2016-04-27T12:50:23.000Z",
|
|
"first_observed": "2016-04-27T12:50:23Z",
|
|
"last_observed": "2016-04-27T12:50:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b58f-8998-4e89-b23c-467e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b58f-8998-4e89-b23c-467e02de0b81",
|
|
"value": "https://www.virustotal.com/file/391489896a4c75ea0f3e87850daf73914f1ad8e922ead6a3f6f1e370ab63d931/analysis/1454935815/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b590-afcc-486c-8701-4f7902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:24.000Z",
|
|
"modified": "2016-04-27T12:50:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 83e4610c9500a48b8d1721c11e5797e2",
|
|
"pattern": "[file:hashes.SHA256 = '35ccf1b92763bc1564aaff2a9bd33ab22c75d11a6cd0dcd2d114776c893b2cde']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b590-1600-4e38-b625-4d1702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:24.000Z",
|
|
"modified": "2016-04-27T12:50:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 83e4610c9500a48b8d1721c11e5797e2",
|
|
"pattern": "[file:hashes.SHA1 = 'b255796f0d6794fde4af0bf603fd0d6b12767983']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b591-b1b8-4c00-88e4-412b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:25.000Z",
|
|
"modified": "2016-04-27T12:50:25.000Z",
|
|
"first_observed": "2016-04-27T12:50:25Z",
|
|
"last_observed": "2016-04-27T12:50:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b591-b1b8-4c00-88e4-412b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b591-b1b8-4c00-88e4-412b02de0b81",
|
|
"value": "https://www.virustotal.com/file/35ccf1b92763bc1564aaff2a9bd33ab22c75d11a6cd0dcd2d114776c893b2cde/analysis/1460645546/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b591-37a0-43da-9f6d-4a8302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:25.000Z",
|
|
"modified": "2016-04-27T12:50:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 836e64f3e9046e08cdf66b944718e48b",
|
|
"pattern": "[file:hashes.SHA256 = 'c4d406293235a84d4137b3f1044a0762077597522a3880efcb6946123fdfe5b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b591-e954-4fe0-8366-4e9902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:25.000Z",
|
|
"modified": "2016-04-27T12:50:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 836e64f3e9046e08cdf66b944718e48b",
|
|
"pattern": "[file:hashes.SHA1 = '11041d662bcef0ee1ca8197e59fe1e7475ec555e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b592-ed04-4326-a59d-457402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:26.000Z",
|
|
"modified": "2016-04-27T12:50:26.000Z",
|
|
"first_observed": "2016-04-27T12:50:26Z",
|
|
"last_observed": "2016-04-27T12:50:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b592-ed04-4326-a59d-457402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b592-ed04-4326-a59d-457402de0b81",
|
|
"value": "https://www.virustotal.com/file/c4d406293235a84d4137b3f1044a0762077597522a3880efcb6946123fdfe5b6/analysis/1456727522/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b592-558c-42f2-8aa5-450902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:26.000Z",
|
|
"modified": "2016-04-27T12:50:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 822c9b26e833e83790433895fe7e2d3b",
|
|
"pattern": "[file:hashes.SHA256 = '4debd811501958491a44f75d1c116d5ac4276bd1f88d22f81e33fcfff4af2c64']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b593-5248-4776-8f75-442c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:27.000Z",
|
|
"modified": "2016-04-27T12:50:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 822c9b26e833e83790433895fe7e2d3b",
|
|
"pattern": "[file:hashes.SHA1 = '993efab470b585eabf6565275eecbb59170ed632']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b593-758c-4a69-a992-4df002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:27.000Z",
|
|
"modified": "2016-04-27T12:50:27.000Z",
|
|
"first_observed": "2016-04-27T12:50:27Z",
|
|
"last_observed": "2016-04-27T12:50:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b593-758c-4a69-a992-4df002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b593-758c-4a69-a992-4df002de0b81",
|
|
"value": "https://www.virustotal.com/file/4debd811501958491a44f75d1c116d5ac4276bd1f88d22f81e33fcfff4af2c64/analysis/1459410143/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b594-e428-4e99-b857-47fc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:28.000Z",
|
|
"modified": "2016-04-27T12:50:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 80a80e9f0b241ab3d0d9febab34d0e56",
|
|
"pattern": "[file:hashes.SHA256 = '082e4d82594a9abc334ee9640947fd927bc7d2d25752b49e1043d7fd9bb346dc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b594-b7d8-4676-b93b-455e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:28.000Z",
|
|
"modified": "2016-04-27T12:50:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 80a80e9f0b241ab3d0d9febab34d0e56",
|
|
"pattern": "[file:hashes.SHA1 = '95263b3d24ce29c6213944f8ecfe673f932b4537']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b594-6214-4db8-8d35-40e702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:28.000Z",
|
|
"modified": "2016-04-27T12:50:28.000Z",
|
|
"first_observed": "2016-04-27T12:50:28Z",
|
|
"last_observed": "2016-04-27T12:50:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b594-6214-4db8-8d35-40e702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b594-6214-4db8-8d35-40e702de0b81",
|
|
"value": "https://www.virustotal.com/file/082e4d82594a9abc334ee9640947fd927bc7d2d25752b49e1043d7fd9bb346dc/analysis/1460140280/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b595-8c48-4331-a8ea-433202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:29.000Z",
|
|
"modified": "2016-04-27T12:50:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7f79a0ccc91f654de59c361af1964354",
|
|
"pattern": "[file:hashes.SHA256 = 'fee2571a0478a086143782a42038c530dfda744ca6f72c9a73e6c1cf04867b55']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b595-595c-4768-90de-4f8e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:29.000Z",
|
|
"modified": "2016-04-27T12:50:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7f79a0ccc91f654de59c361af1964354",
|
|
"pattern": "[file:hashes.SHA1 = '1470c8c1ed25f6fdaeea9e32473a386074f3582e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b596-3a88-487c-acae-487002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:30.000Z",
|
|
"modified": "2016-04-27T12:50:30.000Z",
|
|
"first_observed": "2016-04-27T12:50:30Z",
|
|
"last_observed": "2016-04-27T12:50:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b596-3a88-487c-acae-487002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b596-3a88-487c-acae-487002de0b81",
|
|
"value": "https://www.virustotal.com/file/fee2571a0478a086143782a42038c530dfda744ca6f72c9a73e6c1cf04867b55/analysis/1457508044/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b596-60c4-43bf-a3fc-448002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:30.000Z",
|
|
"modified": "2016-04-27T12:50:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7e0671fc66f9a482000414212bf725e3",
|
|
"pattern": "[file:hashes.SHA256 = '13569bc8343e2355048a4bccbe92a362dde3f534c89acff306c800003d1d10c6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b596-d524-40c7-91e6-409802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:30.000Z",
|
|
"modified": "2016-04-27T12:50:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7e0671fc66f9a482000414212bf725e3",
|
|
"pattern": "[file:hashes.SHA1 = '5c6c19a5820a9c799332155d366c2cd31a2e0be1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b597-8fe8-4e4f-bb14-4f7602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:31.000Z",
|
|
"modified": "2016-04-27T12:50:31.000Z",
|
|
"first_observed": "2016-04-27T12:50:31Z",
|
|
"last_observed": "2016-04-27T12:50:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b597-8fe8-4e4f-bb14-4f7602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b597-8fe8-4e4f-bb14-4f7602de0b81",
|
|
"value": "https://www.virustotal.com/file/13569bc8343e2355048a4bccbe92a362dde3f534c89acff306c800003d1d10c6/analysis/1460136996/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b597-1230-4975-a9cb-456d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:31.000Z",
|
|
"modified": "2016-04-27T12:50:31.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7d91f480e5a0c4372a43103f678eb328",
|
|
"pattern": "[file:hashes.SHA256 = 'bbe838019ea48a5da87dcba83cf77a15147bfb109b71f759adb219f465f0c4f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b598-2440-45a6-81b8-458802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:32.000Z",
|
|
"modified": "2016-04-27T12:50:32.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7d91f480e5a0c4372a43103f678eb328",
|
|
"pattern": "[file:hashes.SHA1 = '8223df99eba41a207d916911ff9c632a3e635d5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b598-3aa0-4ccf-985d-49cd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:32.000Z",
|
|
"modified": "2016-04-27T12:50:32.000Z",
|
|
"first_observed": "2016-04-27T12:50:32Z",
|
|
"last_observed": "2016-04-27T12:50:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b598-3aa0-4ccf-985d-49cd02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b598-3aa0-4ccf-985d-49cd02de0b81",
|
|
"value": "https://www.virustotal.com/file/bbe838019ea48a5da87dcba83cf77a15147bfb109b71f759adb219f465f0c4f7/analysis/1454723310/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b599-21c8-4dc4-abb6-4b7002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:33.000Z",
|
|
"modified": "2016-04-27T12:50:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7d1c2d11a9b68a107ffb32c86675d8e9",
|
|
"pattern": "[file:hashes.SHA256 = '64fff8feecbee7f4acc4f3ac24e8dded281f35f60bd604436beb13d5c3434b0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b599-43f0-4194-915f-464902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:33.000Z",
|
|
"modified": "2016-04-27T12:50:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7d1c2d11a9b68a107ffb32c86675d8e9",
|
|
"pattern": "[file:hashes.SHA1 = '813e408726ec6f5393b10848d67717ee1e86fc19']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b599-c7e0-4149-aae5-4f2602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:33.000Z",
|
|
"modified": "2016-04-27T12:50:33.000Z",
|
|
"first_observed": "2016-04-27T12:50:33Z",
|
|
"last_observed": "2016-04-27T12:50:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b599-c7e0-4149-aae5-4f2602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b599-c7e0-4149-aae5-4f2602de0b81",
|
|
"value": "https://www.virustotal.com/file/64fff8feecbee7f4acc4f3ac24e8dded281f35f60bd604436beb13d5c3434b0a/analysis/1455739854/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59a-aaec-4f82-8124-4a0b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:34.000Z",
|
|
"modified": "2016-04-27T12:50:34.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7c3e5bace659e9ddf7444b744a8667e9",
|
|
"pattern": "[file:hashes.SHA256 = 'c997ff9c0f4a3b4bc26c23b578c41578a70872837bf3d7863de1fac3f9247036']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59a-4554-401f-b16b-474502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:34.000Z",
|
|
"modified": "2016-04-27T12:50:34.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7c3e5bace659e9ddf7444b744a8667e9",
|
|
"pattern": "[file:hashes.SHA1 = '8e5cf9f6a094222a25081a7d848f8350e8a77473']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b59b-3bac-47cb-b8bd-4ccf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:35.000Z",
|
|
"modified": "2016-04-27T12:50:35.000Z",
|
|
"first_observed": "2016-04-27T12:50:35Z",
|
|
"last_observed": "2016-04-27T12:50:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b59b-3bac-47cb-b8bd-4ccf02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b59b-3bac-47cb-b8bd-4ccf02de0b81",
|
|
"value": "https://www.virustotal.com/file/c997ff9c0f4a3b4bc26c23b578c41578a70872837bf3d7863de1fac3f9247036/analysis/1454319624/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59b-1418-4fd7-b597-424302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:35.000Z",
|
|
"modified": "2016-04-27T12:50:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7b853f8219384485b8753a58259ad171",
|
|
"pattern": "[file:hashes.SHA256 = '8f3e953937a573ee8cb09e44044a7b6b8767cc36b87b58985c5c29306d7f1090']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59b-b588-4b90-873f-40bd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:35.000Z",
|
|
"modified": "2016-04-27T12:50:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7b853f8219384485b8753a58259ad171",
|
|
"pattern": "[file:hashes.SHA1 = '9948575213c4ea2aa8714191a323e16c1e3dacbe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b59c-c300-43ae-a55b-4cfb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:36.000Z",
|
|
"modified": "2016-04-27T12:50:36.000Z",
|
|
"first_observed": "2016-04-27T12:50:36Z",
|
|
"last_observed": "2016-04-27T12:50:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b59c-c300-43ae-a55b-4cfb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b59c-c300-43ae-a55b-4cfb02de0b81",
|
|
"value": "https://www.virustotal.com/file/8f3e953937a573ee8cb09e44044a7b6b8767cc36b87b58985c5c29306d7f1090/analysis/1457534571/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59c-d7e4-45e5-84ef-4a9d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:36.000Z",
|
|
"modified": "2016-04-27T12:50:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 79736c03eeda35ab7c3b6656048c0247",
|
|
"pattern": "[file:hashes.SHA256 = '0d3376b358cea49304b5d6576edea66727301a8f58ea979c3755323da610e136']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59d-29ec-47fe-a4e6-452d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:37.000Z",
|
|
"modified": "2016-04-27T12:50:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 79736c03eeda35ab7c3b6656048c0247",
|
|
"pattern": "[file:hashes.SHA1 = 'ac9960f71f5bd377728d38f861934859f7db51e8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b59d-4e38-451b-9590-435902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:37.000Z",
|
|
"modified": "2016-04-27T12:50:37.000Z",
|
|
"first_observed": "2016-04-27T12:50:37Z",
|
|
"last_observed": "2016-04-27T12:50:37Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b59d-4e38-451b-9590-435902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b59d-4e38-451b-9590-435902de0b81",
|
|
"value": "https://www.virustotal.com/file/0d3376b358cea49304b5d6576edea66727301a8f58ea979c3755323da610e136/analysis/1460138837/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59d-444c-4079-8c01-4b6702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:37.000Z",
|
|
"modified": "2016-04-27T12:50:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 788f75bf8f1330ec78d5d454bf88d17f",
|
|
"pattern": "[file:hashes.SHA256 = 'b30de146896ff737a423d3b8381c575b0059b45d26d08bc64bc5b10c188e132f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59e-5e4c-46ab-a7e9-4a7002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:38.000Z",
|
|
"modified": "2016-04-27T12:50:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 788f75bf8f1330ec78d5d454bf88d17f",
|
|
"pattern": "[file:hashes.SHA1 = '691e2314b0a8851141c5e5834e9c0d303f701495']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b59e-970c-4066-b39e-499b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:38.000Z",
|
|
"modified": "2016-04-27T12:50:38.000Z",
|
|
"first_observed": "2016-04-27T12:50:38Z",
|
|
"last_observed": "2016-04-27T12:50:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b59e-970c-4066-b39e-499b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b59e-970c-4066-b39e-499b02de0b81",
|
|
"value": "https://www.virustotal.com/file/b30de146896ff737a423d3b8381c575b0059b45d26d08bc64bc5b10c188e132f/analysis/1455739608/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59f-e200-430a-8a02-41c502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:39.000Z",
|
|
"modified": "2016-04-27T12:50:39.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 778cc7e83ad27c92f30cea519989f47b",
|
|
"pattern": "[file:hashes.SHA256 = '8315fb1d394945ae02138ce5f2d52efbd0be94ad057ea0a9b6b952b7eadd159f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b59f-5f6c-4375-b128-47ff02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:39.000Z",
|
|
"modified": "2016-04-27T12:50:39.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 778cc7e83ad27c92f30cea519989f47b",
|
|
"pattern": "[file:hashes.SHA1 = '4066a33e5ae384db0c3163ef559bdb1a098d5716']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5a0-37e4-4fed-bb95-492c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:40.000Z",
|
|
"modified": "2016-04-27T12:50:40.000Z",
|
|
"first_observed": "2016-04-27T12:50:40Z",
|
|
"last_observed": "2016-04-27T12:50:40Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5a0-37e4-4fed-bb95-492c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5a0-37e4-4fed-bb95-492c02de0b81",
|
|
"value": "https://www.virustotal.com/file/8315fb1d394945ae02138ce5f2d52efbd0be94ad057ea0a9b6b952b7eadd159f/analysis/1460327343/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a0-e440-481b-8d93-480402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:40.000Z",
|
|
"modified": "2016-04-27T12:50:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 766084da85eab06dc639a62ff381b541",
|
|
"pattern": "[file:hashes.SHA256 = '6176fe506a040d3d80e0dc05b283060be203db537821d9f52a9eb7a405a37fca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a0-82d0-41db-bd48-44b702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:40.000Z",
|
|
"modified": "2016-04-27T12:50:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 766084da85eab06dc639a62ff381b541",
|
|
"pattern": "[file:hashes.SHA1 = '4d77d540ad53613b1dc9406b7966b67b65332df6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5a1-ca38-47e0-aca8-442502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:41.000Z",
|
|
"modified": "2016-04-27T12:50:41.000Z",
|
|
"first_observed": "2016-04-27T12:50:41Z",
|
|
"last_observed": "2016-04-27T12:50:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5a1-ca38-47e0-aca8-442502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5a1-ca38-47e0-aca8-442502de0b81",
|
|
"value": "https://www.virustotal.com/file/6176fe506a040d3d80e0dc05b283060be203db537821d9f52a9eb7a405a37fca/analysis/1457936505/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a1-a980-4e8d-8437-493502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:41.000Z",
|
|
"modified": "2016-04-27T12:50:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 76546e44fe4761503cb807a8d96a6719",
|
|
"pattern": "[file:hashes.SHA256 = '701c4ec922279e9cb2e5785a6dbeaaecdbf5482f5a347921c2c27f7e30e2b509']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a2-5a98-4919-9789-461a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:42.000Z",
|
|
"modified": "2016-04-27T12:50:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 76546e44fe4761503cb807a8d96a6719",
|
|
"pattern": "[file:hashes.SHA1 = '6b3fc4ea2596e6323ddcdc9e2a25f1c851ec0f92']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5a2-97ec-4f4f-bc22-47a202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:42.000Z",
|
|
"modified": "2016-04-27T12:50:42.000Z",
|
|
"first_observed": "2016-04-27T12:50:42Z",
|
|
"last_observed": "2016-04-27T12:50:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5a2-97ec-4f4f-bc22-47a202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5a2-97ec-4f4f-bc22-47a202de0b81",
|
|
"value": "https://www.virustotal.com/file/701c4ec922279e9cb2e5785a6dbeaaecdbf5482f5a347921c2c27f7e30e2b509/analysis/1455739304/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a2-41f0-4a12-b2e6-4f9302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:42.000Z",
|
|
"modified": "2016-04-27T12:50:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 75e18289c8e9cc484e7e43ca656be24a",
|
|
"pattern": "[file:hashes.SHA256 = 'adad227ff4eabaa190bed0be9b3af1c9a0e0ce163a72e2e025b218dcac80376c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a3-b378-4ba7-b584-498e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:43.000Z",
|
|
"modified": "2016-04-27T12:50:43.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 75e18289c8e9cc484e7e43ca656be24a",
|
|
"pattern": "[file:hashes.SHA1 = '662e31820af371a963c933d7bddb7c5c47f9e529']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5a3-82dc-4eda-88f2-402f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:43.000Z",
|
|
"modified": "2016-04-27T12:50:43.000Z",
|
|
"first_observed": "2016-04-27T12:50:43Z",
|
|
"last_observed": "2016-04-27T12:50:43Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5a3-82dc-4eda-88f2-402f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5a3-82dc-4eda-88f2-402f02de0b81",
|
|
"value": "https://www.virustotal.com/file/adad227ff4eabaa190bed0be9b3af1c9a0e0ce163a72e2e025b218dcac80376c/analysis/1457035326/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a4-ec6c-45b6-a804-469102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:44.000Z",
|
|
"modified": "2016-04-27T12:50:44.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 75d87e15a789770c242fec0867359588",
|
|
"pattern": "[file:hashes.SHA256 = '4fa5786dc8eae565f6f7b12f620d5791fd0383c89afc292633e3fde264f8aff3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a4-ae3c-4a99-9cae-4c5502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:44.000Z",
|
|
"modified": "2016-04-27T12:50:44.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 75d87e15a789770c242fec0867359588",
|
|
"pattern": "[file:hashes.SHA1 = 'dc2fd58c82b2299cd5fa01b45a54bdfdcaff2cb1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5a4-e4f4-445f-8198-41c502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:44.000Z",
|
|
"modified": "2016-04-27T12:50:44.000Z",
|
|
"first_observed": "2016-04-27T12:50:44Z",
|
|
"last_observed": "2016-04-27T12:50:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5a4-e4f4-445f-8198-41c502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5a4-e4f4-445f-8198-41c502de0b81",
|
|
"value": "https://www.virustotal.com/file/4fa5786dc8eae565f6f7b12f620d5791fd0383c89afc292633e3fde264f8aff3/analysis/1455739332/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a5-c6bc-481e-8261-495802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:45.000Z",
|
|
"modified": "2016-04-27T12:50:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 75aab55e822bbca87f60970d37c8d7b3",
|
|
"pattern": "[file:hashes.SHA256 = '4fc3e92449bf510f018354da7426259594ad9e0d7cfdf810c4e7f9e78d6e51bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a5-a6bc-41b1-bcde-48be02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:45.000Z",
|
|
"modified": "2016-04-27T12:50:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 75aab55e822bbca87f60970d37c8d7b3",
|
|
"pattern": "[file:hashes.SHA1 = '3bd46c618fd43987df09bf32047767a314bf661f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5a6-3658-4dd6-891a-44ea02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:46.000Z",
|
|
"modified": "2016-04-27T12:50:46.000Z",
|
|
"first_observed": "2016-04-27T12:50:46Z",
|
|
"last_observed": "2016-04-27T12:50:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5a6-3658-4dd6-891a-44ea02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5a6-3658-4dd6-891a-44ea02de0b81",
|
|
"value": "https://www.virustotal.com/file/4fc3e92449bf510f018354da7426259594ad9e0d7cfdf810c4e7f9e78d6e51bb/analysis/1455739302/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a6-e1ec-4954-8ecb-4c3002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:46.000Z",
|
|
"modified": "2016-04-27T12:50:46.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7511ed572f555af27c47f2a02b64302d",
|
|
"pattern": "[file:hashes.SHA256 = '409345b9a9d0d8204f154bea2d3870af479203f0480285053e1304a5494aa741']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a7-9724-4366-a3c6-4a9902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:47.000Z",
|
|
"modified": "2016-04-27T12:50:47.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7511ed572f555af27c47f2a02b64302d",
|
|
"pattern": "[file:hashes.SHA1 = '6c3fa89bbbe6a809070be970a932742afca957dd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5a7-c1cc-445e-9812-4ed802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:47.000Z",
|
|
"modified": "2016-04-27T12:50:47.000Z",
|
|
"first_observed": "2016-04-27T12:50:47Z",
|
|
"last_observed": "2016-04-27T12:50:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5a7-c1cc-445e-9812-4ed802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5a7-c1cc-445e-9812-4ed802de0b81",
|
|
"value": "https://www.virustotal.com/file/409345b9a9d0d8204f154bea2d3870af479203f0480285053e1304a5494aa741/analysis/1455739337/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a7-5578-4a2d-be28-425402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:47.000Z",
|
|
"modified": "2016-04-27T12:50:47.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 73d14b09f12eca5af555e5d205808064",
|
|
"pattern": "[file:hashes.SHA256 = 'eb6892ba077992d5a3b809b100261754aea3f91c7a3497397acc0deb552c8b26']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a8-b954-40d1-a702-4d2d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:48.000Z",
|
|
"modified": "2016-04-27T12:50:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 73d14b09f12eca5af555e5d205808064",
|
|
"pattern": "[file:hashes.SHA1 = 'ec29e3cca7c1ae25a6078419eed544d5c0ef890c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5a8-7a38-42bd-a1bf-4e5102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:48.000Z",
|
|
"modified": "2016-04-27T12:50:48.000Z",
|
|
"first_observed": "2016-04-27T12:50:48Z",
|
|
"last_observed": "2016-04-27T12:50:48Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5a8-7a38-42bd-a1bf-4e5102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5a8-7a38-42bd-a1bf-4e5102de0b81",
|
|
"value": "https://www.virustotal.com/file/eb6892ba077992d5a3b809b100261754aea3f91c7a3497397acc0deb552c8b26/analysis/1461400222/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a9-53c8-4adc-949f-412d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:49.000Z",
|
|
"modified": "2016-04-27T12:50:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7211a069239cb354c6029f963c2a5f06",
|
|
"pattern": "[file:hashes.SHA256 = 'b72bc9c11d8a8af164d7cd65849fee95d89b02c99cf444c3b6e4c561deb02b5f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5a9-a91c-4241-af4e-428b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:49.000Z",
|
|
"modified": "2016-04-27T12:50:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7211a069239cb354c6029f963c2a5f06",
|
|
"pattern": "[file:hashes.SHA1 = '4ffb580894f66217e5fb9fe715409e82eb7eb0cb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5aa-983c-49dc-8542-47df02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:50.000Z",
|
|
"modified": "2016-04-27T12:50:50.000Z",
|
|
"first_observed": "2016-04-27T12:50:50Z",
|
|
"last_observed": "2016-04-27T12:50:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5aa-983c-49dc-8542-47df02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5aa-983c-49dc-8542-47df02de0b81",
|
|
"value": "https://www.virustotal.com/file/b72bc9c11d8a8af164d7cd65849fee95d89b02c99cf444c3b6e4c561deb02b5f/analysis/1454935819/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5aa-3638-4647-adc9-490902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:50.000Z",
|
|
"modified": "2016-04-27T12:50:50.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7089021c4ac0a7f38d52206653070af9",
|
|
"pattern": "[file:hashes.SHA256 = '1d14ea4be8150812c2870b30b76ceffd2a1bdc3591da6f1361b8faefdb3e961c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ab-6664-4edb-9e21-420402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:51.000Z",
|
|
"modified": "2016-04-27T12:50:51.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7089021c4ac0a7f38d52206653070af9",
|
|
"pattern": "[file:hashes.SHA1 = 'b33eb261de92fde2e1cdb47f6b10becf710d04e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ab-1dec-4b04-aedd-418702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:51.000Z",
|
|
"modified": "2016-04-27T12:50:51.000Z",
|
|
"first_observed": "2016-04-27T12:50:51Z",
|
|
"last_observed": "2016-04-27T12:50:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ab-1dec-4b04-aedd-418702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ab-1dec-4b04-aedd-418702de0b81",
|
|
"value": "https://www.virustotal.com/file/1d14ea4be8150812c2870b30b76ceffd2a1bdc3591da6f1361b8faefdb3e961c/analysis/1455161253/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ac-5310-4954-997f-4df802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:52.000Z",
|
|
"modified": "2016-04-27T12:50:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7064de8a83750bd1b38c23324b3757e3",
|
|
"pattern": "[file:hashes.SHA256 = '17e3c71a8e1ae84f510b3afe51f80661fd4337e90ff3f5c0fa09b418f8b4b377']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ac-e870-4351-bdbd-4dcf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:52.000Z",
|
|
"modified": "2016-04-27T12:50:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 7064de8a83750bd1b38c23324b3757e3",
|
|
"pattern": "[file:hashes.SHA1 = '3613fa7bd0c65f7164b35f4696192b37f2f3fe1a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ac-b66c-4bdf-8fed-4aa902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:52.000Z",
|
|
"modified": "2016-04-27T12:50:52.000Z",
|
|
"first_observed": "2016-04-27T12:50:52Z",
|
|
"last_observed": "2016-04-27T12:50:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ac-b66c-4bdf-8fed-4aa902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ac-b66c-4bdf-8fed-4aa902de0b81",
|
|
"value": "https://www.virustotal.com/file/17e3c71a8e1ae84f510b3afe51f80661fd4337e90ff3f5c0fa09b418f8b4b377/analysis/1457421954/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ad-5adc-4951-b587-447102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:53.000Z",
|
|
"modified": "2016-04-27T12:50:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 70122f367b82c8dd489b0fafa32d0362",
|
|
"pattern": "[file:hashes.SHA256 = 'd9b267607cf0884a04c4591a61d7eb3dadf8226e83f67e5b2b4f85135619a5b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ad-310c-4f96-8313-496102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:53.000Z",
|
|
"modified": "2016-04-27T12:50:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 70122f367b82c8dd489b0fafa32d0362",
|
|
"pattern": "[file:hashes.SHA1 = '8ff0f4722b1d83286c1d9f71bdb5c8f3df1a1b89']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ad-4318-4e49-87b3-449d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:53.000Z",
|
|
"modified": "2016-04-27T12:50:53.000Z",
