adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/576cee20-2a04-4683-aae1-441c950d210f.json

3800 lines
No EOL
154 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--576cee20-2a04-4683-aae1-441c950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:47.000Z",
"modified": "2016-06-24T08:25:47.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--576cee20-2a04-4683-aae1-441c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:47.000Z",
"modified": "2016-06-24T08:25:47.000Z",
"name": "Malspam 2016-06-23 (Locky)",
"published": "2016-06-24T09:19:56Z",
"object_refs": [
"indicator--576cee58-cb54-4014-80cf-400d950d210f",
"indicator--576cee58-71ac-47a8-a5e6-445b950d210f",
"indicator--576cee59-c558-49bf-a6bc-4f18950d210f",
"indicator--576cee59-96bc-4a74-9905-46de950d210f",
"indicator--576cee59-8884-4c6a-9a9e-4ae6950d210f",
"indicator--576cee59-ac34-43d8-ad91-49b0950d210f",
"indicator--576cee5a-9858-4ff4-b1f2-402a950d210f",
"indicator--576cee5a-80a0-41a7-a225-4346950d210f",
"indicator--576cee5a-8f14-4d0a-9a39-4951950d210f",
"indicator--576cee5a-b09c-4399-aa85-43c2950d210f",
"indicator--576cee5a-9158-42ee-88ec-4d7c950d210f",
"indicator--576cee5a-e2c8-46f9-89dc-4473950d210f",
"indicator--576cee5b-3a38-4993-b7cb-479d950d210f",
"indicator--576cee5b-ca0c-43bb-a495-4090950d210f",
"indicator--576cee5b-a0e8-472e-ae60-4d90950d210f",
"indicator--576cee5b-cce8-4406-8d1c-4625950d210f",
"indicator--576cee5b-d298-4215-b7f2-4d39950d210f",
"indicator--576cee5c-a99c-41c4-ac28-45c1950d210f",
"indicator--576cee5c-46dc-4d6f-862d-429a950d210f",
"indicator--576cee5c-db70-4575-9b36-41c4950d210f",
"indicator--576cee5c-9bd4-4310-9596-408f950d210f",
"indicator--576cee5c-09fc-482f-9f46-425e950d210f",
"indicator--576cee5c-40a8-47ac-a9d5-4317950d210f