|
|
"first_observed": "2016-04-27T12:50:53Z",
|
|
"last_observed": "2016-04-27T12:50:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ad-4318-4e49-87b3-449d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ad-4318-4e49-87b3-449d02de0b81",
|
|
"value": "https://www.virustotal.com/file/d9b267607cf0884a04c4591a61d7eb3dadf8226e83f67e5b2b4f85135619a5b6/analysis/1460364943/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ae-6220-47d8-9b89-49b902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:54.000Z",
|
|
"modified": "2016-04-27T12:50:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6ef671cfdf28c7252db1c451ca37ec9a",
|
|
"pattern": "[file:hashes.SHA256 = '6b8bd89e6dd9511f3022c064d21d7879e834a8397bff6a768937257dbc0dddb8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ae-c0c8-4675-9577-4bf202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:54.000Z",
|
|
"modified": "2016-04-27T12:50:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6ef671cfdf28c7252db1c451ca37ec9a",
|
|
"pattern": "[file:hashes.SHA1 = 'ae228c492afad2b3b673e9af0c6fe6e3e98183a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ae-e9d0-4524-9b0e-477202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:54.000Z",
|
|
"modified": "2016-04-27T12:50:54.000Z",
|
|
"first_observed": "2016-04-27T12:50:54Z",
|
|
"last_observed": "2016-04-27T12:50:54Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ae-e9d0-4524-9b0e-477202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ae-e9d0-4524-9b0e-477202de0b81",
|
|
"value": "https://www.virustotal.com/file/6b8bd89e6dd9511f3022c064d21d7879e834a8397bff6a768937257dbc0dddb8/analysis/1455738755/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5af-3bbc-4272-a1ac-472502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:55.000Z",
|
|
"modified": "2016-04-27T12:50:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6ee8919bd388494e5694b39ae24bd484",
|
|
"pattern": "[file:hashes.SHA256 = '195cac19357441dfce1f296fad0cea99a874a2422fc079ed67d328763fac9f39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5af-18e0-4915-a034-4ca602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:55.000Z",
|
|
"modified": "2016-04-27T12:50:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6ee8919bd388494e5694b39ae24bd484",
|
|
"pattern": "[file:hashes.SHA1 = '94f62501c4f8b820f059fda84db1bfc5ff1c9556']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5af-fe8c-41bf-a823-4f9602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:55.000Z",
|
|
"modified": "2016-04-27T12:50:55.000Z",
|
|
"first_observed": "2016-04-27T12:50:55Z",
|
|
"last_observed": "2016-04-27T12:50:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5af-fe8c-41bf-a823-4f9602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5af-fe8c-41bf-a823-4f9602de0b81",
|
|
"value": "https://www.virustotal.com/file/195cac19357441dfce1f296fad0cea99a874a2422fc079ed67d328763fac9f39/analysis/1461400532/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5af-431c-431d-8384-413502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:55.000Z",
|
|
"modified": "2016-04-27T12:50:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6e2b5af3acf5306d8ac264a47193fe49",
|
|
"pattern": "[file:hashes.SHA256 = '09869d6e642df61cc878c095b6f298b0da9f5a1c9ba606f32cb50d408c942c08']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b0-9e24-491b-958a-4d6a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:56.000Z",
|
|
"modified": "2016-04-27T12:50:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6e2b5af3acf5306d8ac264a47193fe49",
|
|
"pattern": "[file:hashes.SHA1 = '0b87dd38f51abca4d1acbc5e203956c0cffd51da']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5b0-6a70-4586-88cd-4f8d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:56.000Z",
|
|
"modified": "2016-04-27T12:50:56.000Z",
|
|
"first_observed": "2016-04-27T12:50:56Z",
|
|
"last_observed": "2016-04-27T12:50:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5b0-6a70-4586-88cd-4f8d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5b0-6a70-4586-88cd-4f8d02de0b81",
|
|
"value": "https://www.virustotal.com/file/09869d6e642df61cc878c095b6f298b0da9f5a1c9ba606f32cb50d408c942c08/analysis/1460139888/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b0-c080-421f-be13-44d102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:56.000Z",
|
|
"modified": "2016-04-27T12:50:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6de02d603b741c7a5fc949952088f567",
|
|
"pattern": "[file:hashes.SHA256 = '52c0de3655dd343e85b0e95b1e62a1adeb5fac3d808703abaa68c0b5d0c8644c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b1-7be0-4a1c-8625-435402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:57.000Z",
|
|
"modified": "2016-04-27T12:50:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6de02d603b741c7a5fc949952088f567",
|
|
"pattern": "[file:hashes.SHA1 = '06b120ce90961ff92c5ece9ce7de56808a700a6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5b1-0b48-4955-930f-447a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:57.000Z",
|
|
"modified": "2016-04-27T12:50:57.000Z",
|
|
"first_observed": "2016-04-27T12:50:57Z",
|
|
"last_observed": "2016-04-27T12:50:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5b1-0b48-4955-930f-447a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5b1-0b48-4955-930f-447a02de0b81",
|
|
"value": "https://www.virustotal.com/file/52c0de3655dd343e85b0e95b1e62a1adeb5fac3d808703abaa68c0b5d0c8644c/analysis/1460645755/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b1-3b6c-416b-97bf-46f402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:57.000Z",
|
|
"modified": "2016-04-27T12:50:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6ae2e0ed9ae6dca4ea1ba71ae287406c",
|
|
"pattern": "[file:hashes.SHA256 = 'c4241ef8c591580adf0c446d197267a747b1ea829a45c3925ea5856599035e2e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b2-8834-4a17-b4d0-424202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:58.000Z",
|
|
"modified": "2016-04-27T12:50:58.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6ae2e0ed9ae6dca4ea1ba71ae287406c",
|
|
"pattern": "[file:hashes.SHA1 = '6492e2d953af305ed7c2b892496f5d9decaf6143']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5b2-528c-4919-8c00-406002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:58.000Z",
|
|
"modified": "2016-04-27T12:50:58.000Z",
|
|
"first_observed": "2016-04-27T12:50:58Z",
|
|
"last_observed": "2016-04-27T12:50:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5b2-528c-4919-8c00-406002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5b2-528c-4919-8c00-406002de0b81",
|
|
"value": "https://www.virustotal.com/file/c4241ef8c591580adf0c446d197267a747b1ea829a45c3925ea5856599035e2e/analysis/1456406760/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b3-6b00-4d61-a97c-482a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:59.000Z",
|
|
"modified": "2016-04-27T12:50:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 692989b9681f80e9051359d15ec2297f",
|
|
"pattern": "[file:hashes.SHA256 = 'c67545921691296e61467adf421ad0d5228ac71d3af7b441c52d4a90231c8dc4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b3-4290-447f-bd37-4f2b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:59.000Z",
|
|
"modified": "2016-04-27T12:50:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 692989b9681f80e9051359d15ec2297f",
|
|
"pattern": "[file:hashes.SHA1 = '849718f17a15b85106aca0e3710d4aadc11b7dcd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:50:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5b3-95fc-4522-92d9-412102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:50:59.000Z",
|
|
"modified": "2016-04-27T12:50:59.000Z",
|
|
"first_observed": "2016-04-27T12:50:59Z",
|
|
"last_observed": "2016-04-27T12:50:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5b3-95fc-4522-92d9-412102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5b3-95fc-4522-92d9-412102de0b81",
|
|
"value": "https://www.virustotal.com/file/c67545921691296e61467adf421ad0d5228ac71d3af7b441c52d4a90231c8dc4/analysis/1460370744/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b4-3ca4-4553-81fb-460502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:00.000Z",
|
|
"modified": "2016-04-27T12:51:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 67fe7190cefc9dad506ed3c1734ff708",
|
|
"pattern": "[file:hashes.SHA256 = '66c3ddd2cf26ed5aa6861f91827b3f02babd91e24dd0409220f5d1e95cf69ea4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b5-791c-4eeb-9dd4-429b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:01.000Z",
|
|
"modified": "2016-04-27T12:51:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 67fe7190cefc9dad506ed3c1734ff708",
|
|
"pattern": "[file:hashes.SHA1 = 'cdda78a8c7c83438cd9a93ab26670618ae67d648']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5b6-d314-459b-a632-43ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:02.000Z",
|
|
"modified": "2016-04-27T12:51:02.000Z",
|
|
"first_observed": "2016-04-27T12:51:02Z",
|
|
"last_observed": "2016-04-27T12:51:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5b6-d314-459b-a632-43ab02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5b6-d314-459b-a632-43ab02de0b81",
|
|
"value": "https://www.virustotal.com/file/66c3ddd2cf26ed5aa6861f91827b3f02babd91e24dd0409220f5d1e95cf69ea4/analysis/1457421913/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b7-221c-4dc6-a2f1-4ecf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:03.000Z",
|
|
"modified": "2016-04-27T12:51:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 66e9dca8bb42dd41684c961951557109",
|
|
"pattern": "[file:hashes.SHA256 = '699384f7f6b959f810b247c6179794eebf121fc49349d4356cdb3b1faa6e4b7b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b7-84bc-42c0-99aa-429602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:03.000Z",
|
|
"modified": "2016-04-27T12:51:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 66e9dca8bb42dd41684c961951557109",
|
|
"pattern": "[file:hashes.SHA1 = 'd0381c6af73ada9ea16656dde92878553d2899ec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5b8-ae40-4b3c-97bb-409b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:04.000Z",
|
|
"modified": "2016-04-27T12:51:04.000Z",
|
|
"first_observed": "2016-04-27T12:51:04Z",
|
|
"last_observed": "2016-04-27T12:51:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5b8-ae40-4b3c-97bb-409b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5b8-ae40-4b3c-97bb-409b02de0b81",
|
|
"value": "https://www.virustotal.com/file/699384f7f6b959f810b247c6179794eebf121fc49349d4356cdb3b1faa6e4b7b/analysis/1460335959/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b9-f2a0-49cb-9ca5-471b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:05.000Z",
|
|
"modified": "2016-04-27T12:51:05.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 65eab2ed600f5ae45fe916a573ce72b0",
|
|
"pattern": "[file:hashes.SHA256 = 'fbd504bde9329beb865e0d6583be09da4c2d06869a954d579c7292d95ce09d5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5b9-075c-4ce6-ab6f-423702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:05.000Z",
|
|
"modified": "2016-04-27T12:51:05.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 65eab2ed600f5ae45fe916a573ce72b0",
|
|
"pattern": "[file:hashes.SHA1 = 'b8cb0342a722f48de2914a642af34f84b95426be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ba-dc4c-4357-8154-41bb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:06.000Z",
|
|
"modified": "2016-04-27T12:51:06.000Z",
|
|
"first_observed": "2016-04-27T12:51:06Z",
|
|
"last_observed": "2016-04-27T12:51:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ba-dc4c-4357-8154-41bb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ba-dc4c-4357-8154-41bb02de0b81",
|
|
"value": "https://www.virustotal.com/file/fbd504bde9329beb865e0d6583be09da4c2d06869a954d579c7292d95ce09d5d/analysis/1455738294/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ba-9c08-414a-81c5-4dae02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:06.000Z",
|
|
"modified": "2016-04-27T12:51:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 64c2cbc4bfd487e30f7b925fbbc751b0",
|
|
"pattern": "[file:hashes.SHA256 = 'c294093b9629a33a3d849afbab515ce485f26b8992d7e5c2d67b2b62a7af46c6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ba-cd10-4a59-8f66-4da202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:06.000Z",
|
|
"modified": "2016-04-27T12:51:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 64c2cbc4bfd487e30f7b925fbbc751b0",
|
|
"pattern": "[file:hashes.SHA1 = 'd73d70569afa1d694454e696c2ad7b19a84c809d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5bb-3d28-47b8-93cc-42c802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:07.000Z",
|
|
"modified": "2016-04-27T12:51:07.000Z",
|
|
"first_observed": "2016-04-27T12:51:07Z",
|
|
"last_observed": "2016-04-27T12:51:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5bb-3d28-47b8-93cc-42c802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5bb-3d28-47b8-93cc-42c802de0b81",
|
|
"value": "https://www.virustotal.com/file/c294093b9629a33a3d849afbab515ce485f26b8992d7e5c2d67b2b62a7af46c6/analysis/1456603318/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5bb-b3d4-4050-9da7-4eb102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:07.000Z",
|
|
"modified": "2016-04-27T12:51:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 62186f41850c54a46252a7291060760d",
|
|
"pattern": "[file:hashes.SHA256 = '390019bee7065ae4565194e30eecddb63b2768312508fb77437f92ce40bbef42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5bb-1bb8-4563-93cd-451c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:07.000Z",
|
|
"modified": "2016-04-27T12:51:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 62186f41850c54a46252a7291060760d",
|
|
"pattern": "[file:hashes.SHA1 = '286000ee512c6a70fa558b4b17426c19f31bf65c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5bc-0274-4f1a-8a5a-440b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:08.000Z",
|
|
"modified": "2016-04-27T12:51:08.000Z",
|
|
"first_observed": "2016-04-27T12:51:08Z",
|
|
"last_observed": "2016-04-27T12:51:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5bc-0274-4f1a-8a5a-440b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5bc-0274-4f1a-8a5a-440b02de0b81",
|
|
"value": "https://www.virustotal.com/file/390019bee7065ae4565194e30eecddb63b2768312508fb77437f92ce40bbef42/analysis/1455738019/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5bc-b7d8-4db2-97d9-46a202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:08.000Z",
|
|
"modified": "2016-04-27T12:51:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 61e67e7f1e2644bb559902ba90e438a5",
|
|
"pattern": "[file:hashes.SHA256 = 'f0585aa25f0a2934ddc7a82ad5fbbeba527a787a7e93cf4044cbc679667c1998']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5bc-5074-435e-aac1-44aa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:08.000Z",
|
|
"modified": "2016-04-27T12:51:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 61e67e7f1e2644bb559902ba90e438a5",
|
|
"pattern": "[file:hashes.SHA1 = '584dec53b25e2ad9c54320b147bdd18368495464']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5bd-2e0c-4c28-a940-44e202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:09.000Z",
|
|
"modified": "2016-04-27T12:51:09.000Z",
|
|
"first_observed": "2016-04-27T12:51:09Z",
|
|
"last_observed": "2016-04-27T12:51:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5bd-2e0c-4c28-a940-44e202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5bd-2e0c-4c28-a940-44e202de0b81",
|
|
"value": "https://www.virustotal.com/file/f0585aa25f0a2934ddc7a82ad5fbbeba527a787a7e93cf4044cbc679667c1998/analysis/1460357247/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5bd-c838-4448-b74f-4d4902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:09.000Z",
|
|
"modified": "2016-04-27T12:51:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 619dade7c5a7444397b25c8e9a477e96",
|
|
"pattern": "[file:hashes.SHA256 = '83ac2ba0715cce4248ff652c4133d9c1f62bc4e2833c760a8749f75740e00e4f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5bd-ade4-475c-b743-4c8902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:09.000Z",
|
|
"modified": "2016-04-27T12:51:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 619dade7c5a7444397b25c8e9a477e96",
|
|
"pattern": "[file:hashes.SHA1 = '087ceb9b1d0749c6a1d18455b95fdcd138803c83']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5be-20cc-4d72-99e7-4a5302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:10.000Z",
|
|
"modified": "2016-04-27T12:51:10.000Z",
|
|
"first_observed": "2016-04-27T12:51:10Z",
|
|
"last_observed": "2016-04-27T12:51:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5be-20cc-4d72-99e7-4a5302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5be-20cc-4d72-99e7-4a5302de0b81",
|
|
"value": "https://www.virustotal.com/file/83ac2ba0715cce4248ff652c4133d9c1f62bc4e2833c760a8749f75740e00e4f/analysis/1460327147/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5be-7dcc-4c34-b9f7-474502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:10.000Z",
|
|
"modified": "2016-04-27T12:51:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6179d744808ad893dabb7b7de6b4a488",
|
|
"pattern": "[file:hashes.SHA256 = '2cb097936b901fb8c9de303175b992efa7b1a9dd067b3e21e22d02499cc562fd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5be-95f4-4145-a629-4cf002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:10.000Z",
|
|
"modified": "2016-04-27T12:51:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6179d744808ad893dabb7b7de6b4a488",
|
|
"pattern": "[file:hashes.SHA1 = 'd652f851c6c048e49db63c9a0810060ffad98128']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5bf-10a8-44c0-bc01-4f5402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:11.000Z",
|
|
"modified": "2016-04-27T12:51:11.000Z",
|
|
"first_observed": "2016-04-27T12:51:11Z",
|
|
"last_observed": "2016-04-27T12:51:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5bf-10a8-44c0-bc01-4f5402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5bf-10a8-44c0-bc01-4f5402de0b81",
|
|
"value": "https://www.virustotal.com/file/2cb097936b901fb8c9de303175b992efa7b1a9dd067b3e21e22d02499cc562fd/analysis/1460129080/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5bf-d4c8-4331-acd5-4d5c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:11.000Z",
|
|
"modified": "2016-04-27T12:51:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6148b71d713c80af2acfd3506d72a7a4",
|
|
"pattern": "[file:hashes.SHA256 = '4602ad3045998c3dcf0a9035e15689e742adb02c7ba5143e3c8cab665dab8f2e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5bf-872c-4c5e-800c-43ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:11.000Z",
|
|
"modified": "2016-04-27T12:51:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 6148b71d713c80af2acfd3506d72a7a4",
|
|
"pattern": "[file:hashes.SHA1 = '293d5e8b821232dbbe31f6e54a41446c6520bf33']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5c0-1364-475c-97db-416f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:12.000Z",
|
|
"modified": "2016-04-27T12:51:12.000Z",
|
|
"first_observed": "2016-04-27T12:51:12Z",
|
|
"last_observed": "2016-04-27T12:51:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5c0-1364-475c-97db-416f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5c0-1364-475c-97db-416f02de0b81",
|
|
"value": "https://www.virustotal.com/file/4602ad3045998c3dcf0a9035e15689e742adb02c7ba5143e3c8cab665dab8f2e/analysis/1460121343/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c0-2f20-4bf4-b736-415102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:12.000Z",
|
|
"modified": "2016-04-27T12:51:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 60b89dc654ed71053466b6c1f9bec260",
|
|
"pattern": "[file:hashes.SHA256 = 'a1b782a626f7ba2bd4ec5970a568869a174a536a60ef702168ad2868dba462cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c0-8518-4704-b63e-4c7302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:12.000Z",
|
|
"modified": "2016-04-27T12:51:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 60b89dc654ed71053466b6c1f9bec260",
|
|
"pattern": "[file:hashes.SHA1 = 'c3bb1eb15d8fc365df7a3b64619d75783a5d4213']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5c1-73e8-4de8-9ed8-4d9e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:13.000Z",
|
|
"modified": "2016-04-27T12:51:13.000Z",
|
|
"first_observed": "2016-04-27T12:51:13Z",
|
|
"last_observed": "2016-04-27T12:51:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5c1-73e8-4de8-9ed8-4d9e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5c1-73e8-4de8-9ed8-4d9e02de0b81",
|
|
"value": "https://www.virustotal.com/file/a1b782a626f7ba2bd4ec5970a568869a174a536a60ef702168ad2868dba462cf/analysis/1460316557/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c1-fd18-4b9c-b41e-472102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:13.000Z",
|
|
"modified": "2016-04-27T12:51:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 609e0b1940d034b6d222138e312c8dd2",
|
|
"pattern": "[file:hashes.SHA256 = 'e1d2b60144a3511c4610aedcdd2e7a765f9ea92bcaf73ad3d68ea9ec04e1b884']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c2-30a8-4bc0-8a0a-4c4802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:14.000Z",
|
|
"modified": "2016-04-27T12:51:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 609e0b1940d034b6d222138e312c8dd2",
|
|
"pattern": "[file:hashes.SHA1 = 'c1b1daa56c6796bc0380d94ce616e973c441e210']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5c2-2dc8-4025-a1c6-4a0102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:14.000Z",
|
|
"modified": "2016-04-27T12:51:14.000Z",
|
|
"first_observed": "2016-04-27T12:51:14Z",
|
|
"last_observed": "2016-04-27T12:51:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5c2-2dc8-4025-a1c6-4a0102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5c2-2dc8-4025-a1c6-4a0102de0b81",
|
|
"value": "https://www.virustotal.com/file/e1d2b60144a3511c4610aedcdd2e7a765f9ea92bcaf73ad3d68ea9ec04e1b884/analysis/1455737750/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c2-fe00-462e-a9c8-412502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:14.000Z",
|
|
"modified": "2016-04-27T12:51:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5f08343486e42a0f8db0c0647c8255d1",
|
|
"pattern": "[file:hashes.SHA256 = 'bd25fc6ba485572e637981e8b105f980e84e48888f7d4fc4bc1e26a513f1f73f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c3-e3e8-4787-b9ba-408402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:15.000Z",
|
|
"modified": "2016-04-27T12:51:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5f08343486e42a0f8db0c0647c8255d1",
|
|
"pattern": "[file:hashes.SHA1 = '442abd8b8d2101531f07873ee6dff36a9ff94c55']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5c3-46e8-410e-a3c2-45e302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:15.000Z",
|
|
"modified": "2016-04-27T12:51:15.000Z",
|
|
"first_observed": "2016-04-27T12:51:15Z",
|
|
"last_observed": "2016-04-27T12:51:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5c3-46e8-410e-a3c2-45e302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5c3-46e8-410e-a3c2-45e302de0b81",
|
|
"value": "https://www.virustotal.com/file/bd25fc6ba485572e637981e8b105f980e84e48888f7d4fc4bc1e26a513f1f73f/analysis/1455737787/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c4-d648-487e-ab4e-485e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:16.000Z",
|
|
"modified": "2016-04-27T12:51:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5e9773741a5e18672664121f8e5f4191",
|
|
"pattern": "[file:hashes.SHA256 = '21a9ec97d4e7a5b79946b885d14beb3b3b9a58f6968c1d69c654fc4a4a629e42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c4-08c8-4d04-a96b-46c902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:16.000Z",
|
|
"modified": "2016-04-27T12:51:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5e9773741a5e18672664121f8e5f4191",
|
|
"pattern": "[file:hashes.SHA1 = '4e8f6697cfe7075af6675a37ac364b4e2b889522']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5c4-8980-4392-bcf1-418202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:16.000Z",
|
|
"modified": "2016-04-27T12:51:16.000Z",
|
|
"first_observed": "2016-04-27T12:51:16Z",
|
|
"last_observed": "2016-04-27T12:51:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5c4-8980-4392-bcf1-418202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5c4-8980-4392-bcf1-418202de0b81",
|
|
"value": "https://www.virustotal.com/file/21a9ec97d4e7a5b79946b885d14beb3b3b9a58f6968c1d69c654fc4a4a629e42/analysis/1456405493/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c5-946c-4ac9-9741-4d4002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:17.000Z",
|
|
"modified": "2016-04-27T12:51:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5e5f6b1fe260475872192d2ec3cb1462",
|
|
"pattern": "[file:hashes.SHA256 = 'f22fd74abc2f175cc03f9c32e76b52dd5e78afd735222d2b12ed3a0f00095767']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c5-df24-4558-93b5-423d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:17.000Z",
|
|
"modified": "2016-04-27T12:51:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5e5f6b1fe260475872192d2ec3cb1462",
|
|
"pattern": "[file:hashes.SHA1 = '5bbd3c25ba5a9d28140bbeed094054049413c143']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5c6-3d98-49b7-871f-4ce702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:18.000Z",
|
|
"modified": "2016-04-27T12:51:18.000Z",
|
|
"first_observed": "2016-04-27T12:51:18Z",
|
|
"last_observed": "2016-04-27T12:51:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5c6-3d98-49b7-871f-4ce702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5c6-3d98-49b7-871f-4ce702de0b81",
|
|
"value": "https://www.virustotal.com/file/f22fd74abc2f175cc03f9c32e76b52dd5e78afd735222d2b12ed3a0f00095767/analysis/1456606458/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c6-5fc8-41ed-ab6d-473202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:18.000Z",
|
|
"modified": "2016-04-27T12:51:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5e47b31cf973beba682c2973ed3dc787",
|
|
"pattern": "[file:hashes.SHA256 = 'a8d8b08a2e9f30a9a443a9957b375c75531e63055c22facf83948ae82db7c672']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c6-67cc-42c7-bc82-401902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:18.000Z",
|
|
"modified": "2016-04-27T12:51:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5e47b31cf973beba682c2973ed3dc787",
|
|
"pattern": "[file:hashes.SHA1 = '15bab45e0400eeace121c9d2506da6a8c1b23974']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5c7-3ffc-4edc-a152-421902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:19.000Z",
|
|
"modified": "2016-04-27T12:51:19.000Z",
|
|
"first_observed": "2016-04-27T12:51:19Z",
|
|
"last_observed": "2016-04-27T12:51:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5c7-3ffc-4edc-a152-421902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5c7-3ffc-4edc-a152-421902de0b81",
|
|
"value": "https://www.virustotal.com/file/a8d8b08a2e9f30a9a443a9957b375c75531e63055c22facf83948ae82db7c672/analysis/1457421989/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c7-5364-4cd6-9795-4a8602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:19.000Z",
|
|
"modified": "2016-04-27T12:51:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5de94bc0c4cc183c0ee5a48a7ae5ae43",
|
|
"pattern": "[file:hashes.SHA256 = 'c85f82b203735bb54daab3eb8ea328edc9e135bc9e640aa6078c7b42fc281bf3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c8-47ec-4b53-ae3b-4add02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:20.000Z",
|
|
"modified": "2016-04-27T12:51:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5de94bc0c4cc183c0ee5a48a7ae5ae43",
|
|
"pattern": "[file:hashes.SHA1 = '156ca7fc47f782e8191c86b17628b1f8dbbd5e5c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5c8-6a54-4bd4-afe0-40ee02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:20.000Z",
|
|
"modified": "2016-04-27T12:51:20.000Z",
|
|
"first_observed": "2016-04-27T12:51:20Z",
|
|
"last_observed": "2016-04-27T12:51:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5c8-6a54-4bd4-afe0-40ee02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5c8-6a54-4bd4-afe0-40ee02de0b81",
|
|
"value": "https://www.virustotal.com/file/c85f82b203735bb54daab3eb8ea328edc9e135bc9e640aa6078c7b42fc281bf3/analysis/1457421904/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c9-e344-42ce-9338-446402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:21.000Z",
|
|
"modified": "2016-04-27T12:51:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5c318b3ba77d0052427c7bffeb02a09f",
|
|
"pattern": "[file:hashes.SHA256 = 'f6e2102d5f18606ce3a49cf7a5e42becdc45c09a327f4365eec9e7586f61917f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5c9-5b70-4eda-ba34-4acc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:21.000Z",
|
|
"modified": "2016-04-27T12:51:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5c318b3ba77d0052427c7bffeb02a09f",
|
|
"pattern": "[file:hashes.SHA1 = '4f23d4fa99adf4b55addc550bb06f1e18a0ef723']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ca-7ee8-48f1-85dc-4d4d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:22.000Z",
|
|
"modified": "2016-04-27T12:51:22.000Z",
|
|
"first_observed": "2016-04-27T12:51:22Z",
|
|
"last_observed": "2016-04-27T12:51:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ca-7ee8-48f1-85dc-4d4d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ca-7ee8-48f1-85dc-4d4d02de0b81",
|
|
"value": "https://www.virustotal.com/file/f6e2102d5f18606ce3a49cf7a5e42becdc45c09a327f4365eec9e7586f61917f/analysis/1461400231/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ca-d9e8-4a29-921c-496602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:22.000Z",
|
|
"modified": "2016-04-27T12:51:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5bc0678baa1f30b89b80dcc7cf4431dc",
|
|
"pattern": "[file:hashes.SHA256 = '6351572bdc95e281f978a99393f70701caee683d2134e4f13cc0aef8a2e136fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ca-e004-4f3f-b590-413002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:22.000Z",
|
|
"modified": "2016-04-27T12:51:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5bc0678baa1f30b89b80dcc7cf4431dc",
|
|
"pattern": "[file:hashes.SHA1 = '9745ba6cdfdb65ee69a07922e757edc65447db77']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5cb-93d8-4aa3-9e3c-434202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:23.000Z",
|
|
"modified": "2016-04-27T12:51:23.000Z",
|
|
"first_observed": "2016-04-27T12:51:23Z",
|
|
"last_observed": "2016-04-27T12:51:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5cb-93d8-4aa3-9e3c-434202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5cb-93d8-4aa3-9e3c-434202de0b81",
|
|
"value": "https://www.virustotal.com/file/6351572bdc95e281f978a99393f70701caee683d2134e4f13cc0aef8a2e136fa/analysis/1455938486/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5cb-57e4-40ba-ae63-4a1502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:23.000Z",
|
|
"modified": "2016-04-27T12:51:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5b7b1c1d3102a04e88ddfe8f27ffa2f2",
|
|
"pattern": "[file:hashes.SHA256 = '4c7b46e297636dcdf764a8af01fbf20b3994a5f50bee08213479f5d9ebe1fb46']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5cc-db90-4ef0-bc12-44b802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:24.000Z",
|
|
"modified": "2016-04-27T12:51:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5b7b1c1d3102a04e88ddfe8f27ffa2f2",
|
|
"pattern": "[file:hashes.SHA1 = 'fef695964f563f15d66edd7635b3d6d6368cf29c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5cc-a96c-49a8-b136-4c0102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:24.000Z",
|
|
"modified": "2016-04-27T12:51:24.000Z",
|
|
"first_observed": "2016-04-27T12:51:24Z",
|
|
"last_observed": "2016-04-27T12:51:24Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5cc-a96c-49a8-b136-4c0102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5cc-a96c-49a8-b136-4c0102de0b81",
|
|
"value": "https://www.virustotal.com/file/4c7b46e297636dcdf764a8af01fbf20b3994a5f50bee08213479f5d9ebe1fb46/analysis/1454936122/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5cc-a0a4-4bcc-b8f9-46fb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:24.000Z",
|
|
"modified": "2016-04-27T12:51:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5b6c7341a08f5cd4c27f443e3c057dd1",
|
|
"pattern": "[file:hashes.SHA256 = '8644af18c44555f713cc9764345ae037b8f847134cc68850a730397162a71779']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5cd-bf64-4580-a0f0-482702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:25.000Z",
|
|
"modified": "2016-04-27T12:51:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5b6c7341a08f5cd4c27f443e3c057dd1",
|
|
"pattern": "[file:hashes.SHA1 = '2c7435696abf9036c8546fea4ef70ba8ad99655f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5cd-1b60-43fa-b6ef-4f7702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:25.000Z",
|
|
"modified": "2016-04-27T12:51:25.000Z",
|
|
"first_observed": "2016-04-27T12:51:25Z",
|
|
"last_observed": "2016-04-27T12:51:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5cd-1b60-43fa-b6ef-4f7702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5cd-1b60-43fa-b6ef-4f7702de0b81",
|
|
"value": "https://www.virustotal.com/file/8644af18c44555f713cc9764345ae037b8f847134cc68850a730397162a71779/analysis/1455737485/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ce-9dd4-4dd3-9de8-4cd502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:26.000Z",
|
|
"modified": "2016-04-27T12:51:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5a95d673b2c2d758c7d456c421ba1719",
|
|
"pattern": "[file:hashes.SHA256 = 'b18f41950e3894f29464717334bdb5ede8c2c866d634cbd022b921b6ebe05881']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ce-7f54-42c9-8b03-4fa202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:26.000Z",
|
|
"modified": "2016-04-27T12:51:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5a95d673b2c2d758c7d456c421ba1719",
|
|
"pattern": "[file:hashes.SHA1 = '08705302f0b80d468cff12148f48abdcdadb0043']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5cf-be14-4054-96b7-43b002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:27.000Z",
|
|
"modified": "2016-04-27T12:51:27.000Z",
|
|
"first_observed": "2016-04-27T12:51:27Z",
|
|
"last_observed": "2016-04-27T12:51:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5cf-be14-4054-96b7-43b002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5cf-be14-4054-96b7-43b002de0b81",
|
|
"value": "https://www.virustotal.com/file/b18f41950e3894f29464717334bdb5ede8c2c866d634cbd022b921b6ebe05881/analysis/1455737488/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5cf-d858-4512-a1a8-4fa202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:27.000Z",
|
|
"modified": "2016-04-27T12:51:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5814b9a4b3f10abe74b61901ee151a9f",
|
|
"pattern": "[file:hashes.SHA256 = '25e149ba3a66527c72b1fb6ce002216a8c0cd54b5f06b168119fe7290d1246a9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5cf-1150-4abd-922d-4cdd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:27.000Z",
|
|
"modified": "2016-04-27T12:51:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5814b9a4b3f10abe74b61901ee151a9f",
|
|
"pattern": "[file:hashes.SHA1 = 'f642df81d7fd28a86c47b1ddb993aa986a96e2b7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5d0-a010-4514-87a9-482e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:28.000Z",
|
|
"modified": "2016-04-27T12:51:28.000Z",
|
|
"first_observed": "2016-04-27T12:51:28Z",
|
|
"last_observed": "2016-04-27T12:51:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5d0-a010-4514-87a9-482e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5d0-a010-4514-87a9-482e02de0b81",
|
|
"value": "https://www.virustotal.com/file/25e149ba3a66527c72b1fb6ce002216a8c0cd54b5f06b168119fe7290d1246a9/analysis/1454935767/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d0-c114-4c7b-80fd-463902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:28.000Z",
|
|
"modified": "2016-04-27T12:51:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 57343fd964265e6472e87a4f6c626763",
|
|
"pattern": "[file:hashes.SHA256 = '230bced88c79d8aa58863daac6fa9f757e4c247bb30393043a559f5deb66a8c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d1-f2b0-42fd-9e6b-40b102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:29.000Z",
|
|
"modified": "2016-04-27T12:51:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 57343fd964265e6472e87a4f6c626763",
|
|
"pattern": "[file:hashes.SHA1 = '5a60e78a8aa18c62dd805437005e12851d3a0e2b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5d1-6cac-4603-9ef0-4b5402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:29.000Z",
|
|
"modified": "2016-04-27T12:51:29.000Z",
|
|
"first_observed": "2016-04-27T12:51:29Z",
|
|
"last_observed": "2016-04-27T12:51:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5d1-6cac-4603-9ef0-4b5402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5d1-6cac-4603-9ef0-4b5402de0b81",
|
|
"value": "https://www.virustotal.com/file/230bced88c79d8aa58863daac6fa9f757e4c247bb30393043a559f5deb66a8c9/analysis/1455938407/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d2-a950-4573-b49f-482302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:30.000Z",
|
|
"modified": "2016-04-27T12:51:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5702f860032be6a67d5ead51191f90a8",
|
|
"pattern": "[file:hashes.SHA256 = 'f5172700ffee656e2208683225c2d606a16affac6acfbd79f147c5293171b1ee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d2-62b8-4db1-ad04-4cc302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:30.000Z",
|
|
"modified": "2016-04-27T12:51:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5702f860032be6a67d5ead51191f90a8",
|
|
"pattern": "[file:hashes.SHA1 = 'ecdf7cc033551f07286f5bd5152c1e06f5df18fd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5d2-995c-4add-8c4b-450e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:30.000Z",
|
|
"modified": "2016-04-27T12:51:30.000Z",
|
|
"first_observed": "2016-04-27T12:51:30Z",
|
|
"last_observed": "2016-04-27T12:51:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5d2-995c-4add-8c4b-450e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5d2-995c-4add-8c4b-450e02de0b81",
|
|
"value": "https://www.virustotal.com/file/f5172700ffee656e2208683225c2d606a16affac6acfbd79f147c5293171b1ee/analysis/1457936429/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d3-52e8-4727-866e-4d0b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:31.000Z",
|
|
"modified": "2016-04-27T12:51:31.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 56dedd0ca8849891486e23a53acb66ed",
|
|
"pattern": "[file:hashes.SHA256 = '2907224dafa3073bd948b34b248259e859da331e2b2fc9f6bcb8acb75d687d7d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d3-9d3c-4e60-aee8-4b2202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:31.000Z",
|
|
"modified": "2016-04-27T12:51:31.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 56dedd0ca8849891486e23a53acb66ed",
|
|
"pattern": "[file:hashes.SHA1 = 'ad18259ee48bd60581644067a53057f2c0ffa32f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5d4-5040-4ec4-bc4a-42af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:32.000Z",
|
|
"modified": "2016-04-27T12:51:32.000Z",
|
|
"first_observed": "2016-04-27T12:51:32Z",
|
|
"last_observed": "2016-04-27T12:51:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5d4-5040-4ec4-bc4a-42af02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5d4-5040-4ec4-bc4a-42af02de0b81",
|
|
"value": "https://www.virustotal.com/file/2907224dafa3073bd948b34b248259e859da331e2b2fc9f6bcb8acb75d687d7d/analysis/1454319676/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d4-05b0-4833-a503-4cfa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:32.000Z",
|
|
"modified": "2016-04-27T12:51:32.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 56d95aa243571ccd85b516d0f393ed37",
|
|
"pattern": "[file:hashes.SHA256 = '94f5eb50f83b60e40e75f812b3b7c4c30dba0d07feebf0f97821e922fb6d5735']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d4-0950-43b0-a0d8-4ff302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:32.000Z",
|
|
"modified": "2016-04-27T12:51:32.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 56d95aa243571ccd85b516d0f393ed37",
|
|
"pattern": "[file:hashes.SHA1 = '40b7e03b8e2fb8ab60f5e8eb429df42366ec4fac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5d5-722c-4bf9-b87d-480702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:33.000Z",
|
|
"modified": "2016-04-27T12:51:33.000Z",
|
|
"first_observed": "2016-04-27T12:51:33Z",
|
|
"last_observed": "2016-04-27T12:51:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5d5-722c-4bf9-b87d-480702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5d5-722c-4bf9-b87d-480702de0b81",
|
|
"value": "https://www.virustotal.com/file/94f5eb50f83b60e40e75f812b3b7c4c30dba0d07feebf0f97821e922fb6d5735/analysis/1460321113/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d5-aefc-41ef-9292-404602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:33.000Z",
|
|
"modified": "2016-04-27T12:51:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5678e4c2cfe9c2bd25cde662b026550e",
|
|
"pattern": "[file:hashes.SHA256 = 'f4ee5c9976ac26726e84b7850ca7e5f2b2ac06f07fe8ae6d716b65e1a3e93d6f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d6-fb54-49be-9d92-41c702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:34.000Z",
|
|
"modified": "2016-04-27T12:51:34.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5678e4c2cfe9c2bd25cde662b026550e",
|
|
"pattern": "[file:hashes.SHA1 = '83d3502df8619e457f67899ab9b335ed8fa3e5bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5d6-feb4-4287-a5dd-49fa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:34.000Z",
|
|
"modified": "2016-04-27T12:51:34.000Z",
|
|
"first_observed": "2016-04-27T12:51:34Z",
|
|
"last_observed": "2016-04-27T12:51:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5d6-feb4-4287-a5dd-49fa02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5d6-feb4-4287-a5dd-49fa02de0b81",
|
|
"value": "https://www.virustotal.com/file/f4ee5c9976ac26726e84b7850ca7e5f2b2ac06f07fe8ae6d716b65e1a3e93d6f/analysis/1460355628/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d6-0504-40c9-9c1a-420b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:34.000Z",
|
|
"modified": "2016-04-27T12:51:34.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5527ffe6768f3b61d69ee83039f6e487",
|
|
"pattern": "[file:hashes.SHA256 = '6d8f8566683a0352f920cd930378d4c07544bd38468ca6fd625b1d2524d84800']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d7-dc1c-48d9-aabf-44ed02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:35.000Z",
|
|
"modified": "2016-04-27T12:51:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5527ffe6768f3b61d69ee83039f6e487",
|
|
"pattern": "[file:hashes.SHA1 = '4892d221c0bb63df8108969481d93a75031ee9d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5d7-a49c-4aa2-9240-493402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:35.000Z",
|
|
"modified": "2016-04-27T12:51:35.000Z",
|
|
"first_observed": "2016-04-27T12:51:35Z",
|
|
"last_observed": "2016-04-27T12:51:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5d7-a49c-4aa2-9240-493402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5d7-a49c-4aa2-9240-493402de0b81",
|
|
"value": "https://www.virustotal.com/file/6d8f8566683a0352f920cd930378d4c07544bd38468ca6fd625b1d2524d84800/analysis/1456759982/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d8-5a7c-42df-8dcd-499602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:36.000Z",
|
|
"modified": "2016-04-27T12:51:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5510c69693819baf9ad2e4a346f805b0",
|
|
"pattern": "[file:hashes.SHA256 = '038e90f969f0cfd02213fffe7a0393b362b97d8d527e0679da4c0d2d72fc067d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d8-95b8-4bea-94f5-4d6302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:36.000Z",
|
|
"modified": "2016-04-27T12:51:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5510c69693819baf9ad2e4a346f805b0",
|
|
"pattern": "[file:hashes.SHA1 = '7ddf1ea9d01a8fcdfba8b3bc35aba144f3828e14']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5d9-8004-498d-bff2-407302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:37.000Z",
|
|
"modified": "2016-04-27T12:51:37.000Z",
|
|
"first_observed": "2016-04-27T12:51:37Z",
|
|
"last_observed": "2016-04-27T12:51:37Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5d9-8004-498d-bff2-407302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5d9-8004-498d-bff2-407302de0b81",
|
|
"value": "https://www.virustotal.com/file/038e90f969f0cfd02213fffe7a0393b362b97d8d527e0679da4c0d2d72fc067d/analysis/1458185777/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d9-4a50-46bd-b3d0-497202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:37.000Z",
|
|
"modified": "2016-04-27T12:51:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 53baf60ae4611b844e54a600f05c9bbf",
|
|
"pattern": "[file:hashes.SHA256 = 'f69b6ef9344aaee3f6ff110ebb0438c9cf6969e7156c5feecec87718df3c73f8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5d9-dad0-4e89-9241-4cdd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:37.000Z",
|
|
"modified": "2016-04-27T12:51:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 53baf60ae4611b844e54a600f05c9bbf",
|
|
"pattern": "[file:hashes.SHA1 = '34db44d081b9b82b8717d129f7bc5899d235ff6f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5da-a11c-410b-9f08-455202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:38.000Z",
|
|
"modified": "2016-04-27T12:51:38.000Z",
|
|
"first_observed": "2016-04-27T12:51:38Z",
|
|
"last_observed": "2016-04-27T12:51:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5da-a11c-410b-9f08-455202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5da-a11c-410b-9f08-455202de0b81",
|
|
"value": "https://www.virustotal.com/file/f69b6ef9344aaee3f6ff110ebb0438c9cf6969e7156c5feecec87718df3c73f8/analysis/1455736840/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5da-fae8-4a41-bc62-417802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:38.000Z",
|
|
"modified": "2016-04-27T12:51:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 53281564e50a8dfab1d7d068f5f3bae3",
|
|
"pattern": "[file:hashes.SHA256 = '01d12db6d19d4c35e0adbe9db595c98dcb8b4724c17ff1e1d1e8691d3ad62c29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5db-f22c-470d-9ff8-411c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:39.000Z",
|
|
"modified": "2016-04-27T12:51:39.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 53281564e50a8dfab1d7d068f5f3bae3",
|
|
"pattern": "[file:hashes.SHA1 = '6ea99f803bace2d555f65939a7e5fa3a7df3f8a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5db-0eb8-4c83-b680-4d0202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:39.000Z",
|
|
"modified": "2016-04-27T12:51:39.000Z",
|
|
"first_observed": "2016-04-27T12:51:39Z",
|
|
"last_observed": "2016-04-27T12:51:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5db-0eb8-4c83-b680-4d0202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5db-0eb8-4c83-b680-4d0202de0b81",
|
|
"value": "https://www.virustotal.com/file/01d12db6d19d4c35e0adbe9db595c98dcb8b4724c17ff1e1d1e8691d3ad62c29/analysis/1458185758/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5db-f034-42bd-83f5-439702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:39.000Z",
|
|
"modified": "2016-04-27T12:51:39.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 52c5cc858d528fd0554ef800d16e0f8f",
|
|
"pattern": "[file:hashes.SHA256 = '281ded01443c943ae3d07d3a61a1182cf02cffc192a5dbebfc2a95bc252dbc0d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5dc-49c4-4619-b210-487f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:40.000Z",
|
|
"modified": "2016-04-27T12:51:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 52c5cc858d528fd0554ef800d16e0f8f",
|
|
"pattern": "[file:hashes.SHA1 = 'eebaab0cdc39f9119ba29228ff0d6d99f294fb80']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5dc-c71c-42ef-ad13-40c802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:40.000Z",
|
|
"modified": "2016-04-27T12:51:40.000Z",
|
|
"first_observed": "2016-04-27T12:51:40Z",
|
|
"last_observed": "2016-04-27T12:51:40Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5dc-c71c-42ef-ad13-40c802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5dc-c71c-42ef-ad13-40c802de0b81",
|
|
"value": "https://www.virustotal.com/file/281ded01443c943ae3d07d3a61a1182cf02cffc192a5dbebfc2a95bc252dbc0d/analysis/1459252974/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5dd-4358-4eee-a4eb-40ba02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:41.000Z",
|
|
"modified": "2016-04-27T12:51:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 516d74358ef2f61fbb90e9d1a17f59f9",
|
|
"pattern": "[file:hashes.SHA256 = '2897aab08f4f5a8a8ffa0f57e6681947a7f95430223c51ace5f359cb7026e6ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5dd-160c-445d-8893-491502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:41.000Z",
|
|
"modified": "2016-04-27T12:51:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 516d74358ef2f61fbb90e9d1a17f59f9",
|
|
"pattern": "[file:hashes.SHA1 = '94dfd4ece3afd083081dd0ebbb70fdc0640151b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5de-1ae0-432f-b9ea-442d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:42.000Z",
|
|
"modified": "2016-04-27T12:51:42.000Z",
|
|
"first_observed": "2016-04-27T12:51:42Z",
|
|
"last_observed": "2016-04-27T12:51:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5de-1ae0-432f-b9ea-442d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5de-1ae0-432f-b9ea-442d02de0b81",
|
|
"value": "https://www.virustotal.com/file/2897aab08f4f5a8a8ffa0f57e6681947a7f95430223c51ace5f359cb7026e6ed/analysis/1458182113/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5de-0490-41cd-8445-420a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:42.000Z",
|
|
"modified": "2016-04-27T12:51:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5144790d272daacc7210fc9e2ae41f12",
|
|
"pattern": "[file:hashes.SHA256 = '51806d9afe7207c087d3339002b703a677eba393ac1694d7e4b90ae63ff2188d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5de-0da0-499a-902d-447402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:42.000Z",
|
|
"modified": "2016-04-27T12:51:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5144790d272daacc7210fc9e2ae41f12",
|
|
"pattern": "[file:hashes.SHA1 = '045d0ad62e18553bc611a322948f53a37440bfdf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5df-9348-47ba-a0a1-4ef002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:43.000Z",
|
|
"modified": "2016-04-27T12:51:43.000Z",
|
|
"first_observed": "2016-04-27T12:51:43Z",
|
|
"last_observed": "2016-04-27T12:51:43Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5df-9348-47ba-a0a1-4ef002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5df-9348-47ba-a0a1-4ef002de0b81",
|
|
"value": "https://www.virustotal.com/file/51806d9afe7207c087d3339002b703a677eba393ac1694d7e4b90ae63ff2188d/analysis/1460117468/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5df-c340-41c4-8e79-4c1902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:43.000Z",
|
|
"modified": "2016-04-27T12:51:43.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 512c580db356e18c51b051a7b04fa0c1",
|
|
"pattern": "[file:hashes.SHA256 = '793f41c8d6a962aec0cd650ec5330f37cd808105ad5404f8f67d0f7cb3c6e5d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e0-429c-4ee3-a3c3-41ce02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:44.000Z",
|
|
"modified": "2016-04-27T12:51:44.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 512c580db356e18c51b051a7b04fa0c1",
|
|
"pattern": "[file:hashes.SHA1 = 'c338a626ef24ac35d0f4b03d602973a4530431e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e0-a948-4f72-8242-4ea402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:44.000Z",
|
|
"modified": "2016-04-27T12:51:44.000Z",
|
|
"first_observed": "2016-04-27T12:51:44Z",
|
|
"last_observed": "2016-04-27T12:51:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e0-a948-4f72-8242-4ea402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e0-a948-4f72-8242-4ea402de0b81",
|
|
"value": "https://www.virustotal.com/file/793f41c8d6a962aec0cd650ec5330f37cd808105ad5404f8f67d0f7cb3c6e5d3/analysis/1460330704/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e0-6c18-44db-903c-402602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:44.000Z",
|
|
"modified": "2016-04-27T12:51:44.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 50cccf3ee065977de3a2c07249313411",
|
|
"pattern": "[file:hashes.SHA256 = '3ce193c705e43de448f0436f991102a804ba3f875b3f51a90b9d4a9aaec6805e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e1-81b4-4c4e-a8ce-433302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:45.000Z",
|
|
"modified": "2016-04-27T12:51:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 50cccf3ee065977de3a2c07249313411",
|
|
"pattern": "[file:hashes.SHA1 = 'e7b801fd7b85894b611fcfc181b03a3a48e49b5d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e1-b004-4f3e-8b71-405602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:45.000Z",
|
|
"modified": "2016-04-27T12:51:45.000Z",
|
|
"first_observed": "2016-04-27T12:51:45Z",
|
|
"last_observed": "2016-04-27T12:51:45Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e1-b004-4f3e-8b71-405602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e1-b004-4f3e-8b71-405602de0b81",
|
|
"value": "https://www.virustotal.com/file/3ce193c705e43de448f0436f991102a804ba3f875b3f51a90b9d4a9aaec6805e/analysis/1460124492/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e1-4c58-439e-a80f-469702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:45.000Z",
|
|
"modified": "2016-04-27T12:51:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 50aa9c662a508c9a9bda508bbb5b4ac7",
|
|
"pattern": "[file:hashes.SHA256 = '207438e3503e2a86a3117beb2d3ca5f9b5f19d1c51c2848bf6e006c38820c5e0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e2-96b4-4070-9963-431c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:46.000Z",
|
|
"modified": "2016-04-27T12:51:46.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 50aa9c662a508c9a9bda508bbb5b4ac7",
|
|
"pattern": "[file:hashes.SHA1 = 'c410863e1d49c07263b51393fe9fea2fa05b4a3b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e2-13d0-48ba-91a5-450802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:46.000Z",
|
|
"modified": "2016-04-27T12:51:46.000Z",
|
|
"first_observed": "2016-04-27T12:51:46Z",
|
|
"last_observed": "2016-04-27T12:51:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e2-13d0-48ba-91a5-450802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e2-13d0-48ba-91a5-450802de0b81",
|
|
"value": "https://www.virustotal.com/file/207438e3503e2a86a3117beb2d3ca5f9b5f19d1c51c2848bf6e006c38820c5e0/analysis/1455736642/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e2-1764-4c46-a8c3-4c6802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:46.000Z",
|
|
"modified": "2016-04-27T12:51:46.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5044a06f037118627899abd1229895fe",
|
|
"pattern": "[file:hashes.SHA256 = '4bf547514581ac29fb4aa2cde07b416a5467fd65deba4cba91c461a761f10860']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e3-3148-4a07-b308-4b9f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:47.000Z",
|
|
"modified": "2016-04-27T12:51:47.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 5044a06f037118627899abd1229895fe",
|
|
"pattern": "[file:hashes.SHA1 = '9f944fc91652e43182f27c0926794cb263418741']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e3-05a4-478f-a3be-48c002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:47.000Z",
|
|
"modified": "2016-04-27T12:51:47.000Z",
|
|
"first_observed": "2016-04-27T12:51:47Z",
|
|
"last_observed": "2016-04-27T12:51:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e3-05a4-478f-a3be-48c002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e3-05a4-478f-a3be-48c002de0b81",
|
|
"value": "https://www.virustotal.com/file/4bf547514581ac29fb4aa2cde07b416a5467fd65deba4cba91c461a761f10860/analysis/1456654928/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e4-11a0-4528-9790-496502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:48.000Z",
|
|
"modified": "2016-04-27T12:51:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4faefac63b3876604945f11effc6042a",
|
|
"pattern": "[file:hashes.SHA256 = 'faeaef554d348133dc5f13cf9f64a46077215e9bd3ae3c9b1930e00da31c1078']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e4-3c3c-49a6-855c-4bc602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:48.000Z",
|
|
"modified": "2016-04-27T12:51:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4faefac63b3876604945f11effc6042a",
|
|
"pattern": "[file:hashes.SHA1 = '24374a3a6550e5def344aede4ff6732a0682936c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e4-b714-4ac0-98de-493402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:48.000Z",
|
|
"modified": "2016-04-27T12:51:48.000Z",
|
|
"first_observed": "2016-04-27T12:51:48Z",
|
|
"last_observed": "2016-04-27T12:51:48Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e4-b714-4ac0-98de-493402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e4-b714-4ac0-98de-493402de0b81",
|
|
"value": "https://www.virustotal.com/file/faeaef554d348133dc5f13cf9f64a46077215e9bd3ae3c9b1930e00da31c1078/analysis/1458138019/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e5-b2fc-4a98-99c6-4dfc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:49.000Z",
|
|
"modified": "2016-04-27T12:51:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4fad9557973f3451be04efbbf9f51b8d",
|
|
"pattern": "[file:hashes.SHA256 = '73f77921405d90b0f8f91422a2e8275bb51c32813c7da1a064d4b9e1100893b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e5-b164-4539-9e9d-449c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:49.000Z",
|
|
"modified": "2016-04-27T12:51:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4fad9557973f3451be04efbbf9f51b8d",
|
|
"pattern": "[file:hashes.SHA1 = '6150e66c98a143ffc0092bc443d1ae3adc5fc5be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e6-b9b4-4a3d-90ad-431e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:50.000Z",
|
|
"modified": "2016-04-27T12:51:50.000Z",
|
|
"first_observed": "2016-04-27T12:51:50Z",
|
|
"last_observed": "2016-04-27T12:51:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e6-b9b4-4a3d-90ad-431e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e6-b9b4-4a3d-90ad-431e02de0b81",
|
|
"value": "https://www.virustotal.com/file/73f77921405d90b0f8f91422a2e8275bb51c32813c7da1a064d4b9e1100893b1/analysis/1460332546/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e6-1df8-4369-b7e0-41af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:50.000Z",
|
|
"modified": "2016-04-27T12:51:50.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4f837a3eee0a228c1c7cb13916f14fe8",
|
|
"pattern": "[file:hashes.SHA256 = '156e17935f746534568fb7a883292813ceb23c410d893bc582d447571331af54']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e7-f2e4-48bd-a677-434c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:51.000Z",
|
|
"modified": "2016-04-27T12:51:51.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4f837a3eee0a228c1c7cb13916f14fe8",
|
|
"pattern": "[file:hashes.SHA1 = 'a37f1514ab78f104a03a87cca59db9ce3c3e1d83']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e7-9da0-4090-bc05-4e7302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:51.000Z",
|
|
"modified": "2016-04-27T12:51:51.000Z",
|
|
"first_observed": "2016-04-27T12:51:51Z",
|
|
"last_observed": "2016-04-27T12:51:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e7-9da0-4090-bc05-4e7302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e7-9da0-4090-bc05-4e7302de0b81",
|
|
"value": "https://www.virustotal.com/file/156e17935f746534568fb7a883292813ceb23c410d893bc582d447571331af54/analysis/1455736630/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e7-0900-4847-b4b9-438902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:51.000Z",
|
|
"modified": "2016-04-27T12:51:51.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4eda51773b46975d47b8932fee4cd168",
|
|
"pattern": "[file:hashes.SHA256 = 'e51292a330e6324aa44502dc97b23301f0c0b9a21022e89d732af5b5eb584fed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e8-e5bc-4836-af19-4fc602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:52.000Z",
|
|
"modified": "2016-04-27T12:51:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4eda51773b46975d47b8932fee4cd168",
|
|
"pattern": "[file:hashes.SHA1 = '2a2dac333ea3ef858f66d70f9bc5822d9ea4bfbd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e8-4318-41ca-b1fc-4dc702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:52.000Z",
|
|
"modified": "2016-04-27T12:51:52.000Z",
|
|
"first_observed": "2016-04-27T12:51:52Z",
|
|
"last_observed": "2016-04-27T12:51:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e8-4318-41ca-b1fc-4dc702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e8-4318-41ca-b1fc-4dc702de0b81",
|
|
"value": "https://www.virustotal.com/file/e51292a330e6324aa44502dc97b23301f0c0b9a21022e89d732af5b5eb584fed/analysis/1460361134/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e9-5614-47f8-b698-42f202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:53.000Z",
|
|
"modified": "2016-04-27T12:51:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4ed59658844835a222e09c6ca5701bf8",
|
|
"pattern": "[file:hashes.SHA256 = '6c80e02ed14601894bf2d29a5ecff0a5c4411197da46a965c2852e5213d176d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5e9-0cc0-46d7-aedb-44a902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:53.000Z",
|
|
"modified": "2016-04-27T12:51:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4ed59658844835a222e09c6ca5701bf8",
|
|
"pattern": "[file:hashes.SHA1 = '1a099790ffc6829d6e969bbbd36529976c9fbc12']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5e9-d83c-435e-a9f8-426e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:53.000Z",
|
|
"modified": "2016-04-27T12:51:53.000Z",
|
|
"first_observed": "2016-04-27T12:51:53Z",
|
|
"last_observed": "2016-04-27T12:51:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5e9-d83c-435e-a9f8-426e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5e9-d83c-435e-a9f8-426e02de0b81",
|
|
"value": "https://www.virustotal.com/file/6c80e02ed14601894bf2d29a5ecff0a5c4411197da46a965c2852e5213d176d3/analysis/1456608170/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ea-b39c-4890-92f5-489102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:54.000Z",
|
|
"modified": "2016-04-27T12:51:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4e60269982182b1cb8139dd5159a6b78",
|
|
"pattern": "[file:hashes.SHA256 = 'd3d75cb562d60c2978ffaaacf4f69ffaa487feddf9caf058cf19c3f984b9cf2c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ea-a880-499b-9ee8-417a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:54.000Z",
|
|
"modified": "2016-04-27T12:51:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4e60269982182b1cb8139dd5159a6b78",
|
|
"pattern": "[file:hashes.SHA1 = '6c6c372b062585f0bf75c25fe5f3900ee18018d2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5eb-a988-40f5-aadc-44f902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:55.000Z",
|
|
"modified": "2016-04-27T12:51:55.000Z",
|
|
"first_observed": "2016-04-27T12:51:55Z",
|
|
"last_observed": "2016-04-27T12:51:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5eb-a988-40f5-aadc-44f902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5eb-a988-40f5-aadc-44f902de0b81",
|
|
"value": "https://www.virustotal.com/file/d3d75cb562d60c2978ffaaacf4f69ffaa487feddf9caf058cf19c3f984b9cf2c/analysis/1460366571/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5eb-c578-4818-94b1-414202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:55.000Z",
|
|
"modified": "2016-04-27T12:51:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4d7ce984313b06835b72a4e6ad6e61fa",
|
|
"pattern": "[file:hashes.SHA256 = 'a21f67938a7588c64e8d9acdb629eaf95d21d3276e37b31d25e62a92ce7853d9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5eb-5ca8-45b9-8c40-471c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:55.000Z",
|
|
"modified": "2016-04-27T12:51:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4d7ce984313b06835b72a4e6ad6e61fa",
|
|
"pattern": "[file:hashes.SHA1 = '0eba834a2b8502a9953ed6ea1ee6e5db9e18a796']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ec-091c-433e-9221-41a502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:56.000Z",
|
|
"modified": "2016-04-27T12:51:56.000Z",
|
|
"first_observed": "2016-04-27T12:51:56Z",
|
|
"last_observed": "2016-04-27T12:51:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ec-091c-433e-9221-41a502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ec-091c-433e-9221-41a502de0b81",
|
|
"value": "https://www.virustotal.com/file/a21f67938a7588c64e8d9acdb629eaf95d21d3276e37b31d25e62a92ce7853d9/analysis/1460316412/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ec-fa44-4f8c-8bc1-46f102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:56.000Z",
|
|
"modified": "2016-04-27T12:51:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4be9cb7e3cdab4766411a0d2506a2cf7",
|
|
"pattern": "[file:hashes.SHA256 = 'cfec0d449f8ec08a8e5f82d1ef4d210e41ecbdfb291ff00ff31f88eedcbf7a79']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ec-74e8-4ea8-bee9-4c4902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:56.000Z",
|
|
"modified": "2016-04-27T12:51:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4be9cb7e3cdab4766411a0d2506a2cf7",
|
|
"pattern": "[file:hashes.SHA1 = '2cbea66110b59a08aab03c64d69b3597b09da4b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ed-79dc-4fc5-aa20-489802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:57.000Z",
|
|
"modified": "2016-04-27T12:51:57.000Z",
|
|
"first_observed": "2016-04-27T12:51:57Z",
|
|
"last_observed": "2016-04-27T12:51:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ed-79dc-4fc5-aa20-489802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ed-79dc-4fc5-aa20-489802de0b81",
|
|
"value": "https://www.virustotal.com/file/cfec0d449f8ec08a8e5f82d1ef4d210e41ecbdfb291ff00ff31f88eedcbf7a79/analysis/1457812262/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ed-6f48-4584-8aa4-44e002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:57.000Z",
|
|
"modified": "2016-04-27T12:51:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4b478ad35ad285ff4ff2623cb8c63ff7",
|
|
"pattern": "[file:hashes.SHA256 = 'cacf988f9e1c26cdb93b0b6f787a9a761f30bc363f2f35ff2434564202347711']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ed-83dc-433b-83c1-4b3302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:57.000Z",
|
|
"modified": "2016-04-27T12:51:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4b478ad35ad285ff4ff2623cb8c63ff7",
|
|
"pattern": "[file:hashes.SHA1 = '7396e61e40fd5f5e1616dd3f5b4e3b78415c976e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ee-3ebc-4bf1-930e-408602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:58.000Z",
|
|
"modified": "2016-04-27T12:51:58.000Z",
|
|
"first_observed": "2016-04-27T12:51:58Z",
|
|
"last_observed": "2016-04-27T12:51:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ee-3ebc-4bf1-930e-408602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ee-3ebc-4bf1-930e-408602de0b81",
|
|
"value": "https://www.virustotal.com/file/cacf988f9e1c26cdb93b0b6f787a9a761f30bc363f2f35ff2434564202347711/analysis/1455736406/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ee-2080-46d5-9bf1-491f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:58.000Z",
|
|
"modified": "2016-04-27T12:51:58.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4aa78398d9a927d2c67bf6a5fb0c8db8",
|
|
"pattern": "[file:hashes.SHA256 = 'e2d567c0cb45e690dde6954ef6b10836fbe5b18ef247382e8e7c72232c542762']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ef-3eb0-46de-a996-462902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:59.000Z",
|
|
"modified": "2016-04-27T12:51:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4aa78398d9a927d2c67bf6a5fb0c8db8",
|
|
"pattern": "[file:hashes.SHA1 = '88270503b2847de653fa4a75b24f0d0eb9611d1c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5ef-d788-42cb-bc7c-43c402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:59.000Z",
|
|
"modified": "2016-04-27T12:51:59.000Z",
|
|
"first_observed": "2016-04-27T12:51:59Z",
|
|
"last_observed": "2016-04-27T12:51:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5ef-d788-42cb-bc7c-43c402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5ef-d788-42cb-bc7c-43c402de0b81",
|
|
"value": "https://www.virustotal.com/file/e2d567c0cb45e690dde6954ef6b10836fbe5b18ef247382e8e7c72232c542762/analysis/1456760541/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ef-51bc-40ec-9ed1-4ebe02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:51:59.000Z",
|
|
"modified": "2016-04-27T12:51:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4841a521f95ea744243566cc69904bd1",
|
|
"pattern": "[file:hashes.SHA256 = '4216af04b83a2c7394f651aeb6f7a369465d17e368977a56da91a431153c76bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:51:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f0-c6a4-4291-8c23-4ce902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:00.000Z",
|
|
"modified": "2016-04-27T12:52:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4841a521f95ea744243566cc69904bd1",
|
|
"pattern": "[file:hashes.SHA1 = '5e51ec156081022c25a5381bbd00717c72b93028']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f0-485c-4b2d-8f3d-482f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:00.000Z",
|
|
"modified": "2016-04-27T12:52:00.000Z",
|
|
"first_observed": "2016-04-27T12:52:00Z",
|
|
"last_observed": "2016-04-27T12:52:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f0-485c-4b2d-8f3d-482f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f0-485c-4b2d-8f3d-482f02de0b81",
|
|
"value": "https://www.virustotal.com/file/4216af04b83a2c7394f651aeb6f7a369465d17e368977a56da91a431153c76bd/analysis/1457483552/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f1-8524-4d25-b7c4-41c202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:01.000Z",
|
|
"modified": "2016-04-27T12:52:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 48378433f79ac304d0bb86ee6f99958e",
|
|
"pattern": "[file:hashes.SHA256 = '2b37aed5b29b4e1eccf9c948c8e93ee42d36e84d67f6a88a2106e5955a6873e2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f1-85c0-4d6b-b307-4c5502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:01.000Z",
|
|
"modified": "2016-04-27T12:52:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 48378433f79ac304d0bb86ee6f99958e",
|
|
"pattern": "[file:hashes.SHA1 = '020a0d775e404d05d484f6c3f0e57f6c2ec60ccb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f1-d858-482a-aab6-4e4d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:01.000Z",
|
|
"modified": "2016-04-27T12:52:01.000Z",
|
|
"first_observed": "2016-04-27T12:52:01Z",
|
|
"last_observed": "2016-04-27T12:52:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f1-d858-482a-aab6-4e4d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f1-d858-482a-aab6-4e4d02de0b81",
|
|
"value": "https://www.virustotal.com/file/2b37aed5b29b4e1eccf9c948c8e93ee42d36e84d67f6a88a2106e5955a6873e2/analysis/1454404987/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f2-1e5c-4ccb-8087-41d702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:02.000Z",
|
|
"modified": "2016-04-27T12:52:02.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4827e46a2382fdfa2847db0d376c2c52",
|
|
"pattern": "[file:hashes.SHA256 = '7f78c2d23573d5fb2ec924617633257f74a46fe57da2d280c8ec25ef9d59550f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f2-b4dc-42d5-a19e-472902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:02.000Z",
|
|
"modified": "2016-04-27T12:52:02.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4827e46a2382fdfa2847db0d376c2c52",
|
|
"pattern": "[file:hashes.SHA1 = 'ad6e459543cb45a8217b8e240069ca8d62cd7b8f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f3-8bec-4db3-b9cb-453902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:03.000Z",
|
|
"modified": "2016-04-27T12:52:03.000Z",
|
|
"first_observed": "2016-04-27T12:52:03Z",
|
|
"last_observed": "2016-04-27T12:52:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f3-8bec-4db3-b9cb-453902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f3-8bec-4db3-b9cb-453902de0b81",
|
|
"value": "https://www.virustotal.com/file/7f78c2d23573d5fb2ec924617633257f74a46fe57da2d280c8ec25ef9d59550f/analysis/1455736079/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f3-51b0-40c9-9571-4bcd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:03.000Z",
|
|
"modified": "2016-04-27T12:52:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 472187a7eba0fd0479130711df34a409",
|
|
"pattern": "[file:hashes.SHA256 = '7859c4dedf0d3ff3291ede8c5c14fe2458a2d48ba42de3af286381c7a14d7bb6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f4-676c-46db-8a5c-400602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:04.000Z",
|
|
"modified": "2016-04-27T12:52:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 472187a7eba0fd0479130711df34a409",
|
|
"pattern": "[file:hashes.SHA1 = 'f7c237ac8d38f73d5b99bc8faed6cded5a334472']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f4-5d18-47b1-9a96-412202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:04.000Z",
|
|
"modified": "2016-04-27T12:52:04.000Z",
|
|
"first_observed": "2016-04-27T12:52:04Z",
|
|
"last_observed": "2016-04-27T12:52:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f4-5d18-47b1-9a96-412202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f4-5d18-47b1-9a96-412202de0b81",
|
|
"value": "https://www.virustotal.com/file/7859c4dedf0d3ff3291ede8c5c14fe2458a2d48ba42de3af286381c7a14d7bb6/analysis/1460331040/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f4-e908-459d-b08b-4bb302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:04.000Z",
|
|
"modified": "2016-04-27T12:52:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 44a56e288d906cbfec85f6715554f83b",
|
|
"pattern": "[file:hashes.SHA256 = '3d06a42a130580b0458e71e9f80768cc8e8e9dc052ca46105741de175d7ec99a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f5-baf0-4a62-8e38-44b602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:05.000Z",
|
|
"modified": "2016-04-27T12:52:05.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 44a56e288d906cbfec85f6715554f83b",
|
|
"pattern": "[file:hashes.SHA1 = '7e0bdedd9ac98d97815f64823dad16e90bf6c478']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f5-fab8-4584-bd37-4b1f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:05.000Z",
|
|
"modified": "2016-04-27T12:52:05.000Z",
|
|
"first_observed": "2016-04-27T12:52:05Z",
|
|
"last_observed": "2016-04-27T12:52:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f5-fab8-4584-bd37-4b1f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f5-fab8-4584-bd37-4b1f02de0b81",
|
|
"value": "https://www.virustotal.com/file/3d06a42a130580b0458e71e9f80768cc8e8e9dc052ca46105741de175d7ec99a/analysis/1460124415/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f6-aea4-4f06-aa8e-40dd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:06.000Z",
|
|
"modified": "2016-04-27T12:52:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 437db1d8d84e245875064ba7cccc9ae0",
|
|
"pattern": "[file:hashes.SHA256 = '705d6d7ebf151fd696f02e73888e84d066f5f160a7f0bcd363e9ec979e7ac0e8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f6-cba8-42e0-b926-4a8202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:06.000Z",
|
|
"modified": "2016-04-27T12:52:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 437db1d8d84e245875064ba7cccc9ae0",
|
|
"pattern": "[file:hashes.SHA1 = 'b0776c318816a9fc2d37eb93645894fc13ea5928']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f6-1558-4c0b-8d22-406102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:06.000Z",
|
|
"modified": "2016-04-27T12:52:06.000Z",
|
|
"first_observed": "2016-04-27T12:52:06Z",
|
|
"last_observed": "2016-04-27T12:52:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f6-1558-4c0b-8d22-406102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f6-1558-4c0b-8d22-406102de0b81",
|
|
"value": "https://www.virustotal.com/file/705d6d7ebf151fd696f02e73888e84d066f5f160a7f0bcd363e9ec979e7ac0e8/analysis/1460333811/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f7-26c8-4bcd-bbe1-42cd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:07.000Z",
|
|
"modified": "2016-04-27T12:52:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4294589c588b577529150b01ce588a13",
|
|
"pattern": "[file:hashes.SHA256 = 'b4726da0b0ce6f414b4a47bb5b8609fd2e21134d99b586950dfcc75dd1b9179f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f7-2ec4-4e91-b15c-416c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:07.000Z",
|
|
"modified": "2016-04-27T12:52:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 4294589c588b577529150b01ce588a13",
|
|
"pattern": "[file:hashes.SHA1 = 'b3695a8d8ff604cac337abc9cb8a13c11ac5d46c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f8-b248-4111-87ce-44c802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:08.000Z",
|
|
"modified": "2016-04-27T12:52:08.000Z",
|
|
"first_observed": "2016-04-27T12:52:08Z",
|
|
"last_observed": "2016-04-27T12:52:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f8-b248-4111-87ce-44c802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f8-b248-4111-87ce-44c802de0b81",
|
|
"value": "https://www.virustotal.com/file/b4726da0b0ce6f414b4a47bb5b8609fd2e21134d99b586950dfcc75dd1b9179f/analysis/1457371696/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f8-46ac-4f06-a58d-434202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:08.000Z",
|
|
"modified": "2016-04-27T12:52:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 422fc3634a8a575945fc96bd85465275",
|
|
"pattern": "[file:hashes.SHA256 = 'a9d51811bc45b5cd633e238114b023fed0e7dc5e830f7b22f8e1137919d7ef78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f8-6b1c-4746-9a75-4f6302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:08.000Z",
|
|
"modified": "2016-04-27T12:52:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 422fc3634a8a575945fc96bd85465275",
|
|
"pattern": "[file:hashes.SHA1 = '3abcbb110a9717d7a3d94eb79b448a12d0e5b970']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f8-3ac8-40b1-b443-43f002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:08.000Z",
|
|
"modified": "2016-04-27T12:52:08.000Z",
|
|
"first_observed": "2016-04-27T12:52:08Z",
|
|
"last_observed": "2016-04-27T12:52:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f8-3ac8-40b1-b443-43f002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f8-3ac8-40b1-b443-43f002de0b81",
|
|
"value": "https://www.virustotal.com/file/a9d51811bc45b5cd633e238114b023fed0e7dc5e830f7b22f8e1137919d7ef78/analysis/1456406501/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f9-def4-4916-a2a3-485c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:09.000Z",
|
|
"modified": "2016-04-27T12:52:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 41b946bf78606d4f94a7206f024914bf",
|
|
"pattern": "[file:hashes.SHA256 = 'c40ae7421e8dba58334db500998a5c6e002037076cf717a068f8e3f3279a3275']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5f9-7820-4581-a619-410002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:09.000Z",
|
|
"modified": "2016-04-27T12:52:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 41b946bf78606d4f94a7206f024914bf",
|
|
"pattern": "[file:hashes.SHA1 = '35d9fa1a909fe819c98b4cf911f252f885240fea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5f9-640c-48a5-bb9a-4b7602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:09.000Z",
|
|
"modified": "2016-04-27T12:52:09.000Z",
|
|
"first_observed": "2016-04-27T12:52:09Z",
|
|
"last_observed": "2016-04-27T12:52:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5f9-640c-48a5-bb9a-4b7602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5f9-640c-48a5-bb9a-4b7602de0b81",
|
|
"value": "https://www.virustotal.com/file/c40ae7421e8dba58334db500998a5c6e002037076cf717a068f8e3f3279a3275/analysis/1457936495/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5fa-42a0-442b-85f6-4f7b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:10.000Z",
|
|
"modified": "2016-04-27T12:52:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 412e4f59e3a7a7d870581e83bffa33d1",
|
|
"pattern": "[file:hashes.SHA256 = '7120969c8412332e3aa8b9207fb95db842140a2fbf2150ed15e7963c0c070bfc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5fa-93fc-4283-99dd-4cf802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:10.000Z",
|
|
"modified": "2016-04-27T12:52:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 412e4f59e3a7a7d870581e83bffa33d1",
|
|
"pattern": "[file:hashes.SHA1 = '536e79b8b6140f74c4124efd24b387345fa415d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5fb-a868-4233-a980-4e2a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:11.000Z",
|
|
"modified": "2016-04-27T12:52:11.000Z",
|
|
"first_observed": "2016-04-27T12:52:11Z",
|
|
"last_observed": "2016-04-27T12:52:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5fb-a868-4233-a980-4e2a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5fb-a868-4233-a980-4e2a02de0b81",
|
|
"value": "https://www.virustotal.com/file/7120969c8412332e3aa8b9207fb95db842140a2fbf2150ed15e7963c0c070bfc/analysis/1454935757/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5fb-3eac-49f7-aefa-463502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:11.000Z",
|
|
"modified": "2016-04-27T12:52:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 40f7cec380c6904bbeaac5c42bc99fb6",
|
|
"pattern": "[file:hashes.SHA256 = '72e9ddd4c3f7eccbe3651b865ec491b961ba45fff7b1d3d6087f17096f07b9b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5fb-51ec-4c24-b220-45bd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:11.000Z",
|
|
"modified": "2016-04-27T12:52:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 40f7cec380c6904bbeaac5c42bc99fb6",
|
|
"pattern": "[file:hashes.SHA1 = 'e74103341bd3bb94d57cca9cd928852e0627be4f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5fc-fa08-4cd0-a6c4-416702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:12.000Z",
|
|
"modified": "2016-04-27T12:52:12.000Z",
|
|
"first_observed": "2016-04-27T12:52:12Z",
|
|
"last_observed": "2016-04-27T12:52:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5fc-fa08-4cd0-a6c4-416702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5fc-fa08-4cd0-a6c4-416702de0b81",
|
|
"value": "https://www.virustotal.com/file/72e9ddd4c3f7eccbe3651b865ec491b961ba45fff7b1d3d6087f17096f07b9b8/analysis/1455735592/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5fc-b988-4bf5-b45b-48bb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:12.000Z",
|
|
"modified": "2016-04-27T12:52:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3f9376bd042b5c9b111dde1b460ab9b5",
|
|
"pattern": "[file:hashes.SHA256 = '7844793728167b5a2053302b858f2788bf2cc9b1000a585886c5707b141667a4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5fd-9c20-4801-95f0-441402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:13.000Z",
|
|
"modified": "2016-04-27T12:52:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3f9376bd042b5c9b111dde1b460ab9b5",
|
|
"pattern": "[file:hashes.SHA1 = 'a6ef165200fcf875f4844f558ebfc492b9bd0177']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5fd-848c-49fe-88a5-477502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:13.000Z",
|
|
"modified": "2016-04-27T12:52:13.000Z",
|
|
"first_observed": "2016-04-27T12:52:13Z",
|
|
"last_observed": "2016-04-27T12:52:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5fd-848c-49fe-88a5-477502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5fd-848c-49fe-88a5-477502de0b81",
|
|
"value": "https://www.virustotal.com/file/7844793728167b5a2053302b858f2788bf2cc9b1000a585886c5707b141667a4/analysis/1460331053/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5fe-2458-41c7-95c8-464702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:14.000Z",
|
|
"modified": "2016-04-27T12:52:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3de3c1ff2db0f75d18c10c1d682596a6",
|
|
"pattern": "[file:hashes.SHA256 = 'c86a44c57a7ae02c25261e83dd0848baad2973632b676879ffc7cfefebd94378']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5fe-d750-4fa8-b735-456702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:14.000Z",
|
|
"modified": "2016-04-27T12:52:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3de3c1ff2db0f75d18c10c1d682596a6",
|
|
"pattern": "[file:hashes.SHA1 = '10e67d2a3b57f6f2423fcc15669d4147dee738cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b5fe-31d4-4380-aac5-4d9702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:14.000Z",
|
|
"modified": "2016-04-27T12:52:14.000Z",
|
|
"first_observed": "2016-04-27T12:52:14Z",
|
|
"last_observed": "2016-04-27T12:52:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b5fe-31d4-4380-aac5-4d9702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b5fe-31d4-4380-aac5-4d9702de0b81",
|
|
"value": "https://www.virustotal.com/file/c86a44c57a7ae02c25261e83dd0848baad2973632b676879ffc7cfefebd94378/analysis/1455735632/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ff-0ac0-4e89-acc3-478402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:15.000Z",
|
|
"modified": "2016-04-27T12:52:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3d4e135e647fba30e67415e5ebc5af42",
|
|
"pattern": "[file:hashes.SHA256 = '810259e8c2301a1a98038443c5470c72d5922f713489e53949ff9b94c3bbe879']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b5ff-1404-4576-9f65-472302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:15.000Z",
|
|
"modified": "2016-04-27T12:52:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3d4e135e647fba30e67415e5ebc5af42",
|
|
"pattern": "[file:hashes.SHA1 = '4022c62a2e9e0126dd5889ee62bd527cfdebcf80']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b600-dd5c-43e0-b61e-4cfe02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:16.000Z",
|
|
"modified": "2016-04-27T12:52:16.000Z",
|
|
"first_observed": "2016-04-27T12:52:16Z",
|
|
"last_observed": "2016-04-27T12:52:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b600-dd5c-43e0-b61e-4cfe02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b600-dd5c-43e0-b61e-4cfe02de0b81",
|
|
"value": "https://www.virustotal.com/file/810259e8c2301a1a98038443c5470c72d5922f713489e53949ff9b94c3bbe879/analysis/1457936454/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b600-ed94-4735-a048-446102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:16.000Z",
|
|
"modified": "2016-04-27T12:52:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3d3dac2656f5850d6e2cababc06edd23",
|
|
"pattern": "[file:hashes.SHA256 = 'ddddee8fe287d7288c7795bd6915777bf7dde986fee9e41eef098582072e5761']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b600-7f2c-4245-9b40-420802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:16.000Z",
|
|
"modified": "2016-04-27T12:52:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3d3dac2656f5850d6e2cababc06edd23",
|
|
"pattern": "[file:hashes.SHA1 = '248501995c50420ed465879fc62473b5ca41d0a5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b601-c700-4864-994c-431b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:17.000Z",
|
|
"modified": "2016-04-27T12:52:17.000Z",
|
|
"first_observed": "2016-04-27T12:52:17Z",
|
|
"last_observed": "2016-04-27T12:52:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b601-c700-4864-994c-431b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b601-c700-4864-994c-431b02de0b81",
|
|
"value": "https://www.virustotal.com/file/ddddee8fe287d7288c7795bd6915777bf7dde986fee9e41eef098582072e5761/analysis/1460363713/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b601-6c24-4b09-9edb-447d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:17.000Z",
|
|
"modified": "2016-04-27T12:52:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3b39743b98e7223c93f15026c009e2ed",
|
|
"pattern": "[file:hashes.SHA256 = '80f067e06382e2366e6812e9a73a216d402cc5a1e4ded29184f370779b95c853']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b602-56c4-432a-9c6b-46cf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:18.000Z",
|
|
"modified": "2016-04-27T12:52:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3b39743b98e7223c93f15026c009e2ed",
|
|
"pattern": "[file:hashes.SHA1 = '5b8f1c97766e5df1aeb646b70ba0cdeed85c6693']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b602-a57c-4112-b00d-4c7702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:18.000Z",
|
|
"modified": "2016-04-27T12:52:18.000Z",
|
|
"first_observed": "2016-04-27T12:52:18Z",
|
|
"last_observed": "2016-04-27T12:52:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b602-a57c-4112-b00d-4c7702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b602-a57c-4112-b00d-4c7702de0b81",
|
|
"value": "https://www.virustotal.com/file/80f067e06382e2366e6812e9a73a216d402cc5a1e4ded29184f370779b95c853/analysis/1456362678/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b603-1aa4-48a8-93f0-4db002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:19.000Z",
|
|
"modified": "2016-04-27T12:52:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3b2dda7dafbc3f690f179999b367f743",
|
|
"pattern": "[file:hashes.SHA256 = '86cf13f4004cb5a5eed1625af560b7ce907c0280ba0dc77b6110607aa41c3660']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b603-a248-4e84-b617-4ad202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:19.000Z",
|
|
"modified": "2016-04-27T12:52:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3b2dda7dafbc3f690f179999b367f743",
|
|
"pattern": "[file:hashes.SHA1 = 'bdbca95a18a3cc6b2383fb5b9d67716f44750d92']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b604-e1d8-4b77-95ce-498102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:20.000Z",
|
|
"modified": "2016-04-27T12:52:20.000Z",
|
|
"first_observed": "2016-04-27T12:52:20Z",
|
|
"last_observed": "2016-04-27T12:52:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b604-e1d8-4b77-95ce-498102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b604-e1d8-4b77-95ce-498102de0b81",
|
|
"value": "https://www.virustotal.com/file/86cf13f4004cb5a5eed1625af560b7ce907c0280ba0dc77b6110607aa41c3660/analysis/1457767210/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b604-df98-4441-b7bb-476802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:20.000Z",
|
|
"modified": "2016-04-27T12:52:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3abe743871688eb542a36bdd4f5ba196",
|
|
"pattern": "[file:hashes.SHA256 = '0ed5150f6df52e8009a4a3fecdec7181f98ce32d804e51ab910709e83b6016d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b604-177c-4420-a087-49c502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:20.000Z",
|
|
"modified": "2016-04-27T12:52:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3abe743871688eb542a36bdd4f5ba196",
|
|
"pattern": "[file:hashes.SHA1 = '6fd76394028d7dcea3c2dac95caa54671becaa29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b605-a6d8-4027-9c0d-417d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:21.000Z",
|
|
"modified": "2016-04-27T12:52:21.000Z",
|
|
"first_observed": "2016-04-27T12:52:21Z",
|
|
"last_observed": "2016-04-27T12:52:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b605-a6d8-4027-9c0d-417d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b605-a6d8-4027-9c0d-417d02de0b81",
|
|
"value": "https://www.virustotal.com/file/0ed5150f6df52e8009a4a3fecdec7181f98ce32d804e51ab910709e83b6016d0/analysis/1460138359/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b605-94c8-4d88-8229-4dea02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:21.000Z",
|
|
"modified": "2016-04-27T12:52:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3a0baa509a54359d10696d995dfe783e",
|
|
"pattern": "[file:hashes.SHA256 = '8ad115d19530c52064ee95063117269c126fae966fec9ab092d580938e204af1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b606-dfd0-48de-b00a-460602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:22.000Z",
|
|
"modified": "2016-04-27T12:52:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3a0baa509a54359d10696d995dfe783e",
|
|
"pattern": "[file:hashes.SHA1 = '4a63e5ef94cb9fee2ee858b170d8fd9231ee64a1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b606-d114-481b-90bd-4a8902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:22.000Z",
|
|
"modified": "2016-04-27T12:52:22.000Z",
|
|
"first_observed": "2016-04-27T12:52:22Z",
|
|
"last_observed": "2016-04-27T12:52:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b606-d114-481b-90bd-4a8902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b606-d114-481b-90bd-4a8902de0b81",
|
|
"value": "https://www.virustotal.com/file/8ad115d19530c52064ee95063117269c126fae966fec9ab092d580938e204af1/analysis/1455735418/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b607-0550-4b4a-8ef3-405a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:23.000Z",
|
|
"modified": "2016-04-27T12:52:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 391a74f46c7f7c34e98be38228fc94b6",
|
|
"pattern": "[file:hashes.SHA256 = 'fea74aba461e05eff514f21b94c9ed8906009198c3ebab70362f98ad7adee2e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b607-160c-4411-8c8f-407502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:23.000Z",
|
|
"modified": "2016-04-27T12:52:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 391a74f46c7f7c34e98be38228fc94b6",
|
|
"pattern": "[file:hashes.SHA1 = 'f4d3705ae095cc358b02c218a05a3068f8766406']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b607-1e7c-472c-b338-42b802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:23.000Z",
|
|
"modified": "2016-04-27T12:52:23.000Z",
|
|
"first_observed": "2016-04-27T12:52:23Z",
|
|
"last_observed": "2016-04-27T12:52:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b607-1e7c-472c-b338-42b802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b607-1e7c-472c-b338-42b802de0b81",
|
|
"value": "https://www.virustotal.com/file/fea74aba461e05eff514f21b94c9ed8906009198c3ebab70362f98ad7adee2e1/analysis/1454936277/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b608-a9b8-41e9-bcce-44af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:24.000Z",
|
|
"modified": "2016-04-27T12:52:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 38b9c800c9787ea6de3f5a9436444435",
|
|
"pattern": "[file:hashes.SHA256 = '0622288a3c6b0b675caa59fba0de9b0b721d076efd85b7fdc00e53bf971481c7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b608-70f4-47da-ad60-426202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:24.000Z",
|
|
"modified": "2016-04-27T12:52:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 38b9c800c9787ea6de3f5a9436444435",
|
|
"pattern": "[file:hashes.SHA1 = '033cdec4a350f1af1d381f473f3dc3a4fa303a5a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b609-c714-4505-bfb6-4c4702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:25.000Z",
|
|
"modified": "2016-04-27T12:52:25.000Z",
|
|
"first_observed": "2016-04-27T12:52:25Z",
|
|
"last_observed": "2016-04-27T12:52:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b609-c714-4505-bfb6-4c4702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b609-c714-4505-bfb6-4c4702de0b81",
|
|
"value": "https://www.virustotal.com/file/0622288a3c6b0b675caa59fba0de9b0b721d076efd85b7fdc00e53bf971481c7/analysis/1458183915/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b609-4370-44a8-bfe6-403102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:25.000Z",
|
|
"modified": "2016-04-27T12:52:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 37506bcd79e0a39d56edda2f0713ce34",
|
|
"pattern": "[file:hashes.SHA256 = 'ae7978ff8278775ea947b1efc5deafb4a668adc8634fb9b8ecb03f0e119deed6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b609-27ec-451d-86a2-4e9402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:25.000Z",
|
|
"modified": "2016-04-27T12:52:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 37506bcd79e0a39d56edda2f0713ce34",
|
|
"pattern": "[file:hashes.SHA1 = '6312a8c982e1d9251d4e8f580a869d4e3b8b9ddf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b60a-dc54-4dc9-a7e2-420702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:26.000Z",
|
|
"modified": "2016-04-27T12:52:26.000Z",
|
|
"first_observed": "2016-04-27T12:52:26Z",
|
|
"last_observed": "2016-04-27T12:52:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b60a-dc54-4dc9-a7e2-420702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b60a-dc54-4dc9-a7e2-420702de0b81",
|
|
"value": "https://www.virustotal.com/file/ae7978ff8278775ea947b1efc5deafb4a668adc8634fb9b8ecb03f0e119deed6/analysis/1455735140/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b60a-8260-454c-8a0f-40bb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:26.000Z",
|
|
"modified": "2016-04-27T12:52:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 35666c9ef8d3d81d8641578259982e57",
|
|
"pattern": "[file:hashes.SHA256 = '502f77c8e55baf8688071220280af76aea89eb599ce8780bfeba6c716336b4db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b60b-4d8c-4954-9b08-416102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:27.000Z",
|
|
"modified": "2016-04-27T12:52:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 35666c9ef8d3d81d8641578259982e57",
|
|
"pattern": "[file:hashes.SHA1 = '7087069dd095f82cf9297c521e3fcf22e0434d9a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b60b-396c-4fe2-be7b-4f6602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:27.000Z",
|
|
"modified": "2016-04-27T12:52:27.000Z",
|
|
"first_observed": "2016-04-27T12:52:27Z",
|
|
"last_observed": "2016-04-27T12:52:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b60b-396c-4fe2-be7b-4f6602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b60b-396c-4fe2-be7b-4f6602de0b81",
|
|
"value": "https://www.virustotal.com/file/502f77c8e55baf8688071220280af76aea89eb599ce8780bfeba6c716336b4db/analysis/1457767236/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b60c-a028-4526-bed2-475302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:28.000Z",
|
|
"modified": "2016-04-27T12:52:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 356393e8c85864fa2e31e30d28c13067",
|
|
"pattern": "[file:hashes.SHA256 = '142fa3cd919c6337dca0c7f04f76534db0dd0ea6e280b140304cb7eedab0b847']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b60c-f174-4d15-9c30-46c602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:28.000Z",
|
|
"modified": "2016-04-27T12:52:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 356393e8c85864fa2e31e30d28c13067",
|
|
"pattern": "[file:hashes.SHA1 = 'f7d9034a639fb487eb370411bbb11b0d37b7fc98']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b60c-0440-4546-a53d-48c302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:28.000Z",
|
|
"modified": "2016-04-27T12:52:28.000Z",
|
|
"first_observed": "2016-04-27T12:52:28Z",
|
|
"last_observed": "2016-04-27T12:52:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b60c-0440-4546-a53d-48c302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b60c-0440-4546-a53d-48c302de0b81",
|
|
"value": "https://www.virustotal.com/file/142fa3cd919c6337dca0c7f04f76534db0dd0ea6e280b140304cb7eedab0b847/analysis/1461400530/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b60d-ef44-4c8d-bae4-4b1d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:29.000Z",
|
|
"modified": "2016-04-27T12:52:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 34e8dfc3d5fe5a936d556ac79e53412f",
|
|
"pattern": "[file:hashes.SHA256 = '5ea3b65662f54146a33352da9357250d6982dc0777658987599722c69db1c3a9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b60d-0958-4292-8b10-452402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:29.000Z",
|
|
"modified": "2016-04-27T12:52:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 34e8dfc3d5fe5a936d556ac79e53412f",
|
|
"pattern": "[file:hashes.SHA1 = 'ae6b7a929b2bdcc4e1e89bacbe68ce0ec1d271ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b60e-3448-4cf2-82fe-496102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:30.000Z",
|
|
"modified": "2016-04-27T12:52:30.000Z",
|
|
"first_observed": "2016-04-27T12:52:30Z",
|
|
"last_observed": "2016-04-27T12:52:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b60e-3448-4cf2-82fe-496102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b60e-3448-4cf2-82fe-496102de0b81",
|
|
"value": "https://www.virustotal.com/file/5ea3b65662f54146a33352da9357250d6982dc0777658987599722c69db1c3a9/analysis/1455734942/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b60e-5528-4fe2-bf3f-44d5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:30.000Z",
|
|
"modified": "2016-04-27T12:52:30.000Z",
|
|
"first_observed": "2016-04-27T12:52:30Z",
|
|
"last_observed": "2016-04-27T12:52:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b60e-5528-4fe2-bf3f-44d5950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b60e-5528-4fe2-bf3f-44d5950d210f",
|
|
"value": "https://www.virustotal.com/en/domain/asdfgjcr.bget.ru/information/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b60e-40ec-404f-9051-4d9502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:30.000Z",
|
|
"modified": "2016-04-27T12:52:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 34788c0c80687e1488d3c9b688de9991",
|
|
"pattern": "[file:hashes.SHA256 = 'fc959e03041e748b2b8bcceb0a7848d9442ee358009a279122180cb738a5527f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b60f-f058-48e2-969a-42cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:30.000Z",
|
|
"modified": "2016-04-27T12:52:30.000Z",
|
|
"first_observed": "2016-04-27T12:52:30Z",
|
|
"last_observed": "2016-04-27T12:52:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b60f-f058-48e2-969a-42cd950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b60f-f058-48e2-969a-42cd950d210f",
|
|
"value": "https://www.virustotal.com/en/url/04ba4610659f1c8f28edf11efa763e15903ec8e4c54ae1a506b4f9b234e58fc0/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b60f-f570-43dd-b94d-42be02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:31.000Z",
|
|
"modified": "2016-04-27T12:52:31.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 34788c0c80687e1488d3c9b688de9991",
|
|
"pattern": "[file:hashes.SHA1 = '40bbb32882734c321fb6675db857d1bf90695d8c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b60f-acf8-49e2-a1b1-4696950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:31.000Z",
|
|
"modified": "2016-04-27T12:52:31.000Z",
|
|
"first_observed": "2016-04-27T12:52:31Z",
|
|
"last_observed": "2016-04-27T12:52:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b60f-acf8-49e2-a1b1-4696950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b60f-acf8-49e2-a1b1-4696950d210f",
|
|
"value": "https://www.virustotal.com/en/file/0d3a592e5ef89dd9bc7afa2418214646d81305730bb32237827a3d2fbc829520/analysis/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b610-b14c-4a06-8abe-4e9a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:32.000Z",
|
|
"modified": "2016-04-27T12:52:32.000Z",
|
|
"first_observed": "2016-04-27T12:52:32Z",
|
|
"last_observed": "2016-04-27T12:52:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b610-b14c-4a06-8abe-4e9a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b610-b14c-4a06-8abe-4e9a02de0b81",
|
|
"value": "https://www.virustotal.com/file/fc959e03041e748b2b8bcceb0a7848d9442ee358009a279122180cb738a5527f/analysis/1457421679/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b610-ba84-49f4-a368-47aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:32.000Z",
|
|
"modified": "2016-04-27T12:52:32.000Z",
|
|
"first_observed": "2016-04-27T12:52:32Z",
|
|
"last_observed": "2016-04-27T12:52:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b610-ba84-49f4-a368-47aa950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b610-ba84-49f4-a368-47aa950d210f",
|
|
"value": "https://www.virustotal.com/en/url/3eeea91d8639a82f5c3d4bc62f276ebba0a0b76d5a2f380a5791bef5e8651ef2/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b611-dcd4-42f1-9238-468302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:33.000Z",
|
|
"modified": "2016-04-27T12:52:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 31eddefcadb1d4a6bbc55e610d085638",
|
|
"pattern": "[file:hashes.SHA256 = '59cdcf328b5c4a8310bc203a552ebcdacce8013f7fb9041c63c5c611c2c28712']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b611-6acc-4ca3-8d08-4252950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:33.000Z",
|
|
"modified": "2016-04-27T12:52:33.000Z",
|
|
"first_observed": "2016-04-27T12:52:33Z",
|
|
"last_observed": "2016-04-27T12:52:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b611-6acc-4ca3-8d08-4252950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b611-6acc-4ca3-8d08-4252950d210f",
|
|
"value": "https://www.virustotal.com/en/file/b220dafc03e9625ec8a6c6e0eba7b914bbd407b7b43ce47cd0aa3c76660d981e/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b611-e7bc-48a0-8bbb-481b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:33.000Z",
|
|
"modified": "2016-04-27T12:52:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 31eddefcadb1d4a6bbc55e610d085638",
|
|
"pattern": "[file:hashes.SHA1 = '4aeb7c164cd0d71cdbbab327935ce9e0caacdf71']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b612-524c-4e98-9ede-4f80950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:34.000Z",
|
|
"modified": "2016-04-27T12:52:34.000Z",
|
|
"first_observed": "2016-04-27T12:52:34Z",
|
|
"last_observed": "2016-04-27T12:52:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b612-524c-4e98-9ede-4f80950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b612-524c-4e98-9ede-4f80950d210f",
|
|
"value": "https://www.virustotal.com/en/domain/riveroer.bget.ru/information/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b612-fa54-4330-a612-436502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:34.000Z",
|
|
"modified": "2016-04-27T12:52:34.000Z",
|
|
"first_observed": "2016-04-27T12:52:34Z",
|
|
"last_observed": "2016-04-27T12:52:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b612-fa54-4330-a612-436502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b612-fa54-4330-a612-436502de0b81",
|
|
"value": "https://www.virustotal.com/file/59cdcf328b5c4a8310bc203a552ebcdacce8013f7fb9041c63c5c611c2c28712/analysis/1455734648/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b613-7314-4d23-b669-4b23950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:35.000Z",
|
|
"modified": "2016-04-27T12:52:35.000Z",
|
|
"first_observed": "2016-04-27T12:52:35Z",
|
|
"last_observed": "2016-04-27T12:52:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b613-7314-4d23-b669-4b23950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b613-7314-4d23-b669-4b23950d210f",
|
|
"value": "https://www.virustotal.com/en/url/9f399156d7a8fafac209b6214ea3c2c21141f2c6a0da4065ae766747b3165054/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b613-88a8-4f1a-bf96-4c9f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:35.000Z",
|
|
"modified": "2016-04-27T12:52:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3199b7e9b27c1aa619bc6959c6eab458",
|
|
"pattern": "[file:hashes.SHA256 = 'e61aa083332bb32c2cdc433c637439c541fe53ec7a4c70871bfb757fa2223654']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b613-4794-46fc-8013-414d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:35.000Z",
|
|
"modified": "2016-04-27T12:52:35.000Z",
|
|
"first_observed": "2016-04-27T12:52:35Z",
|
|
"last_observed": "2016-04-27T12:52:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b613-4794-46fc-8013-414d950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b613-4794-46fc-8013-414d950d210f",
|
|
"value": "https://www.virustotal.com/en/url/b48efd7d2b5654ff9226337bd7b36723e9dc777d96e82c9adbee0777733d5382/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b614-0e14-420d-961d-4cbb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:36.000Z",
|
|
"modified": "2016-04-27T12:52:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3199b7e9b27c1aa619bc6959c6eab458",
|
|
"pattern": "[file:hashes.SHA1 = '574fe8321eafc58ea1e88f082dcda9ca1f3628a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b614-a190-4420-a9a4-43fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:36.000Z",
|
|
"modified": "2016-04-27T12:52:36.000Z",
|
|
"first_observed": "2016-04-27T12:52:36Z",
|
|
"last_observed": "2016-04-27T12:52:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b614-a190-4420-a9a4-43fa950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b614-a190-4420-a9a4-43fa950d210f",
|
|
"value": "https://www.virustotal.com/en/url/91b05e9bc5c59bb9c16bb7c3b1925ac16f61dbeb3e04414e5e97dec924f05458/analysis/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b614-93ac-49cd-85a0-493c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:36.000Z",
|
|
"modified": "2016-04-27T12:52:36.000Z",
|
|
"first_observed": "2016-04-27T12:52:36Z",
|
|
"last_observed": "2016-04-27T12:52:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b614-93ac-49cd-85a0-493c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b614-93ac-49cd-85a0-493c02de0b81",
|
|
"value": "https://www.virustotal.com/file/e61aa083332bb32c2cdc433c637439c541fe53ec7a4c70871bfb757fa2223654/analysis/1455161212/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b615-3c88-4a70-82bd-48f7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:37.000Z",
|
|
"modified": "2016-04-27T12:52:37.000Z",
|
|
"first_observed": "2016-04-27T12:52:37Z",
|
|
"last_observed": "2016-04-27T12:52:37Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b615-3c88-4a70-82bd-48f7950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b615-3c88-4a70-82bd-48f7950d210f",
|
|
"value": "https://www.virustotal.com/en/file/537e0e9d762ab89f6607ed31fd407142909c652958f4522bf8b1a9958b3c10de/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b615-a4d0-401e-aafc-4be802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:37.000Z",
|
|
"modified": "2016-04-27T12:52:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 318513f9f14fbf78ec037b62b221c91b",
|
|
"pattern": "[file:hashes.SHA256 = '7fd1acb1004a3c83a2e23d44286dcd635dc6b4fcbd9f3b3f57b408e88e31e0d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b616-be94-46b2-9e91-47d602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:38.000Z",
|
|
"modified": "2016-04-27T12:52:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 318513f9f14fbf78ec037b62b221c91b",
|
|
"pattern": "[file:hashes.SHA1 = '9fdfbcf342799a7408cb8e92e4c8fb78b474b53f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b616-67f8-4812-871d-4ede02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:38.000Z",
|
|
"modified": "2016-04-27T12:52:38.000Z",
|
|
"first_observed": "2016-04-27T12:52:38Z",
|
|
"last_observed": "2016-04-27T12:52:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b616-67f8-4812-871d-4ede02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b616-67f8-4812-871d-4ede02de0b81",
|
|
"value": "https://www.virustotal.com/file/7fd1acb1004a3c83a2e23d44286dcd635dc6b4fcbd9f3b3f57b408e88e31e0d4/analysis/1456718204/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b616-ae50-4578-b22b-41de02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:38.000Z",
|
|
"modified": "2016-04-27T12:52:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 315a713c65baf5390fcf4232df3d1669",
|
|
"pattern": "[file:hashes.SHA256 = '2bc462ef88b9380a1d24f213b685e03198b7ad9c5207e59419068e21d952dfbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b617-df54-4059-a7cc-443e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:39.000Z",
|
|
"modified": "2016-04-27T12:52:39.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 315a713c65baf5390fcf4232df3d1669",
|
|
"pattern": "[file:hashes.SHA1 = '640a928d0a594a3e87c13c75d0134e5b9df7fc85']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b617-dcd0-4789-8b8b-4c6b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:39.000Z",
|
|
"modified": "2016-04-27T12:52:39.000Z",
|
|
"first_observed": "2016-04-27T12:52:39Z",
|
|
"last_observed": "2016-04-27T12:52:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b617-dcd0-4789-8b8b-4c6b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b617-dcd0-4789-8b8b-4c6b02de0b81",
|
|
"value": "https://www.virustotal.com/file/2bc462ef88b9380a1d24f213b685e03198b7ad9c5207e59419068e21d952dfbf/analysis/1458038257/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b617-f314-4bf4-a97a-46f202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:39.000Z",
|
|
"modified": "2016-04-27T12:52:39.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3131d58ace4f3485dcc2581be3fcfb42",
|
|
"pattern": "[file:hashes.SHA256 = '9fcb1572bf766acb14cc926e0209b83ee27217c4bc3a77f8d4c86fc72a9b61c6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b618-22a0-40d9-b1aa-431502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:40.000Z",
|
|
"modified": "2016-04-27T12:52:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3131d58ace4f3485dcc2581be3fcfb42",
|
|
"pattern": "[file:hashes.SHA1 = '4f03362451b110f0741cdeef955fce600d9a82fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b618-fd44-4540-b42a-4f7002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:40.000Z",
|
|
"modified": "2016-04-27T12:52:40.000Z",
|
|
"first_observed": "2016-04-27T12:52:40Z",
|
|
"last_observed": "2016-04-27T12:52:40Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b618-fd44-4540-b42a-4f7002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b618-fd44-4540-b42a-4f7002de0b81",
|
|
"value": "https://www.virustotal.com/file/9fcb1572bf766acb14cc926e0209b83ee27217c4bc3a77f8d4c86fc72a9b61c6/analysis/1455734636/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b618-c6fc-495d-b921-405602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:40.000Z",
|
|
"modified": "2016-04-27T12:52:40.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3103bd49786d52c920e12303921bd2f1",
|
|
"pattern": "[file:hashes.SHA256 = 'e3650b27154ae9646703cf97b58f63da29594d26579cf7454878afdee5d29eb8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b619-9bfc-46c8-b546-4d6302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:41.000Z",
|
|
"modified": "2016-04-27T12:52:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 3103bd49786d52c920e12303921bd2f1",
|
|
"pattern": "[file:hashes.SHA1 = 'e30bfafeace35f09b3ccab38bbde2d5c5d3e7206']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b619-2704-4e3c-8a02-4ddf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:41.000Z",
|
|
"modified": "2016-04-27T12:52:41.000Z",
|
|
"first_observed": "2016-04-27T12:52:41Z",
|
|
"last_observed": "2016-04-27T12:52:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b619-2704-4e3c-8a02-4ddf02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b619-2704-4e3c-8a02-4ddf02de0b81",
|
|
"value": "https://www.virustotal.com/file/e3650b27154ae9646703cf97b58f63da29594d26579cf7454878afdee5d29eb8/analysis/1456763151/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b619-ecc8-47dd-9ec7-460802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:41.000Z",
|
|
"modified": "2016-04-27T12:52:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 30f2b0edd191d1465bac11553d60f761",
|
|
"pattern": "[file:hashes.SHA256 = '09161f0f22270c8c8be6d47a3b64c909ef0570f95c9e6ecdb8004d84699ba435']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b619-2fcc-468b-98f0-4cbc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:41.000Z",
|
|
"modified": "2016-04-27T12:52:41.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 30f2b0edd191d1465bac11553d60f761",
|
|
"pattern": "[file:hashes.SHA1 = '50e97f9dc588c76fb85741dd5dea7a76be57753e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b61a-c908-410e-b312-481602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:42.000Z",
|
|
"modified": "2016-04-27T12:52:42.000Z",
|
|
"first_observed": "2016-04-27T12:52:42Z",
|
|
"last_observed": "2016-04-27T12:52:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b61a-c908-410e-b312-481602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b61a-c908-410e-b312-481602de0b81",
|
|
"value": "https://www.virustotal.com/file/09161f0f22270c8c8be6d47a3b64c909ef0570f95c9e6ecdb8004d84699ba435/analysis/1455734679/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61a-a9a8-4aed-9a01-47a302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:42.000Z",
|
|
"modified": "2016-04-27T12:52:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 30c1a1a7417598fa8f23572f0f090866",
|
|
"pattern": "[file:hashes.SHA256 = '4d6103698b7c7fcba9cdd59ee5739a051c17c7161f2d7a9006ccd46841c552af']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61a-5d2c-48e5-b93d-469802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:42.000Z",
|
|
"modified": "2016-04-27T12:52:42.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 30c1a1a7417598fa8f23572f0f090866",
|
|
"pattern": "[file:hashes.SHA1 = '237d5afa92397c170bd6cb440161bd9bc4af4412']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b61b-04e4-44bd-a81e-44f602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:43.000Z",
|
|
"modified": "2016-04-27T12:52:43.000Z",
|
|
"first_observed": "2016-04-27T12:52:43Z",
|
|
"last_observed": "2016-04-27T12:52:43Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b61b-04e4-44bd-a81e-44f602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b61b-04e4-44bd-a81e-44f602de0b81",
|
|
"value": "https://www.virustotal.com/file/4d6103698b7c7fcba9cdd59ee5739a051c17c7161f2d7a9006ccd46841c552af/analysis/1455734680/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61b-ca64-41d0-bade-423b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:43.000Z",
|
|
"modified": "2016-04-27T12:52:43.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 30a8c03a7d6a489da047443938e2aa20",
|
|
"pattern": "[file:hashes.SHA256 = 'ad0709b8982dfe25c57856646d60f3280ee03f296c1292d979f980872c0adfa6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61b-9740-49b0-b906-404302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:43.000Z",
|
|
"modified": "2016-04-27T12:52:43.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 30a8c03a7d6a489da047443938e2aa20",
|
|
"pattern": "[file:hashes.SHA1 = 'ee7554466507c7127b0ee885e76a98355ff27bbb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b61c-8a74-45fc-9cb6-460202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:44.000Z",
|
|
"modified": "2016-04-27T12:52:44.000Z",
|
|
"first_observed": "2016-04-27T12:52:44Z",
|
|
"last_observed": "2016-04-27T12:52:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b61c-8a74-45fc-9cb6-460202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b61c-8a74-45fc-9cb6-460202de0b81",
|
|
"value": "https://www.virustotal.com/file/ad0709b8982dfe25c57856646d60f3280ee03f296c1292d979f980872c0adfa6/analysis/1458138008/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61c-9624-44a6-b84b-4dbd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:44.000Z",
|
|
"modified": "2016-04-27T12:52:44.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 308bec5d52d55c00aff0b561e7975bdf",
|
|
"pattern": "[file:hashes.SHA256 = '84e65b52d18b4609d6d84f95adeee03503cfe17a9ff7e5c75e46dd7713cbfc87']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61d-6d5c-4907-8098-4b3002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:45.000Z",
|
|
"modified": "2016-04-27T12:52:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 308bec5d52d55c00aff0b561e7975bdf",
|
|
"pattern": "[file:hashes.SHA1 = '7f83fa43ddca3050f5784864fd8af574855e9a5a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b61d-ca04-49d4-afcd-4f5302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:45.000Z",
|
|
"modified": "2016-04-27T12:52:45.000Z",
|
|
"first_observed": "2016-04-27T12:52:45Z",
|
|
"last_observed": "2016-04-27T12:52:45Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b61d-ca04-49d4-afcd-4f5302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b61d-ca04-49d4-afcd-4f5302de0b81",
|
|
"value": "https://www.virustotal.com/file/84e65b52d18b4609d6d84f95adeee03503cfe17a9ff7e5c75e46dd7713cbfc87/analysis/1460326726/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61d-9fa8-4e19-bec7-4dc902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:45.000Z",
|
|
"modified": "2016-04-27T12:52:45.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2e9fcd26fdeeed19f0de865298d59f2e",
|
|
"pattern": "[file:hashes.SHA256 = '003e7988b3ac804853d543066998f2b721a16ca3522862f656fe8161a784ae73']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61e-3784-489b-b9ea-467902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:46.000Z",
|
|
"modified": "2016-04-27T12:52:46.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2e9fcd26fdeeed19f0de865298d59f2e",
|
|
"pattern": "[file:hashes.SHA1 = 'd77d73686a3120e485ef2e74fa7caefe7785a013']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b61e-3c1c-4158-9818-491e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:46.000Z",
|
|
"modified": "2016-04-27T12:52:46.000Z",
|
|
"first_observed": "2016-04-27T12:52:46Z",
|
|
"last_observed": "2016-04-27T12:52:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b61e-3c1c-4158-9818-491e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b61e-3c1c-4158-9818-491e02de0b81",
|
|
"value": "https://www.virustotal.com/file/003e7988b3ac804853d543066998f2b721a16ca3522862f656fe8161a784ae73/analysis/1454936216/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61f-40cc-4e9d-8d6e-4c4902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:47.000Z",
|
|
"modified": "2016-04-27T12:52:47.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2e44ffbaa24c1203df218be1cc28a9e5",
|
|
"pattern": "[file:hashes.SHA256 = '9bec8fea8126a8e2f4b9eb6ca695f1e8c5d90a8a87057d378f19e6165ed9493b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b61f-395c-4f98-89e8-4a4902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:47.000Z",
|
|
"modified": "2016-04-27T12:52:47.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2e44ffbaa24c1203df218be1cc28a9e5",
|
|
"pattern": "[file:hashes.SHA1 = '9452d0a231feadfc5400fe692150e3bc4123b404']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b61f-18d8-4e21-bfe0-441202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:47.000Z",
|
|
"modified": "2016-04-27T12:52:47.000Z",
|
|
"first_observed": "2016-04-27T12:52:47Z",
|
|
"last_observed": "2016-04-27T12:52:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b61f-18d8-4e21-bfe0-441202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b61f-18d8-4e21-bfe0-441202de0b81",
|
|
"value": "https://www.virustotal.com/file/9bec8fea8126a8e2f4b9eb6ca695f1e8c5d90a8a87057d378f19e6165ed9493b/analysis/1458589273/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b620-833c-4f0c-bdd1-41bb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:48.000Z",
|
|
"modified": "2016-04-27T12:52:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2cf5b053bf51e9ff8ea653da5523b5f1",
|
|
"pattern": "[file:hashes.SHA256 = '56bae3455a60304057bd9739eea804137d35996b3e1d26208d58d1ab1cc51b07']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b620-47fc-4ed5-8d0d-48ef02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:48.000Z",
|
|
"modified": "2016-04-27T12:52:48.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2cf5b053bf51e9ff8ea653da5523b5f1",
|
|
"pattern": "[file:hashes.SHA1 = 'c142a0c44771a70d1abcec5686df3e1389ee4a51']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b621-1f18-4822-97f6-438902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:49.000Z",
|
|
"modified": "2016-04-27T12:52:49.000Z",
|
|
"first_observed": "2016-04-27T12:52:49Z",
|
|
"last_observed": "2016-04-27T12:52:49Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b621-1f18-4822-97f6-438902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b621-1f18-4822-97f6-438902de0b81",
|
|
"value": "https://www.virustotal.com/file/56bae3455a60304057bd9739eea804137d35996b3e1d26208d58d1ab1cc51b07/analysis/1456405740/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b621-e5e0-43ee-a3ad-49e902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:49.000Z",
|
|
"modified": "2016-04-27T12:52:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2ce248b19c30a9fed4cd813c23831d7a",
|
|
"pattern": "[file:hashes.SHA256 = '3bf6b59d01d0506b7c07039d0c0917f54ccb7c40247cbd164cf12148fc2ef3e6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b621-ae0c-4b68-93ea-4d1502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:49.000Z",
|
|
"modified": "2016-04-27T12:52:49.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2ce248b19c30a9fed4cd813c23831d7a",
|
|
"pattern": "[file:hashes.SHA1 = '4833fa756a3451ca21b95e2ac55159ebd4ac8b34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b622-3d50-4600-9ea8-41a102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:50.000Z",
|
|
"modified": "2016-04-27T12:52:50.000Z",
|
|
"first_observed": "2016-04-27T12:52:50Z",
|
|
"last_observed": "2016-04-27T12:52:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b622-3d50-4600-9ea8-41a102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b622-3d50-4600-9ea8-41a102de0b81",
|
|
"value": "https://www.virustotal.com/file/3bf6b59d01d0506b7c07039d0c0917f54ccb7c40247cbd164cf12148fc2ef3e6/analysis/1460124789/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b622-6b7c-4543-92d4-418e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:50.000Z",
|
|
"modified": "2016-04-27T12:52:50.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2cd1908f4846e81e92f82684d337e858",
|
|
"pattern": "[file:hashes.SHA256 = 'b80efb4e64bb125ef0c361c854e9b3406a926944403029d773abe32bbdf05fc2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b623-3d4c-4d8d-8b7f-40df02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:51.000Z",
|
|
"modified": "2016-04-27T12:52:51.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2cd1908f4846e81e92f82684d337e858",
|
|
"pattern": "[file:hashes.SHA1 = 'f88e56e7e80848d85f1ca1d37dff055a2d97e805']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b623-32e4-4461-ba19-49bb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:51.000Z",
|
|
"modified": "2016-04-27T12:52:51.000Z",
|
|
"first_observed": "2016-04-27T12:52:51Z",
|
|
"last_observed": "2016-04-27T12:52:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b623-32e4-4461-ba19-49bb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b623-32e4-4461-ba19-49bb02de0b81",
|
|
"value": "https://www.virustotal.com/file/b80efb4e64bb125ef0c361c854e9b3406a926944403029d773abe32bbdf05fc2/analysis/1456727707/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b624-a2fc-4d56-a617-42dc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:52.000Z",
|
|
"modified": "2016-04-27T12:52:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2cb75f46b901c17b2f0a9cb486933d65",
|
|
"pattern": "[file:hashes.SHA256 = 'b2917f897b6bc6a3f352b44e8cd263a8ec2831dd1eec2170fd545db03f7a1738']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b624-6518-45a7-8f19-449902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:52.000Z",
|
|
"modified": "2016-04-27T12:52:52.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2cb75f46b901c17b2f0a9cb486933d65",
|
|
"pattern": "[file:hashes.SHA1 = '960d8606f9569b1d0074ac4759bbd5e4c37d2a1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b625-0784-4750-b982-492702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:53.000Z",
|
|
"modified": "2016-04-27T12:52:53.000Z",
|
|
"first_observed": "2016-04-27T12:52:53Z",
|
|
"last_observed": "2016-04-27T12:52:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b625-0784-4750-b982-492702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b625-0784-4750-b982-492702de0b81",
|
|
"value": "https://www.virustotal.com/file/b2917f897b6bc6a3f352b44e8cd263a8ec2831dd1eec2170fd545db03f7a1738/analysis/1460377812/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b625-449c-43ce-ba27-479b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:53.000Z",
|
|
"modified": "2016-04-27T12:52:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2c200cfcc5f4121fb70b1c152357225b",
|
|
"pattern": "[file:hashes.SHA256 = '881f47cfd14ba3808280b3926f965513e496e839c88277cfc6e402e84641e9c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b625-4104-4b87-985c-45ac02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:53.000Z",
|
|
"modified": "2016-04-27T12:52:53.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2c200cfcc5f4121fb70b1c152357225b",
|
|
"pattern": "[file:hashes.SHA1 = '67a252a1196a82d83f36835efad38c36378a262e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b626-8dd4-4779-9fd8-4c0102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:54.000Z",
|
|
"modified": "2016-04-27T12:52:54.000Z",
|
|
"first_observed": "2016-04-27T12:52:54Z",
|
|
"last_observed": "2016-04-27T12:52:54Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b626-8dd4-4779-9fd8-4c0102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b626-8dd4-4779-9fd8-4c0102de0b81",
|
|
"value": "https://www.virustotal.com/file/881f47cfd14ba3808280b3926f965513e496e839c88277cfc6e402e84641e9c0/analysis/1455733966/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b626-92ac-4048-b1f2-4e8102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:54.000Z",
|
|
"modified": "2016-04-27T12:52:54.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2ac5e8e2fd8050330863875d5018cb59",
|
|
"pattern": "[file:hashes.SHA256 = 'de344c21fca698d20a8ebfa8db85ca4ac86d0c339763ef564af669c53b71c290']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b627-cef8-45f2-b53f-4d9b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:55.000Z",
|
|
"modified": "2016-04-27T12:52:55.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2ac5e8e2fd8050330863875d5018cb59",
|
|
"pattern": "[file:hashes.SHA1 = 'e38ed4738a555db0176ccdb485a79c11b718d5c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b627-6ee0-48a3-90c8-491002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:55.000Z",
|
|
"modified": "2016-04-27T12:52:55.000Z",
|
|
"first_observed": "2016-04-27T12:52:55Z",
|
|
"last_observed": "2016-04-27T12:52:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b627-6ee0-48a3-90c8-491002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b627-6ee0-48a3-90c8-491002de0b81",
|
|
"value": "https://www.virustotal.com/file/de344c21fca698d20a8ebfa8db85ca4ac86d0c339763ef564af669c53b71c290/analysis/1457936477/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b628-b9d4-4187-8860-438b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:56.000Z",
|
|
"modified": "2016-04-27T12:52:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2a6c086c589d1b0a7d6d81c4e4c70282",
|
|
"pattern": "[file:hashes.SHA256 = 'c20fe2ae8b21e85972782b9f15020bd94e476b0b59b01ba160c5596b80d04818']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b628-d000-47cc-b45b-41de02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:56.000Z",
|
|
"modified": "2016-04-27T12:52:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2a6c086c589d1b0a7d6d81c4e4c70282",
|
|
"pattern": "[file:hashes.SHA1 = 'fd875e472e5995baf9fb0d0125ae11706bb152f0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b628-1f08-4336-81bb-4c8702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:56.000Z",
|
|
"modified": "2016-04-27T12:52:56.000Z",
|
|
"first_observed": "2016-04-27T12:52:56Z",
|
|
"last_observed": "2016-04-27T12:52:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b628-1f08-4336-81bb-4c8702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b628-1f08-4336-81bb-4c8702de0b81",
|
|
"value": "https://www.virustotal.com/file/c20fe2ae8b21e85972782b9f15020bd94e476b0b59b01ba160c5596b80d04818/analysis/1457767243/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b628-bf38-4f72-9e2a-46c302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:56.000Z",
|
|
"modified": "2016-04-27T12:52:56.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2a1c02bd4263a4e1cb6f648a9da59429",
|
|
"pattern": "[file:hashes.SHA256 = '1cbf67dd77937676188f2a7b56427e552eab619ae10ff7f8887113541ffee5a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b629-3bc4-4a26-9b0e-484a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:57.000Z",
|
|
"modified": "2016-04-27T12:52:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2a1c02bd4263a4e1cb6f648a9da59429",
|
|
"pattern": "[file:hashes.SHA1 = '8ee807a58199fffae996f3e0e94e2315322ba02b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b629-0d88-4f54-afae-4e3002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:57.000Z",
|
|
"modified": "2016-04-27T12:52:57.000Z",
|
|
"first_observed": "2016-04-27T12:52:57Z",
|
|
"last_observed": "2016-04-27T12:52:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b629-0d88-4f54-afae-4e3002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b629-0d88-4f54-afae-4e3002de0b81",
|
|
"value": "https://www.virustotal.com/file/1cbf67dd77937676188f2a7b56427e552eab619ae10ff7f8887113541ffee5a7/analysis/1460134059/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b629-0c88-4aa1-905c-49f302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:57.000Z",
|
|
"modified": "2016-04-27T12:52:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 29a8eef1b304d53f303d03ba6994ed32",
|
|
"pattern": "[file:hashes.SHA256 = 'e5f7d4de3ccc4bffccb8658e9ac897dec50fbd9c24459fd55a19d5587c5856f9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b629-ca3c-4ec1-ad8d-400c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:57.000Z",
|
|
"modified": "2016-04-27T12:52:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 29a8eef1b304d53f303d03ba6994ed32",
|
|
"pattern": "[file:hashes.SHA1 = 'c1c5a9a5b24caf4deccb784147d2b22ae64c54dc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b629-d480-4842-acae-41d302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:57.000Z",
|
|
"modified": "2016-04-27T12:52:57.000Z",
|
|
"first_observed": "2016-04-27T12:52:57Z",
|
|
"last_observed": "2016-04-27T12:52:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b629-d480-4842-acae-41d302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b629-d480-4842-acae-41d302de0b81",
|
|
"value": "https://www.virustotal.com/file/e5f7d4de3ccc4bffccb8658e9ac897dec50fbd9c24459fd55a19d5587c5856f9/analysis/1460360826/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b629-d9c8-4673-833a-476802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:57.000Z",
|
|
"modified": "2016-04-27T12:52:57.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2802552e2aa5491ebbf28bfef85618cb",
|
|
"pattern": "[file:hashes.SHA256 = '8a84a0ffed1bd73fd2b14c9c59b959a01bb3bef36c1f803baecb0b68185e097e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62a-def0-40e2-b600-4d2302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:58.000Z",
|
|
"modified": "2016-04-27T12:52:58.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2802552e2aa5491ebbf28bfef85618cb",
|
|
"pattern": "[file:hashes.SHA1 = 'd5d507388f62345f1b8b19117c7a548e03c59e1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62a-5d04-47f1-9873-4fd402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:58.000Z",
|
|
"modified": "2016-04-27T12:52:58.000Z",
|
|
"first_observed": "2016-04-27T12:52:58Z",
|
|
"last_observed": "2016-04-27T12:52:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62a-5d04-47f1-9873-4fd402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62a-5d04-47f1-9873-4fd402de0b81",
|
|
"value": "https://www.virustotal.com/file/8a84a0ffed1bd73fd2b14c9c59b959a01bb3bef36c1f803baecb0b68185e097e/analysis/1458183788/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62a-2428-4518-b70e-4bbb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:58.000Z",
|
|
"modified": "2016-04-27T12:52:58.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2745bc6f165ae43f1edf5cd1e01db2c5",
|
|
"pattern": "[file:hashes.SHA256 = '512ac9f834b816cc0d68630c852a07134e6a34c5213b53d264ec2fd0ab1bcfd8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62a-bf20-404e-a069-40fa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:58.000Z",
|
|
"modified": "2016-04-27T12:52:58.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2745bc6f165ae43f1edf5cd1e01db2c5",
|
|
"pattern": "[file:hashes.SHA1 = 'f1f5d9e4fdc114505b71754ffdb05160c9817cf5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62a-c938-4a12-af40-4a2002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:58.000Z",
|
|
"modified": "2016-04-27T12:52:58.000Z",
|
|
"first_observed": "2016-04-27T12:52:58Z",
|
|
"last_observed": "2016-04-27T12:52:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62a-c938-4a12-af40-4a2002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62a-c938-4a12-af40-4a2002de0b81",
|
|
"value": "https://www.virustotal.com/file/512ac9f834b816cc0d68630c852a07134e6a34c5213b53d264ec2fd0ab1bcfd8/analysis/1460117573/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62b-0a20-4fde-b049-470802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:59.000Z",
|
|
"modified": "2016-04-27T12:52:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 24f23fe808ba3f90a7a48eae37ce259d",
|
|
"pattern": "[file:hashes.SHA256 = '7f7c71e900e878057884dad9e699b3b4405eb3c4518a276aba1fd69eb5263781']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62b-c938-4b30-aae6-4df602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:59.000Z",
|
|
"modified": "2016-04-27T12:52:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 24f23fe808ba3f90a7a48eae37ce259d",
|
|
"pattern": "[file:hashes.SHA1 = 'a3025eebd5cc55e64559f299d9f4fdb700049512']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62b-d864-4529-8f39-4fc502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:59.000Z",
|
|
"modified": "2016-04-27T12:52:59.000Z",
|
|
"first_observed": "2016-04-27T12:52:59Z",
|
|
"last_observed": "2016-04-27T12:52:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62b-d864-4529-8f39-4fc502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62b-d864-4529-8f39-4fc502de0b81",
|
|
"value": "https://www.virustotal.com/file/7f7c71e900e878057884dad9e699b3b4405eb3c4518a276aba1fd69eb5263781/analysis/1460328627/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62b-5178-4e44-870d-482402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:59.000Z",
|
|
"modified": "2016-04-27T12:52:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 244b965d3816ac828d21c04bcf0519a4",
|
|
"pattern": "[file:hashes.SHA256 = '82ab0e15bef9c81ffab967b3885a63c41852f52d3283d2fcd1e550be961a06df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62b-8a38-416d-83eb-4a0f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:52:59.000Z",
|
|
"modified": "2016-04-27T12:52:59.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 244b965d3816ac828d21c04bcf0519a4",
|
|
"pattern": "[file:hashes.SHA1 = '63e9d08dde17249c94343f0a2cbc0ee1d30b4220']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:52:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62c-d00c-422d-bc32-4c5e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:00.000Z",
|
|
"modified": "2016-04-27T12:53:00.000Z",
|
|
"first_observed": "2016-04-27T12:53:00Z",
|
|
"last_observed": "2016-04-27T12:53:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62c-d00c-422d-bc32-4c5e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62c-d00c-422d-bc32-4c5e02de0b81",
|
|
"value": "https://www.virustotal.com/file/82ab0e15bef9c81ffab967b3885a63c41852f52d3283d2fcd1e550be961a06df/analysis/1455733578/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62c-1148-4396-9c13-4a1502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:00.000Z",
|
|
"modified": "2016-04-27T12:53:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 220fc807884acfcd703596994e202f21",
|
|
"pattern": "[file:hashes.SHA256 = '646b8d8e8d083690265555d043284a6f551eac66666df8a1c4dae4617c2d14a9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62c-e03c-4927-9413-477b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:00.000Z",
|
|
"modified": "2016-04-27T12:53:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 220fc807884acfcd703596994e202f21",
|
|
"pattern": "[file:hashes.SHA1 = 'ab1aa396e6c097830ea0a5237fe49ff60df3c7bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62c-2524-416c-ba3e-48fe02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:00.000Z",
|
|
"modified": "2016-04-27T12:53:00.000Z",
|
|
"first_observed": "2016-04-27T12:53:00Z",
|
|
"last_observed": "2016-04-27T12:53:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62c-2524-416c-ba3e-48fe02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62c-2524-416c-ba3e-48fe02de0b81",
|
|
"value": "https://www.virustotal.com/file/646b8d8e8d083690265555d043284a6f551eac66666df8a1c4dae4617c2d14a9/analysis/1460646293/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62c-7d88-4db9-afa9-485802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:00.000Z",
|
|
"modified": "2016-04-27T12:53:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2177a3094dd06f9d777db64364d3fc2c",
|
|
"pattern": "[file:hashes.SHA256 = '1d1926d9c9e3911d64f45d40005490f5f539f1417332bb6e5affa888ba3de24f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62d-f6bc-4949-b0e4-443902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:00.000Z",
|
|
"modified": "2016-04-27T12:53:00.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 2177a3094dd06f9d777db64364d3fc2c",
|
|
"pattern": "[file:hashes.SHA1 = 'a30066a64d9bf4ccf38b1fc786f70085e6e80ab4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62d-15c8-45b0-b3e3-43c702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:01.000Z",
|
|
"modified": "2016-04-27T12:53:01.000Z",
|
|
"first_observed": "2016-04-27T12:53:01Z",
|
|
"last_observed": "2016-04-27T12:53:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62d-15c8-45b0-b3e3-43c702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62d-15c8-45b0-b3e3-43c702de0b81",
|
|
"value": "https://www.virustotal.com/file/1d1926d9c9e3911d64f45d40005490f5f539f1417332bb6e5affa888ba3de24f/analysis/1454639346/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62d-7438-4a65-89e7-4e3002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:01.000Z",
|
|
"modified": "2016-04-27T12:53:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1ed3c0158eb960bb47847596a69a744c",
|
|
"pattern": "[file:hashes.SHA256 = '75fd71d15d1b3d8ff5786253f0398e8280fe2329e00e4e9e0ad0ed7a8adda3e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62d-259c-4ebb-92b5-42d802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:01.000Z",
|
|
"modified": "2016-04-27T12:53:01.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1ed3c0158eb960bb47847596a69a744c",
|
|
"pattern": "[file:hashes.SHA1 = '2e4603d7a8f6cd4ea3138fd2838b3bd0614a3241']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62d-916c-4da6-b3a4-4938950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:01.000Z",
|
|
"modified": "2016-04-27T12:53:01.000Z",
|
|
"first_observed": "2016-04-27T12:53:01Z",
|
|
"last_observed": "2016-04-27T12:53:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62d-916c-4da6-b3a4-4938950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62d-916c-4da6-b3a4-4938950d210f",
|
|
"value": "https://www.virustotal.com/en/domain/sdfkjhl2.bget.ru/information/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62d-067c-40f0-b47e-449202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:01.000Z",
|
|
"modified": "2016-04-27T12:53:01.000Z",
|
|
"first_observed": "2016-04-27T12:53:01Z",
|
|
"last_observed": "2016-04-27T12:53:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62d-067c-40f0-b47e-449202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62d-067c-40f0-b47e-449202de0b81",
|
|
"value": "https://www.virustotal.com/file/75fd71d15d1b3d8ff5786253f0398e8280fe2329e00e4e9e0ad0ed7a8adda3e3/analysis/1455938443/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62e-f99c-46c2-9904-4d29950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:02.000Z",
|
|
"modified": "2016-04-27T12:53:02.000Z",
|
|
"first_observed": "2016-04-27T12:53:02Z",
|
|
"last_observed": "2016-04-27T12:53:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62e-f99c-46c2-9904-4d29950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62e-f99c-46c2-9904-4d29950d210f",
|
|
"value": "https://www.virustotal.com/en/url/d3824f5e0c6152a0f059aa8a53b30af872e4bd420a201a5b0db5e27f53b00f35/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62e-a868-4a46-9b25-4af502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:02.000Z",
|
|
"modified": "2016-04-27T12:53:02.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1dc8e18e610fd921ffa638b3f51de4b2",
|
|
"pattern": "[file:hashes.SHA256 = '562829d6111698d7cb8dea25e457ad127be200e0247c032eb6eac28a28e9466f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62e-f6b8-4a1a-b788-4050950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:02.000Z",
|
|
"modified": "2016-04-27T12:53:02.000Z",
|
|
"first_observed": "2016-04-27T12:53:02Z",
|
|
"last_observed": "2016-04-27T12:53:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62e-f6b8-4a1a-b788-4050950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62e-f6b8-4a1a-b788-4050950d210f",
|
|
"value": "https://www.virustotal.com/en/file/f0b48d2e1811b0af7b0e96644b2f5c472f209f346b11e19f01cd75f908393eca/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b62f-e24c-432b-acae-42e802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:03.000Z",
|
|
"modified": "2016-04-27T12:53:03.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1dc8e18e610fd921ffa638b3f51de4b2",
|
|
"pattern": "[file:hashes.SHA1 = 'f4621ac11b7dd336cad7cfa91f012fbc157431c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62f-b07c-4493-a0ea-4b68950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:03.000Z",
|
|
"modified": "2016-04-27T12:53:03.000Z",
|
|
"first_observed": "2016-04-27T12:53:03Z",
|
|
"last_observed": "2016-04-27T12:53:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62f-b07c-4493-a0ea-4b68950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62f-b07c-4493-a0ea-4b68950d210f",
|
|
"value": "https://www.virustotal.com/en/file/c96dfd27b0556c29b25b1eeb90ac2e329e77e95d4059f476086c2e5ba3c75bdf/analysis/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62f-a958-4b89-b9d1-4fc102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:03.000Z",
|
|
"modified": "2016-04-27T12:53:03.000Z",
|
|
"first_observed": "2016-04-27T12:53:03Z",
|
|
"last_observed": "2016-04-27T12:53:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62f-a958-4b89-b9d1-4fc102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62f-a958-4b89-b9d1-4fc102de0b81",
|
|
"value": "https://www.virustotal.com/file/562829d6111698d7cb8dea25e457ad127be200e0247c032eb6eac28a28e9466f/analysis/1455732215/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b62f-8170-43f9-a879-4852950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:03.000Z",
|
|
"modified": "2016-04-27T12:53:03.000Z",
|
|
"first_observed": "2016-04-27T12:53:03Z",
|
|
"last_observed": "2016-04-27T12:53:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b62f-8170-43f9-a879-4852950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b62f-8170-43f9-a879-4852950d210f",
|
|
"value": "https://www.virustotal.com/en/url/3125d7248019af1922f4722a4e43dd2520007d904b5e62aecb49adaad7ae8dbc/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b630-0574-4402-82a0-438002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:04.000Z",
|
|
"modified": "2016-04-27T12:53:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1cead79dfdaee9d7eb914a5b13a323ea",
|
|
"pattern": "[file:hashes.SHA256 = 'e71f315de2cb53fe243b6f9a74fd66978120ec0f5106bb6e3cd2b44d906ab789']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b630-d2d4-443f-b30d-4c73950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:04.000Z",
|
|
"modified": "2016-04-27T12:53:04.000Z",
|
|
"first_observed": "2016-04-27T12:53:04Z",
|
|
"last_observed": "2016-04-27T12:53:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b630-d2d4-443f-b30d-4c73950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b630-d2d4-443f-b30d-4c73950d210f",
|
|
"value": "https://www.virustotal.com/en/file/8c18e0144527029f1a0fc87fc246f19f619b12dd7440451f0040cd6b428085c8/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b630-40e8-46fa-aa28-4c1102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:04.000Z",
|
|
"modified": "2016-04-27T12:53:04.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1cead79dfdaee9d7eb914a5b13a323ea",
|
|
"pattern": "[file:hashes.SHA1 = '15a44c7cb45ea0b7ee3d032872ceaa54a9f50155']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b631-d9b4-4e6b-aaa5-40d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:05.000Z",
|
|
"modified": "2016-04-27T12:53:05.000Z",
|
|
"first_observed": "2016-04-27T12:53:05Z",
|
|
"last_observed": "2016-04-27T12:53:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b631-d9b4-4e6b-aaa5-40d3950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b631-d9b4-4e6b-aaa5-40d3950d210f",
|
|
"value": "https://www.virustotal.com/en/domain/konkonq2.bget.ru/information/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b631-87ec-4448-822a-44f202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:05.000Z",
|
|
"modified": "2016-04-27T12:53:05.000Z",
|
|
"first_observed": "2016-04-27T12:53:05Z",
|
|
"last_observed": "2016-04-27T12:53:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b631-87ec-4448-822a-44f202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b631-87ec-4448-822a-44f202de0b81",
|
|
"value": "https://www.virustotal.com/file/e71f315de2cb53fe243b6f9a74fd66978120ec0f5106bb6e3cd2b44d906ab789/analysis/1460360391/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b631-8324-4cf4-bbea-4291950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:05.000Z",
|
|
"modified": "2016-04-27T12:53:05.000Z",
|
|
"first_observed": "2016-04-27T12:53:05Z",
|
|
"last_observed": "2016-04-27T12:53:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b631-8324-4cf4-bbea-4291950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b631-8324-4cf4-bbea-4291950d210f",
|
|
"value": "https://www.virustotal.com/en/url/d71d7685baa216e314a612e2ca4ce395d154c9b618892e179a1a68b55b3e7f59/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b632-d210-4456-bc3b-408902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:06.000Z",
|
|
"modified": "2016-04-27T12:53:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1cbedd5cc8e9b59f90ec81a5aec0239f",
|
|
"pattern": "[file:hashes.SHA256 = '74b1493de5c65d7bd56ce60130483cf568b4ee220f847a0a032a09f3d6275278']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b632-931c-41d1-a168-4359950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:06.000Z",
|
|
"modified": "2016-04-27T12:53:06.000Z",
|
|
"first_observed": "2016-04-27T12:53:06Z",
|
|
"last_observed": "2016-04-27T12:53:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b632-931c-41d1-a168-4359950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b632-931c-41d1-a168-4359950d210f",
|
|
"value": "https://www.virustotal.com/en/url/6a20235d4b0d7fc1c8e09c8bc6d0ecb833efedf6d363aa3ce8fc21a15f6b60db/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b632-47dc-41b2-90bd-4a7002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:06.000Z",
|
|
"modified": "2016-04-27T12:53:06.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1cbedd5cc8e9b59f90ec81a5aec0239f",
|
|
"pattern": "[file:hashes.SHA1 = '8c2d33f97c4ba82065c1335b884acf1a4812f0fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b632-b204-4094-b1e4-4722950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:06.000Z",
|
|
"modified": "2016-04-27T12:53:06.000Z",
|
|
"first_observed": "2016-04-27T12:53:06Z",
|
|
"last_observed": "2016-04-27T12:53:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b632-b204-4094-b1e4-4722950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b632-b204-4094-b1e4-4722950d210f",
|
|
"value": "https://www.virustotal.com/en/url/acd7296141bebcda2cbb52506b8d76ec50443034f40c6853c1fcfda660241436/analysis/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b633-33a0-482e-b33d-408102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:07.000Z",
|
|
"modified": "2016-04-27T12:53:07.000Z",
|
|
"first_observed": "2016-04-27T12:53:07Z",
|
|
"last_observed": "2016-04-27T12:53:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b633-33a0-482e-b33d-408102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b633-33a0-482e-b33d-408102de0b81",
|
|
"value": "https://www.virustotal.com/file/74b1493de5c65d7bd56ce60130483cf568b4ee220f847a0a032a09f3d6275278/analysis/1460332295/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b633-d6f4-4fd9-afe7-4d0a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:07.000Z",
|
|
"modified": "2016-04-27T12:53:07.000Z",
|
|
"first_observed": "2016-04-27T12:53:07Z",
|
|
"last_observed": "2016-04-27T12:53:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b633-d6f4-4fd9-afe7-4d0a950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b633-d6f4-4fd9-afe7-4d0a950d210f",
|
|
"value": "https://www.virustotal.com/en/file/68f69026df5dcd2696a217bc7083a19665939c4012e0893ec2f0e29336a949db/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b633-bd54-41f5-85b2-4ebb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:07.000Z",
|
|
"modified": "2016-04-27T12:53:07.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1b4b6bf1e40d5954b34a815d1438efd9",
|
|
"pattern": "[file:hashes.SHA256 = '7a0f51833ae740c22990e6cbe23a84d7363bb1d15bc4376e8cb4fb554af1c387']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b634-6e08-493b-948e-49da02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:08.000Z",
|
|
"modified": "2016-04-27T12:53:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1b4b6bf1e40d5954b34a815d1438efd9",
|
|
"pattern": "[file:hashes.SHA1 = '96c2de3cebec60031da0a1a0eec6666398413a86']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b634-c044-42bc-8059-43e802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:08.000Z",
|
|
"modified": "2016-04-27T12:53:08.000Z",
|
|
"first_observed": "2016-04-27T12:53:08Z",
|
|
"last_observed": "2016-04-27T12:53:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b634-c044-42bc-8059-43e802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b634-c044-42bc-8059-43e802de0b81",
|
|
"value": "https://www.virustotal.com/file/7a0f51833ae740c22990e6cbe23a84d7363bb1d15bc4376e8cb4fb554af1c387/analysis/1459996370/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b634-7e70-4585-af9a-4df402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:08.000Z",
|
|
"modified": "2016-04-27T12:53:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 18d1b845b2ee1960b304ab2fd3bfe11b",
|
|
"pattern": "[file:hashes.SHA256 = '58020db529d9bcc16761ee01c7021f32daf7963b6dba5f7ddb85aafddd3fcc09']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b634-0ff8-4276-b896-4fea02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:08.000Z",
|
|
"modified": "2016-04-27T12:53:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 18d1b845b2ee1960b304ab2fd3bfe11b",
|
|
"pattern": "[file:hashes.SHA1 = 'd19738c506496c5ec621e4d2e7a895d2538f8c68']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b634-c1fc-41b1-bd66-4b5102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:08.000Z",
|
|
"modified": "2016-04-27T12:53:08.000Z",
|
|
"first_observed": "2016-04-27T12:53:08Z",
|
|
"last_observed": "2016-04-27T12:53:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b634-c1fc-41b1-bd66-4b5102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b634-c1fc-41b1-bd66-4b5102de0b81",
|
|
"value": "https://www.virustotal.com/file/58020db529d9bcc16761ee01c7021f32daf7963b6dba5f7ddb85aafddd3fcc09/analysis/1460341886/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b634-d4fc-4361-a99b-4ef602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:08.000Z",
|
|
"modified": "2016-04-27T12:53:08.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1850c020edafcf8254279e352ce33da9",
|
|
"pattern": "[file:hashes.SHA256 = '3e7c3e06da8340c6850ebc034d773599ae54e09770aaad926a75630688fca1e5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b635-6670-4394-9d5e-4cd902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:09.000Z",
|
|
"modified": "2016-04-27T12:53:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1850c020edafcf8254279e352ce33da9",
|
|
"pattern": "[file:hashes.SHA1 = '02ed9bfdc57b9961cf36b16b0dfb382d0340787d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b635-dba0-4dc8-b4c3-471c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:09.000Z",
|
|
"modified": "2016-04-27T12:53:09.000Z",
|
|
"first_observed": "2016-04-27T12:53:09Z",
|
|
"last_observed": "2016-04-27T12:53:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b635-dba0-4dc8-b4c3-471c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b635-dba0-4dc8-b4c3-471c02de0b81",
|
|
"value": "https://www.virustotal.com/file/3e7c3e06da8340c6850ebc034d773599ae54e09770aaad926a75630688fca1e5/analysis/1455731939/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b635-2a68-40ad-9a40-44f102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:09.000Z",
|
|
"modified": "2016-04-27T12:53:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 17d083988dd5e6d9c2517899ae30bb02",
|
|
"pattern": "[file:hashes.SHA256 = '98e24201dd7825242a6459ff72f6d6b7946586a173b9c4d52b4b72abea594d47']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b635-b40c-47bb-8b48-439902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:09.000Z",
|
|
"modified": "2016-04-27T12:53:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 17d083988dd5e6d9c2517899ae30bb02",
|
|
"pattern": "[file:hashes.SHA1 = '88e5c3b241423f706cb9dc6d9592a610567f63bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b635-b8f4-45a7-a712-464e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:09.000Z",
|
|
"modified": "2016-04-27T12:53:09.000Z",
|
|
"first_observed": "2016-04-27T12:53:09Z",
|
|
"last_observed": "2016-04-27T12:53:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b635-b8f4-45a7-a712-464e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b635-b8f4-45a7-a712-464e02de0b81",
|
|
"value": "https://www.virustotal.com/file/98e24201dd7825242a6459ff72f6d6b7946586a173b9c4d52b4b72abea594d47/analysis/1454318913/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b635-abcc-4814-90df-46a802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:09.000Z",
|
|
"modified": "2016-04-27T12:53:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 17bfe26e9a767c83df2aab368085e3c2",
|
|
"pattern": "[file:hashes.SHA256 = '47f1eed6f8c74eee322bb1168ea6e7ac3be343eecfbbeb84030ee2b969438df9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b635-ce48-4d8c-8cdf-424202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:09.000Z",
|
|
"modified": "2016-04-27T12:53:09.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 17bfe26e9a767c83df2aab368085e3c2",
|
|
"pattern": "[file:hashes.SHA1 = '53c8e79b9dc2bb9f0309d70d693fa845c069f2c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b636-99c0-4f9c-b30a-424402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:10.000Z",
|
|
"modified": "2016-04-27T12:53:10.000Z",
|
|
"first_observed": "2016-04-27T12:53:10Z",
|
|
"last_observed": "2016-04-27T12:53:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b636-99c0-4f9c-b30a-424402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b636-99c0-4f9c-b30a-424402de0b81",
|
|
"value": "https://www.virustotal.com/file/47f1eed6f8c74eee322bb1168ea6e7ac3be343eecfbbeb84030ee2b969438df9/analysis/1458148964/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b636-4b1c-4ce7-83e5-4c4202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:10.000Z",
|
|
"modified": "2016-04-27T12:53:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 177af9700bcc8b7c8c131b662e8cdda8",
|
|
"pattern": "[file:hashes.SHA256 = '860a2343713eda79f84d588eddf72f1b230e26aead36bdca0381ec3bf381fd92']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b636-95dc-424e-bf93-476102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:10.000Z",
|
|
"modified": "2016-04-27T12:53:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 177af9700bcc8b7c8c131b662e8cdda8",
|
|
"pattern": "[file:hashes.SHA1 = '88ad8f97f53b67d16a6f7a483c59c447743fe733']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b636-5cd4-4e0a-92e1-4def02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:10.000Z",
|
|
"modified": "2016-04-27T12:53:10.000Z",
|
|
"first_observed": "2016-04-27T12:53:10Z",
|
|
"last_observed": "2016-04-27T12:53:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b636-5cd4-4e0a-92e1-4def02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b636-5cd4-4e0a-92e1-4def02de0b81",
|
|
"value": "https://www.virustotal.com/file/860a2343713eda79f84d588eddf72f1b230e26aead36bdca0381ec3bf381fd92/analysis/1460326296/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b636-8ef4-4235-a92a-43a602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:10.000Z",
|
|
"modified": "2016-04-27T12:53:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1711081b5ba5c3941ae01d80819c7530",
|
|
"pattern": "[file:hashes.SHA256 = 'af231115e62a39c430f1ff7fa6170a8758c8eb8e7d8f24f9c7ea23d9ca7767c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b636-c6b8-4cdf-9d8e-474502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:10.000Z",
|
|
"modified": "2016-04-27T12:53:10.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1711081b5ba5c3941ae01d80819c7530",
|
|
"pattern": "[file:hashes.SHA1 = 'f54e7d5d9514860696839d8a37f6b9bc92afe0dd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b637-2b0c-431d-961b-4c6c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:11.000Z",
|
|
"modified": "2016-04-27T12:53:11.000Z",
|
|
"first_observed": "2016-04-27T12:53:11Z",
|
|
"last_observed": "2016-04-27T12:53:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b637-2b0c-431d-961b-4c6c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b637-2b0c-431d-961b-4c6c02de0b81",
|
|
"value": "https://www.virustotal.com/file/af231115e62a39c430f1ff7fa6170a8758c8eb8e7d8f24f9c7ea23d9ca7767c0/analysis/1457936474/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b637-a018-4a75-bb7d-439002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:11.000Z",
|
|
"modified": "2016-04-27T12:53:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 16ec62c1d7d4ac3f3d7d743fc1e21bf6",
|
|
"pattern": "[file:hashes.SHA256 = 'ba0f10ea5431e91967d14293ccfe88a67bbcc1cf746470df6f5f67d0d63b9648']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b637-0534-4107-baed-43e702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:11.000Z",
|
|
"modified": "2016-04-27T12:53:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 16ec62c1d7d4ac3f3d7d743fc1e21bf6",
|
|
"pattern": "[file:hashes.SHA1 = 'aa86376d6accf493d1c7f873ce44c6bee40ea59b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b637-1ed0-4241-8649-4a6302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:11.000Z",
|
|
"modified": "2016-04-27T12:53:11.000Z",
|
|
"first_observed": "2016-04-27T12:53:11Z",
|
|
"last_observed": "2016-04-27T12:53:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b637-1ed0-4241-8649-4a6302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b637-1ed0-4241-8649-4a6302de0b81",
|
|
"value": "https://www.virustotal.com/file/ba0f10ea5431e91967d14293ccfe88a67bbcc1cf746470df6f5f67d0d63b9648/analysis/1454935799/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b637-fce8-4bdc-b0c1-454702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:11.000Z",
|
|
"modified": "2016-04-27T12:53:11.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 16b778921b6db27a2af23dd8ce1fac3e",
|
|
"pattern": "[file:hashes.SHA256 = '6adb0ef3faaa9bf426d01e06e68bb0b707e6a0ed51daa3115de055f4162116e2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b638-93bc-4530-9377-433f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:12.000Z",
|
|
"modified": "2016-04-27T12:53:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 16b778921b6db27a2af23dd8ce1fac3e",
|
|
"pattern": "[file:hashes.SHA1 = '2086882d29838aa09916e4486c1c980c05560397']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b638-d1a4-4259-b778-437402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:12.000Z",
|
|
"modified": "2016-04-27T12:53:12.000Z",
|
|
"first_observed": "2016-04-27T12:53:12Z",
|
|
"last_observed": "2016-04-27T12:53:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b638-d1a4-4259-b778-437402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b638-d1a4-4259-b778-437402de0b81",
|
|
"value": "https://www.virustotal.com/file/6adb0ef3faaa9bf426d01e06e68bb0b707e6a0ed51daa3115de055f4162116e2/analysis/1455731644/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b638-dafc-4d5c-808a-4c1902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:12.000Z",
|
|
"modified": "2016-04-27T12:53:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1693f424742279a8678322a012222a02",
|
|
"pattern": "[file:hashes.SHA256 = '930654125e948b873ee504a12c72a0719848b91f39af9438e43698e501a08d3f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b638-854c-4b1e-90a5-44c202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:12.000Z",
|
|
"modified": "2016-04-27T12:53:12.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 1693f424742279a8678322a012222a02",
|
|
"pattern": "[file:hashes.SHA1 = 'f126a394cec1f478e7825a214d2c8e74e8ecd476']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b638-b540-43c1-8c52-4f6402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:12.000Z",
|
|
"modified": "2016-04-27T12:53:12.000Z",
|
|
"first_observed": "2016-04-27T12:53:12Z",
|
|
"last_observed": "2016-04-27T12:53:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b638-b540-43c1-8c52-4f6402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b638-b540-43c1-8c52-4f6402de0b81",
|
|
"value": "https://www.virustotal.com/file/930654125e948b873ee504a12c72a0719848b91f39af9438e43698e501a08d3f/analysis/1455731638/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b639-5860-49f3-8481-4ed502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:13.000Z",
|
|
"modified": "2016-04-27T12:53:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 14c7f0dc55b5dd0c7e39f455baae3089",
|
|
"pattern": "[file:hashes.SHA256 = '8e8ddef9d629eed0121cb69fd2ca35f0ab5d478bf0dbeaa18545d8fffce60272']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b639-b9a8-4b78-8a90-4dc202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:13.000Z",
|
|
"modified": "2016-04-27T12:53:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 14c7f0dc55b5dd0c7e39f455baae3089",
|
|
"pattern": "[file:hashes.SHA1 = '73483fc0784d407675538e69ab78a5174a9a75a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b639-34fc-416e-8649-4dee02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:13.000Z",
|
|
"modified": "2016-04-27T12:53:13.000Z",
|
|
"first_observed": "2016-04-27T12:53:13Z",
|
|
"last_observed": "2016-04-27T12:53:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b639-34fc-416e-8649-4dee02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b639-34fc-416e-8649-4dee02de0b81",
|
|
"value": "https://www.virustotal.com/file/8e8ddef9d629eed0121cb69fd2ca35f0ab5d478bf0dbeaa18545d8fffce60272/analysis/1457845462/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b639-0c00-4882-b323-4cb502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:13.000Z",
|
|
"modified": "2016-04-27T12:53:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 14a8246474ed819a4dfcc3cb06e98954",
|
|
"pattern": "[file:hashes.SHA256 = '1e53adbefa2723368677f52268a62e056849c1952a750561e0a3079bd31a9da0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b639-9000-4546-b915-44b102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:13.000Z",
|
|
"modified": "2016-04-27T12:53:13.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 14a8246474ed819a4dfcc3cb06e98954",
|
|
"pattern": "[file:hashes.SHA1 = '0f4f4ffee0090a5dd621fcd7b16b8d0c8452a4bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b639-73fc-4d77-8341-4bfc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:13.000Z",
|
|
"modified": "2016-04-27T12:53:13.000Z",
|
|
"first_observed": "2016-04-27T12:53:13Z",
|
|
"last_observed": "2016-04-27T12:53:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b639-73fc-4d77-8341-4bfc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b639-73fc-4d77-8341-4bfc02de0b81",
|
|
"value": "https://www.virustotal.com/file/1e53adbefa2723368677f52268a62e056849c1952a750561e0a3079bd31a9da0/analysis/1457364384/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63a-b458-43a7-b622-499e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:14.000Z",
|
|
"modified": "2016-04-27T12:53:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 128576fbdb7d2980c5a52cd3286bcca8",
|
|
"pattern": "[file:hashes.SHA256 = 'ae43feb9ecdbb7c9b45edbcf860e9ecc9c080ecb87fd10b38342fec2d001d0ee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63a-875c-4955-9231-4ce602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:14.000Z",
|
|
"modified": "2016-04-27T12:53:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 128576fbdb7d2980c5a52cd3286bcca8",
|
|
"pattern": "[file:hashes.SHA1 = 'e73efb0e729695b56f46182ea87fb9b75c4a5306']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63a-1364-434f-97d3-477702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:14.000Z",
|
|
"modified": "2016-04-27T12:53:14.000Z",
|
|
"first_observed": "2016-04-27T12:53:14Z",
|
|
"last_observed": "2016-04-27T12:53:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63a-1364-434f-97d3-477702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63a-1364-434f-97d3-477702de0b81",
|
|
"value": "https://www.virustotal.com/file/ae43feb9ecdbb7c9b45edbcf860e9ecc9c080ecb87fd10b38342fec2d001d0ee/analysis/1460379363/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63a-f300-43ea-9fd0-4bd402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:14.000Z",
|
|
"modified": "2016-04-27T12:53:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 120561bfced94cc1ce5cda03b203dbf8",
|
|
"pattern": "[file:hashes.SHA256 = '7bd9d343b9da221e8ad189a8230d221ccd6dab85fd5f99cb4fda056e92873a65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63a-e8b8-4a93-a8a3-48c202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:14.000Z",
|
|
"modified": "2016-04-27T12:53:14.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 120561bfced94cc1ce5cda03b203dbf8",
|
|
"pattern": "[file:hashes.SHA1 = 'ff8ddf5739950f4a6152e67b93aa28c63135882f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63b-fe50-4fd2-a8a6-44dc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:15.000Z",
|
|
"modified": "2016-04-27T12:53:15.000Z",
|
|
"first_observed": "2016-04-27T12:53:15Z",
|
|
"last_observed": "2016-04-27T12:53:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63b-fe50-4fd2-a8a6-44dc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63b-fe50-4fd2-a8a6-44dc02de0b81",
|
|
"value": "https://www.virustotal.com/file/7bd9d343b9da221e8ad189a8230d221ccd6dab85fd5f99cb4fda056e92873a65/analysis/1455730754/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63b-3b38-472a-89ce-40a002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:15.000Z",
|
|
"modified": "2016-04-27T12:53:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 11d425602d3c8311d1e18df35db1daa3",
|
|
"pattern": "[file:hashes.SHA256 = 'aa76e83d6add22b30d8f70e4c339289a494af77c6bc69d05864f0247bc57c136']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63b-8ec0-4ac0-a25c-4da902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:15.000Z",
|
|
"modified": "2016-04-27T12:53:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 11d425602d3c8311d1e18df35db1daa3",
|
|
"pattern": "[file:hashes.SHA1 = 'd0e5fb2278f15f207175059577d8b49d5ecce385']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63b-fd4c-4c06-829c-4d8d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:15.000Z",
|
|
"modified": "2016-04-27T12:53:15.000Z",
|
|
"first_observed": "2016-04-27T12:53:15Z",
|
|
"last_observed": "2016-04-27T12:53:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63b-fd4c-4c06-829c-4d8d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63b-fd4c-4c06-829c-4d8d02de0b81",
|
|
"value": "https://www.virustotal.com/file/aa76e83d6add22b30d8f70e4c339289a494af77c6bc69d05864f0247bc57c136/analysis/1460380751/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63b-8668-4e43-9d37-449e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:15.000Z",
|
|
"modified": "2016-04-27T12:53:15.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 10c58dd41d95a81b1043059563860c1c",
|
|
"pattern": "[file:hashes.SHA256 = '65a2d5edb05f52bcb2ac894118be4943c357bf1738ad9e24bb0e7982fce5a2df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63c-6650-431a-b5fc-454302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:16.000Z",
|
|
"modified": "2016-04-27T12:53:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 10c58dd41d95a81b1043059563860c1c",
|
|
"pattern": "[file:hashes.SHA1 = '371f05fda259b4c7014729429ae1f494694dbaee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63c-7660-4eeb-8227-4cde02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:16.000Z",
|
|
"modified": "2016-04-27T12:53:16.000Z",
|
|
"first_observed": "2016-04-27T12:53:16Z",
|
|
"last_observed": "2016-04-27T12:53:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63c-7660-4eeb-8227-4cde02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63c-7660-4eeb-8227-4cde02de0b81",
|
|
"value": "https://www.virustotal.com/file/65a2d5edb05f52bcb2ac894118be4943c357bf1738ad9e24bb0e7982fce5a2df/analysis/1455938461/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63c-0e1c-4b58-9bde-4c5b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:16.000Z",
|
|
"modified": "2016-04-27T12:53:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 104859f80028792fbd3a0a0ea1e6fd78",
|
|
"pattern": "[file:hashes.SHA256 = '8f52cf2970f6678b630e38b52318cc6dae43f639cb0fb296380f05dd9d9d47de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63c-d0f8-48ee-b1b1-4a4102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:16.000Z",
|
|
"modified": "2016-04-27T12:53:16.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 104859f80028792fbd3a0a0ea1e6fd78",
|
|
"pattern": "[file:hashes.SHA1 = '9ccc45b09f812748edbf5da6d533b60cf2f37093']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63c-05a4-46db-9915-42e602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:16.000Z",
|
|
"modified": "2016-04-27T12:53:16.000Z",
|
|
"first_observed": "2016-04-27T12:53:16Z",
|
|
"last_observed": "2016-04-27T12:53:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63c-05a4-46db-9915-42e602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63c-05a4-46db-9915-42e602de0b81",
|
|
"value": "https://www.virustotal.com/file/8f52cf2970f6678b630e38b52318cc6dae43f639cb0fb296380f05dd9d9d47de/analysis/1458800429/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63d-bd00-40f8-b7a4-458502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:17.000Z",
|
|
"modified": "2016-04-27T12:53:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0fa1ffbcfe0afc6a4a57fed513a72eb6",
|
|
"pattern": "[file:hashes.SHA256 = '9b15284b6346a89f35c97dfe3ccc68e2c0fb31687afef66a8b64b175dd239a44']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63d-8aa8-47b1-adca-4dac02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:17.000Z",
|
|
"modified": "2016-04-27T12:53:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0fa1ffbcfe0afc6a4a57fed513a72eb6",
|
|
"pattern": "[file:hashes.SHA1 = 'a8180bfa6712d34fb1fbd178d915bad60d973bce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63d-f094-4288-82c4-4a3802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:17.000Z",
|
|
"modified": "2016-04-27T12:53:17.000Z",
|
|
"first_observed": "2016-04-27T12:53:17Z",
|
|
"last_observed": "2016-04-27T12:53:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63d-f094-4288-82c4-4a3802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63d-f094-4288-82c4-4a3802de0b81",
|
|
"value": "https://www.virustotal.com/file/9b15284b6346a89f35c97dfe3ccc68e2c0fb31687afef66a8b64b175dd239a44/analysis/1458224123/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63d-31f0-4c5b-bc43-416f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:17.000Z",
|
|
"modified": "2016-04-27T12:53:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0f5a6b34e952c5c44aa6f4a5538a6f2b",
|
|
"pattern": "[file:hashes.SHA256 = '6f7effb9522dad0e1777a162512451d529b1c64d3627a83482b4b997f738fc42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63d-e878-406b-a63f-45a002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:17.000Z",
|
|
"modified": "2016-04-27T12:53:17.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0f5a6b34e952c5c44aa6f4a5538a6f2b",
|
|
"pattern": "[file:hashes.SHA1 = '81262f19d3aa0b3e6f3e1c945f08575ffb13461d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63d-e894-47bc-827e-494102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:17.000Z",
|
|
"modified": "2016-04-27T12:53:17.000Z",
|
|
"first_observed": "2016-04-27T12:53:17Z",
|
|
"last_observed": "2016-04-27T12:53:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63d-e894-47bc-827e-494102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63d-e894-47bc-827e-494102de0b81",
|
|
"value": "https://www.virustotal.com/file/6f7effb9522dad0e1777a162512451d529b1c64d3627a83482b4b997f738fc42/analysis/1458564412/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63e-de70-4f0c-a7da-4be702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:18.000Z",
|
|
"modified": "2016-04-27T12:53:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0f280e86268da04dc2aa65b03f440c1a",
|
|
"pattern": "[file:hashes.SHA256 = 'de487d6c4f4fede7a974b8397b0ababc3e871a1c1ce80f8f00f683766d4a756b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63e-0b84-4c0a-be80-42af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:18.000Z",
|
|
"modified": "2016-04-27T12:53:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0f280e86268da04dc2aa65b03f440c1a",
|
|
"pattern": "[file:hashes.SHA1 = '94fb79f9cc27d0ebe841010f0456e0f3df20cdbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63e-d7c0-47cd-88d1-4fe802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:18.000Z",
|
|
"modified": "2016-04-27T12:53:18.000Z",
|
|
"first_observed": "2016-04-27T12:53:18Z",
|
|
"last_observed": "2016-04-27T12:53:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63e-d7c0-47cd-88d1-4fe802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63e-d7c0-47cd-88d1-4fe802de0b81",
|
|
"value": "https://www.virustotal.com/file/de487d6c4f4fede7a974b8397b0ababc3e871a1c1ce80f8f00f683766d4a756b/analysis/1457422009/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63e-d5d4-4d30-b988-4e0d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:18.000Z",
|
|
"modified": "2016-04-27T12:53:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0ea83ffc776389a19047947aba5b4324",
|
|
"pattern": "[file:hashes.SHA256 = 'bc907bdc1d6c051ba71da43f95d86aae6e256a5d392762e05d65b06752b005b2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63e-ebe4-48ed-b163-466702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:18.000Z",
|
|
"modified": "2016-04-27T12:53:18.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0ea83ffc776389a19047947aba5b4324",
|
|
"pattern": "[file:hashes.SHA1 = 'cabf6228cb3c83bd6975125734610e7afba1aca1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63f-333c-4595-bd5c-422c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:19.000Z",
|
|
"modified": "2016-04-27T12:53:19.000Z",
|
|
"first_observed": "2016-04-27T12:53:19Z",
|
|
"last_observed": "2016-04-27T12:53:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63f-333c-4595-bd5c-422c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63f-333c-4595-bd5c-422c02de0b81",
|
|
"value": "https://www.virustotal.com/file/bc907bdc1d6c051ba71da43f95d86aae6e256a5d392762e05d65b06752b005b2/analysis/1460374270/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63f-b57c-48ea-acac-441c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:19.000Z",
|
|
"modified": "2016-04-27T12:53:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0e8ef8108418ca0547b195335ee1dd2c",
|
|
"pattern": "[file:hashes.SHA256 = '992bb00697c19462c220a896c4d08ec8f3f91af01ca94844a09e350c5f5a3041']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63f-0678-4ecf-b3c8-450b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:19.000Z",
|
|
"modified": "2016-04-27T12:53:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0e8ef8108418ca0547b195335ee1dd2c",
|
|
"pattern": "[file:hashes.SHA1 = '9a9251bc0e00cd38e30d1a8b5842a2d58daff4ea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b63f-28f4-484e-96af-482002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:19.000Z",
|
|
"modified": "2016-04-27T12:53:19.000Z",
|
|
"first_observed": "2016-04-27T12:53:19Z",
|
|
"last_observed": "2016-04-27T12:53:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b63f-28f4-484e-96af-482002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b63f-28f4-484e-96af-482002de0b81",
|
|
"value": "https://www.virustotal.com/file/992bb00697c19462c220a896c4d08ec8f3f91af01ca94844a09e350c5f5a3041/analysis/1456673690/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b63f-87a8-45a8-ad56-403602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:19.000Z",
|
|
"modified": "2016-04-27T12:53:19.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0e89415cdd06656d03ef498fd1dd5e9b",
|
|
"pattern": "[file:hashes.SHA256 = '9a567725fa8800823e9b02d713d489cd174bd83c90984e87c6e0781c456d56cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b640-9980-49ac-9bc6-450f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:20.000Z",
|
|
"modified": "2016-04-27T12:53:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0e89415cdd06656d03ef498fd1dd5e9b",
|
|
"pattern": "[file:hashes.SHA1 = '6c5507057fea93aa77085f2025d0bf5a906ea05e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b640-d130-4fd1-8a80-4cdf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:20.000Z",
|
|
"modified": "2016-04-27T12:53:20.000Z",
|
|
"first_observed": "2016-04-27T12:53:20Z",
|
|
"last_observed": "2016-04-27T12:53:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b640-d130-4fd1-8a80-4cdf02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b640-d130-4fd1-8a80-4cdf02de0b81",
|
|
"value": "https://www.virustotal.com/file/9a567725fa8800823e9b02d713d489cd174bd83c90984e87c6e0781c456d56cf/analysis/1456415652/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b640-6100-4ad3-b907-4a8002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:20.000Z",
|
|
"modified": "2016-04-27T12:53:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0dd40d2f4c90aec333445112fb333c88",
|
|
"pattern": "[file:hashes.SHA256 = '7c84c4a55add83786953d54559ffe97b58a1148c6fca718a9963caa40f25a905']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b640-2d58-4554-88fc-46b702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:20.000Z",
|
|
"modified": "2016-04-27T12:53:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0dd40d2f4c90aec333445112fb333c88",
|
|
"pattern": "[file:hashes.SHA1 = '04397b26efef5d67510a155594ed346b90ab2725']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b640-48d4-45c9-896f-43a002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:20.000Z",
|
|
"modified": "2016-04-27T12:53:20.000Z",
|
|
"first_observed": "2016-04-27T12:53:20Z",
|
|
"last_observed": "2016-04-27T12:53:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b640-48d4-45c9-896f-43a002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b640-48d4-45c9-896f-43a002de0b81",
|
|
"value": "https://www.virustotal.com/file/7c84c4a55add83786953d54559ffe97b58a1148c6fca718a9963caa40f25a905/analysis/1457870278/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b640-ff90-4584-b7d3-49fa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:20.000Z",
|
|
"modified": "2016-04-27T12:53:20.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0dd1d8d348a3de7ed419da54ae878d37",
|
|
"pattern": "[file:hashes.SHA256 = '0bf3010b867c0b29766f655d06ef7d2ffd63dde6b891fb67c68427a37263bfaa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b641-311c-48aa-912b-4d6302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:21.000Z",
|
|
"modified": "2016-04-27T12:53:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0dd1d8d348a3de7ed419da54ae878d37",
|
|
"pattern": "[file:hashes.SHA1 = '2ebff4e1263ae70bf8d81dcf7fafa8cd45b9f2c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b641-8010-4819-ab6f-42be02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:21.000Z",
|
|
"modified": "2016-04-27T12:53:21.000Z",
|
|
"first_observed": "2016-04-27T12:53:21Z",
|
|
"last_observed": "2016-04-27T12:53:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b641-8010-4819-ab6f-42be02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b641-8010-4819-ab6f-42be02de0b81",
|
|
"value": "https://www.virustotal.com/file/0bf3010b867c0b29766f655d06ef7d2ffd63dde6b891fb67c68427a37263bfaa/analysis/1461295885/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b641-57c0-4e7d-a54f-497302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:21.000Z",
|
|
"modified": "2016-04-27T12:53:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0c75764d172364c239fc22c9c3e21275",
|
|
"pattern": "[file:hashes.SHA256 = '41028ca85e3a3207fe8e849486c3eabdd970da7f95571da09ca6a07b94d31718']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b641-fbdc-48c6-9961-4b7d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:21.000Z",
|
|
"modified": "2016-04-27T12:53:21.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0c75764d172364c239fc22c9c3e21275",
|
|
"pattern": "[file:hashes.SHA1 = '7285fa0a2738771ec7a4a4e38929db6c3df499e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b641-0cd8-4271-9941-4fa602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:21.000Z",
|
|
"modified": "2016-04-27T12:53:21.000Z",
|
|
"first_observed": "2016-04-27T12:53:21Z",
|
|
"last_observed": "2016-04-27T12:53:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b641-0cd8-4271-9941-4fa602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b641-0cd8-4271-9941-4fa602de0b81",
|
|
"value": "https://www.virustotal.com/file/41028ca85e3a3207fe8e849486c3eabdd970da7f95571da09ca6a07b94d31718/analysis/1457936448/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b642-fbb0-4022-ad19-410802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:22.000Z",
|
|
"modified": "2016-04-27T12:53:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0c3dbcffb91d154b2b320b2fce972f39",
|
|
"pattern": "[file:hashes.SHA256 = 'c2c2c6b5061bc74ea620b850b47f3fcd01ecb4666a76cf596461f5267eff282a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b642-d574-45b9-99ca-455902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:22.000Z",
|
|
"modified": "2016-04-27T12:53:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0c3dbcffb91d154b2b320b2fce972f39",
|
|
"pattern": "[file:hashes.SHA1 = '7284661f4b856037e55d94760ecd142a22a61823']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b642-42c4-43a0-abfa-48af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:22.000Z",
|
|
"modified": "2016-04-27T12:53:22.000Z",
|
|
"first_observed": "2016-04-27T12:53:22Z",
|
|
"last_observed": "2016-04-27T12:53:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b642-42c4-43a0-abfa-48af02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b642-42c4-43a0-abfa-48af02de0b81",
|
|
"value": "https://www.virustotal.com/file/c2c2c6b5061bc74ea620b850b47f3fcd01ecb4666a76cf596461f5267eff282a/analysis/1460371953/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b642-6d5c-4794-a8e8-472a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:22.000Z",
|
|
"modified": "2016-04-27T12:53:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0abf7a57855c2312661fdc2b6245eef8",
|
|
"pattern": "[file:hashes.SHA256 = '3180becf48900f8c5514a4a91cf4ff4f0c2edaf2e2961f7d7de820b720d00da0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b642-37c4-4459-804b-4fa002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:22.000Z",
|
|
"modified": "2016-04-27T12:53:22.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0abf7a57855c2312661fdc2b6245eef8",
|
|
"pattern": "[file:hashes.SHA1 = 'eff6f31d1047fe7431500eb7b6f71efc813896c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b643-056c-4cc6-875a-42af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:23.000Z",
|
|
"modified": "2016-04-27T12:53:23.000Z",
|
|
"first_observed": "2016-04-27T12:53:23Z",
|
|
"last_observed": "2016-04-27T12:53:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b643-056c-4cc6-875a-42af02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b643-056c-4cc6-875a-42af02de0b81",
|
|
"value": "https://www.virustotal.com/file/3180becf48900f8c5514a4a91cf4ff4f0c2edaf2e2961f7d7de820b720d00da0/analysis/1454935741/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b643-42cc-4c17-a29b-49c302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:23.000Z",
|
|
"modified": "2016-04-27T12:53:23.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0a3b9c27b539498b46e93dbdcfb3de1e",
|
|
"pattern": "[file:hashes.SHA256 = 'dd98f29c4db00503db16d9db6336a6ed3cb19771b1324007d06c54f83e332afd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b644-f7c8-4f74-95ac-489b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:24.000Z",
|
|
"modified": "2016-04-27T12:53:24.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0a3b9c27b539498b46e93dbdcfb3de1e",
|
|
"pattern": "[file:hashes.SHA1 = 'ff4e04d05b3e01181a296c217114ef3748ee8d04']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b644-09cc-4883-9f21-4bb302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:24.000Z",
|
|
"modified": "2016-04-27T12:53:24.000Z",
|
|
"first_observed": "2016-04-27T12:53:24Z",
|
|
"last_observed": "2016-04-27T12:53:24Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b644-09cc-4883-9f21-4bb302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b644-09cc-4883-9f21-4bb302de0b81",
|
|
"value": "https://www.virustotal.com/file/dd98f29c4db00503db16d9db6336a6ed3cb19771b1324007d06c54f83e332afd/analysis/1460363810/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b645-4068-413a-9355-42b202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:25.000Z",
|
|
"modified": "2016-04-27T12:53:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0a22ceac6a0ee242ace454a39bff5e18",
|
|
"pattern": "[file:hashes.SHA256 = 'f61e3e022cafe04add649eab9173317440845bdbc022060225f3c6d4b2e9d4a1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b645-0c84-4bc0-a8ed-40a402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:25.000Z",
|
|
"modified": "2016-04-27T12:53:25.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0a22ceac6a0ee242ace454a39bff5e18",
|
|
"pattern": "[file:hashes.SHA1 = '55fec8294a1b7cf5255971a6e79366708c1a20d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b646-a7b4-4b70-981f-424a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:26.000Z",
|
|
"modified": "2016-04-27T12:53:26.000Z",
|
|
"first_observed": "2016-04-27T12:53:26Z",
|
|
"last_observed": "2016-04-27T12:53:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b646-a7b4-4b70-981f-424a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b646-a7b4-4b70-981f-424a02de0b81",
|
|
"value": "https://www.virustotal.com/file/f61e3e022cafe04add649eab9173317440845bdbc022060225f3c6d4b2e9d4a1/analysis/1460355230/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b646-1a10-4637-a37f-421202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:26.000Z",
|
|
"modified": "2016-04-27T12:53:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0964ee11f6d19c2297bce3cb484a2459",
|
|
"pattern": "[file:hashes.SHA256 = 'ca5b0950cba9cfc5fad9cdae88eb481a95a9080cd30637eba50e358f27017082']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b646-4e44-4bad-a0f0-4e0b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:26.000Z",
|
|
"modified": "2016-04-27T12:53:26.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0964ee11f6d19c2297bce3cb484a2459",
|
|
"pattern": "[file:hashes.SHA1 = 'd136337c0725c67c09016492abbbafb1d513479c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b646-f410-4a1b-8ba0-46ad02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:26.000Z",
|
|
"modified": "2016-04-27T12:53:26.000Z",
|
|
"first_observed": "2016-04-27T12:53:26Z",
|
|
"last_observed": "2016-04-27T12:53:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b646-f410-4a1b-8ba0-46ad02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b646-f410-4a1b-8ba0-46ad02de0b81",
|
|
"value": "https://www.virustotal.com/file/ca5b0950cba9cfc5fad9cdae88eb481a95a9080cd30637eba50e358f27017082/analysis/1455730097/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b647-1a14-417b-a807-456402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:27.000Z",
|
|
"modified": "2016-04-27T12:53:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0927b599d9599dcd13b6ef5f899ef4d9",
|
|
"pattern": "[file:hashes.SHA256 = '441a543c0cde2d03be5e29149a1fb4a778d03c20eb0581f8442ababd8ce32d62']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b647-b2c8-4639-9c11-454802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:27.000Z",
|
|
"modified": "2016-04-27T12:53:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0927b599d9599dcd13b6ef5f899ef4d9",
|
|
"pattern": "[file:hashes.SHA1 = '13ac115b09816022bd92a6933f21d8021b561ad4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b647-64d4-4d3c-b2d2-41d402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:27.000Z",
|
|
"modified": "2016-04-27T12:53:27.000Z",
|
|
"first_observed": "2016-04-27T12:53:27Z",
|
|
"last_observed": "2016-04-27T12:53:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b647-64d4-4d3c-b2d2-41d402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b647-64d4-4d3c-b2d2-41d402de0b81",
|
|
"value": "https://www.virustotal.com/file/441a543c0cde2d03be5e29149a1fb4a778d03c20eb0581f8442ababd8ce32d62/analysis/1461400481/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b647-c38c-42f9-b6e0-472d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:27.000Z",
|
|
"modified": "2016-04-27T12:53:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 081b04697f96568356d7b21ac946fb7c",
|
|
"pattern": "[file:hashes.SHA256 = '7f0f530d35d100657493b7ec06e7d2067367ba0169d9b29b1d0e8fbd9b7ce635']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b647-4864-4718-8303-47a302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:27.000Z",
|
|
"modified": "2016-04-27T12:53:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 081b04697f96568356d7b21ac946fb7c",
|
|
"pattern": "[file:hashes.SHA1 = 'da423f6fff9810d77ed47eaff248052e80b7d4d6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b647-44b4-48d6-a642-4e7b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:27.000Z",
|
|
"modified": "2016-04-27T12:53:27.000Z",
|
|
"first_observed": "2016-04-27T12:53:27Z",
|
|
"last_observed": "2016-04-27T12:53:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b647-44b4-48d6-a642-4e7b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b647-44b4-48d6-a642-4e7b02de0b81",
|
|
"value": "https://www.virustotal.com/file/7f0f530d35d100657493b7ec06e7d2067367ba0169d9b29b1d0e8fbd9b7ce635/analysis/1455730023/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b647-de1c-441a-9133-43b402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:27.000Z",
|
|
"modified": "2016-04-27T12:53:27.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0749e775f963fdab30583914f01486e3",
|
|
"pattern": "[file:hashes.SHA256 = '813b44e48530519d62976007166e82a235e2495fbdccb7132a10daa0e2e53e0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b648-66e8-4e60-b541-473602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:28.000Z",
|
|
"modified": "2016-04-27T12:53:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0749e775f963fdab30583914f01486e3",
|
|
"pattern": "[file:hashes.SHA1 = 'd1a5678d76c85bac9932929ba829bb57bbceab77']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b648-4fe0-4d5a-b4b6-4e0902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:28.000Z",
|
|
"modified": "2016-04-27T12:53:28.000Z",
|
|
"first_observed": "2016-04-27T12:53:28Z",
|
|
"last_observed": "2016-04-27T12:53:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b648-4fe0-4d5a-b4b6-4e0902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b648-4fe0-4d5a-b4b6-4e0902de0b81",
|
|
"value": "https://www.virustotal.com/file/813b44e48530519d62976007166e82a235e2495fbdccb7132a10daa0e2e53e0f/analysis/1455730085/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b648-776c-41a7-a01f-4fce02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:28.000Z",
|
|
"modified": "2016-04-27T12:53:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 066e171fc083c5e21ac58026870a4ae8",
|
|
"pattern": "[file:hashes.SHA256 = '0df9d1ebf5a7ca4c02ffb93d0c2c988c85d7de67a7c0f6dbdcade1b30fdaeb54']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b648-d9f8-4c85-8c97-4ff302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:28.000Z",
|
|
"modified": "2016-04-27T12:53:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 066e171fc083c5e21ac58026870a4ae8",
|
|
"pattern": "[file:hashes.SHA1 = '1a14bd5004e64f83510186b60e5ae3fab89f0a37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b648-0ea8-4097-9f5b-45ca02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:28.000Z",
|
|
"modified": "2016-04-27T12:53:28.000Z",
|
|
"first_observed": "2016-04-27T12:53:28Z",
|
|
"last_observed": "2016-04-27T12:53:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b648-0ea8-4097-9f5b-45ca02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b648-0ea8-4097-9f5b-45ca02de0b81",
|
|
"value": "https://www.virustotal.com/file/0df9d1ebf5a7ca4c02ffb93d0c2c988c85d7de67a7c0f6dbdcade1b30fdaeb54/analysis/1460138613/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b648-595c-417e-baf9-4dd002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:28.000Z",
|
|
"modified": "2016-04-27T12:53:28.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 064799b5c74a5bae5416d03cf5ff4202",
|
|
"pattern": "[file:hashes.SHA256 = '2847647469dab54d1395481e353c043c6930180fd0b28a01146928507f484afb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b649-f320-4112-8fff-44d602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:29.000Z",
|
|
"modified": "2016-04-27T12:53:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 064799b5c74a5bae5416d03cf5ff4202",
|
|
"pattern": "[file:hashes.SHA1 = '81fc2dcdc6211b8df111bac051381188e67021e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b649-0ce4-4b48-9be2-4c4602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:29.000Z",
|
|
"modified": "2016-04-27T12:53:29.000Z",
|
|
"first_observed": "2016-04-27T12:53:29Z",
|
|
"last_observed": "2016-04-27T12:53:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b649-0ce4-4b48-9be2-4c4602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b649-0ce4-4b48-9be2-4c4602de0b81",
|
|
"value": "https://www.virustotal.com/file/2847647469dab54d1395481e353c043c6930180fd0b28a01146928507f484afb/analysis/1459256981/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b649-e680-428d-a1b1-41c502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:29.000Z",
|
|
"modified": "2016-04-27T12:53:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 053c247a1c176af8c9e42fe93fb47c9d",
|
|
"pattern": "[file:hashes.SHA256 = '31d9eb2eef1cb31fc76e5b0f774d3da11fab6659fb6787c7540620a9e16c958f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b649-eef8-4951-9390-409c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:29.000Z",
|
|
"modified": "2016-04-27T12:53:29.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 053c247a1c176af8c9e42fe93fb47c9d",
|
|
"pattern": "[file:hashes.SHA1 = '6730b99d1c4c4f809fd77912bac631e18fbeb3b9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b649-8434-4b1a-a098-4501950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:29.000Z",
|
|
"modified": "2016-04-27T12:53:29.000Z",
|
|
"first_observed": "2016-04-27T12:53:29Z",
|
|
"last_observed": "2016-04-27T12:53:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b649-8434-4b1a-a098-4501950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b649-8434-4b1a-a098-4501950d210f",
|
|
"value": "https://www.virustotal.com/en/domain/cacamadf.bget.ru/information/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b649-0ba0-44c7-9f92-459702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:29.000Z",
|
|
"modified": "2016-04-27T12:53:29.000Z",
|
|
"first_observed": "2016-04-27T12:53:29Z",
|
|
"last_observed": "2016-04-27T12:53:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b649-0ba0-44c7-9f92-459702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b649-0ba0-44c7-9f92-459702de0b81",
|
|
"value": "https://www.virustotal.com/file/31d9eb2eef1cb31fc76e5b0f774d3da11fab6659fb6787c7540620a9e16c958f/analysis/1460127503/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64a-9914-451d-9787-456f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:30.000Z",
|
|
"modified": "2016-04-27T12:53:30.000Z",
|
|
"first_observed": "2016-04-27T12:53:30Z",
|
|
"last_observed": "2016-04-27T12:53:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64a-9914-451d-9787-456f950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64a-9914-451d-9787-456f950d210f",
|
|
"value": "https://www.virustotal.com/en/url/a6699840720a91ed9f7a288ee44c82a1bea93b82a5ee9042470a5622a907bf2a/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b64a-60f0-4dc7-8b83-4aee02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:30.000Z",
|
|
"modified": "2016-04-27T12:53:30.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 03c85cb479fd9031504bba04c2cefc96",
|
|
"pattern": "[file:hashes.SHA256 = '619ebc97119c3c8b22599c418595b70c5cd7034d29a590f02fc6e5634b414a63']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64a-d874-44b9-aeb5-4b26950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:30.000Z",
|
|
"modified": "2016-04-27T12:53:30.000Z",
|
|
"first_observed": "2016-04-27T12:53:30Z",
|
|
"last_observed": "2016-04-27T12:53:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64a-d874-44b9-aeb5-4b26950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64a-d874-44b9-aeb5-4b26950d210f",
|
|
"value": "https://www.virustotal.com/en/domain/cacama18.bget.ru/information/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b64b-5760-4d9c-880a-4da602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:31.000Z",
|
|
"modified": "2016-04-27T12:53:31.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 03c85cb479fd9031504bba04c2cefc96",
|
|
"pattern": "[file:hashes.SHA1 = 'ba0025840b71bc6714431ba73a214acfe10cb665']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64b-e064-47f8-8abd-4572950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:31.000Z",
|
|
"modified": "2016-04-27T12:53:31.000Z",
|
|
"first_observed": "2016-04-27T12:53:31Z",
|
|
"last_observed": "2016-04-27T12:53:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64b-e064-47f8-8abd-4572950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64b-e064-47f8-8abd-4572950d210f",
|
|
"value": "https://www.virustotal.com/en/url/e74496cc956049b07dc922367fd0f1e1083ab8394ab8cc24d686cfd1ca4512a2/analysis/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64b-0f50-4db3-84e1-4a9502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:31.000Z",
|
|
"modified": "2016-04-27T12:53:31.000Z",
|
|
"first_observed": "2016-04-27T12:53:31Z",
|
|
"last_observed": "2016-04-27T12:53:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64b-0f50-4db3-84e1-4a9502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64b-0f50-4db3-84e1-4a9502de0b81",
|
|
"value": "https://www.virustotal.com/file/619ebc97119c3c8b22599c418595b70c5cd7034d29a590f02fc6e5634b414a63/analysis/1455729783/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64b-3c48-4215-977e-4e01950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:31.000Z",
|
|
"modified": "2016-04-27T12:53:31.000Z",
|
|
"first_observed": "2016-04-27T12:53:31Z",
|
|
"last_observed": "2016-04-27T12:53:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64b-3c48-4215-977e-4e01950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64b-3c48-4215-977e-4e01950d210f",
|
|
"value": "https://www.virustotal.com/en/url/3e50102f5ef623f1163affa9fddc298c2abf8b2f31d60ab882a4f754aee96bbc/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b64c-0300-4dcd-923d-4e1102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:32.000Z",
|
|
"modified": "2016-04-27T12:53:32.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 03a442b0f7c26ef13a928c7f1e65aa23",
|
|
"pattern": "[file:hashes.SHA256 = 'ecf3c12f26bf01f5dcf863a7f1409ca631427e9dd6b8eeb50d49805e660290c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64c-c1cc-44c4-9ef3-4abb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:32.000Z",
|
|
"modified": "2016-04-27T12:53:32.000Z",
|
|
"first_observed": "2016-04-27T12:53:32Z",
|
|
"last_observed": "2016-04-27T12:53:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64c-c1cc-44c4-9ef3-4abb950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64c-c1cc-44c4-9ef3-4abb950d210f",
|
|
"value": "https://www.virustotal.com/en/url/476336f4fe9ac0b89720c2cbb308bd3b5e6e00f8262267cd64f7facb0418c49a/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b64c-e220-4b9c-8ff0-40c302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:32.000Z",
|
|
"modified": "2016-04-27T12:53:32.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 03a442b0f7c26ef13a928c7f1e65aa23",
|
|
"pattern": "[file:hashes.SHA1 = '11744de74de83c35e280f6b203c7ddf553f04915']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64c-9844-4f34-a421-4c91950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:32.000Z",
|
|
"modified": "2016-04-27T12:53:32.000Z",
|
|
"first_observed": "2016-04-27T12:53:32Z",
|
|
"last_observed": "2016-04-27T12:53:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64c-9844-4f34-a421-4c91950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64c-9844-4f34-a421-4c91950d210f",
|
|
"value": "https://www.virustotal.com/en/file/3e17e5726bb2b336df083376b5afbe961e5772d30b828d0700d881e9d336c187/analysis/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64d-9e80-430d-9350-428e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:33.000Z",
|
|
"modified": "2016-04-27T12:53:33.000Z",
|
|
"first_observed": "2016-04-27T12:53:33Z",
|
|
"last_observed": "2016-04-27T12:53:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64d-9e80-430d-9350-428e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64d-9e80-430d-9350-428e02de0b81",
|
|
"value": "https://www.virustotal.com/file/ecf3c12f26bf01f5dcf863a7f1409ca631427e9dd6b8eeb50d49805e660290c0/analysis/1455729790/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64d-8128-4d8c-97fa-4f70950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:33.000Z",
|
|
"modified": "2016-04-27T12:53:33.000Z",
|
|
"first_observed": "2016-04-27T12:53:33Z",
|
|
"last_observed": "2016-04-27T12:53:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64d-8128-4d8c-97fa-4f70950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64d-8128-4d8c-97fa-4f70950d210f",
|
|
"value": "https://www.virustotal.com/en/file/2a3489c4096adc6b6d4b07ad4dbfc10bde077519461e6cb36bc14ef2cc21108d/analysis/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b64d-425c-4448-8c8f-43a202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:33.000Z",
|
|
"modified": "2016-04-27T12:53:33.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0328121ca8e0e677bba5f18ba193371c",
|
|
"pattern": "[file:hashes.SHA256 = '9eaf9ecda07c16753c8356bda023f8b388741d302f5ecf231e84aaaaba3c7e23']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b64e-1120-4a4f-8be7-4af002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:34.000Z",
|
|
"modified": "2016-04-27T12:53:34.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 0328121ca8e0e677bba5f18ba193371c",
|
|
"pattern": "[file:hashes.SHA1 = 'a244e77d72d2b0bcd00a883f4730818beafb1637']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64e-1fa4-4565-96bb-452e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:34.000Z",
|
|
"modified": "2016-04-27T12:53:34.000Z",
|
|
"first_observed": "2016-04-27T12:53:34Z",
|
|
"last_observed": "2016-04-27T12:53:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64e-1fa4-4565-96bb-452e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64e-1fa4-4565-96bb-452e02de0b81",
|
|
"value": "https://www.virustotal.com/file/9eaf9ecda07c16753c8356bda023f8b388741d302f5ecf231e84aaaaba3c7e23/analysis/1457421972/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b64f-0804-4441-84ee-4fe002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:35.000Z",
|
|
"modified": "2016-04-27T12:53:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 01d95061091d4f6f536bada821461c07",
|
|
"pattern": "[file:hashes.SHA256 = '1df8174e1c5372c18479285125d40ada6dabf02742e820f768bb65e23ea6d12a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b64f-5000-41dc-9394-40cc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:35.000Z",
|
|
"modified": "2016-04-27T12:53:35.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 01d95061091d4f6f536bada821461c07",
|
|
"pattern": "[file:hashes.SHA1 = 'ba95265b35c50de893819c64d33377147e4e9f8d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b64f-d738-4da8-a7a0-477502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:35.000Z",
|
|
"modified": "2016-04-27T12:53:35.000Z",
|
|
"first_observed": "2016-04-27T12:53:35Z",
|
|
"last_observed": "2016-04-27T12:53:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b64f-d738-4da8-a7a0-477502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b64f-d738-4da8-a7a0-477502de0b81",
|
|
"value": "https://www.virustotal.com/file/1df8174e1c5372c18479285125d40ada6dabf02742e820f768bb65e23ea6d12a/analysis/1455729266/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b650-e6b0-486a-9fcc-4c8c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:36.000Z",
|
|
"modified": "2016-04-27T12:53:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 016410e442f651d43a7e28f72be2e2ef",
|
|
"pattern": "[file:hashes.SHA256 = '8a4fc96d72c1a94c2c013a0d044d8f810b91de3dc56f71520c304c76dc1f1f44']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b650-e8a8-4b22-b7fe-4eb802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:36.000Z",
|
|
"modified": "2016-04-27T12:53:36.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: 016410e442f651d43a7e28f72be2e2ef",
|
|
"pattern": "[file:hashes.SHA1 = '5d18ad3d3bb0f90fb8f7deefa98ac834c0dac844']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b651-b998-414d-bfe4-4e2102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:37.000Z",
|
|
"modified": "2016-04-27T12:53:37.000Z",
|
|
"first_observed": "2016-04-27T12:53:37Z",
|
|
"last_observed": "2016-04-27T12:53:37Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b651-b998-414d-bfe4-4e2102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b651-b998-414d-bfe4-4e2102de0b81",
|
|
"value": "https://www.virustotal.com/file/8a4fc96d72c1a94c2c013a0d044d8f810b91de3dc56f71520c304c76dc1f1f44/analysis/1460646585/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b651-3618-4386-acdf-42ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:37.000Z",
|
|
"modified": "2016-04-27T12:53:37.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: d8caad151e07025fdbf5f3c26e3ceaff",
|
|
"pattern": "[file:hashes.SHA256 = 'c96dfd27b0556c29b25b1eeb90ac2e329e77e95d4059f476086c2e5ba3c75bdf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720b652-7cac-4698-a054-486302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:38.000Z",
|
|
"modified": "2016-04-27T12:53:38.000Z",
|
|
"description": "Imported via the freetext import. - Xchecked via VT: d8caad151e07025fdbf5f3c26e3ceaff",
|
|
"pattern": "[file:hashes.SHA1 = '37cfe422bda030fb82400f86cc03f8d6f6dad7db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T12:53:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5720b652-6bf0-426e-b782-40eb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T12:53:38.000Z",
|
|
"modified": "2016-04-27T12:53:38.000Z",
|
|
"first_observed": "2016-04-27T12:53:38Z",
|
|
"last_observed": "2016-04-27T12:53:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5720b652-6bf0-426e-b782-40eb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5720b652-6bf0-426e-b782-40eb02de0b81",
|
|
"value": "https://www.virustotal.com/file/c96dfd27b0556c29b25b1eeb90ac2e329e77e95d4059f476086c2e5ba3c75bdf/analysis/1456910052/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720bc3f-e090-4590-9343-43f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T13:18:55.000Z",
|
|
"modified": "2016-04-27T13:18:55.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[url:value = 'http://37.1.207.31/api/?id=5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T13:18:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720bc40-e868-4585-aca1-4170950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T13:18:56.000Z",
|
|
"modified": "2016-04-27T13:18:56.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[url:value = 'http://37.1.207.115/api/?id=7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T13:18:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720bc40-a638-4add-ba38-4a96950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T13:18:56.000Z",
|
|
"modified": "2016-04-27T13:18:56.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[url:value = 'http://5.45.75.4/api/?id=4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T13:18:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5720bc40-a500-47e3-9fce-40f1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-04-27T13:18:56.000Z",
|
|
"modified": "2016-04-27T13:18:56.000Z",
|
|
"description": "Imported via the freetext import.",
|
|
"pattern": "[url:value = 'http://5.45.73.20/api/?id=1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-04-27T13:18:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |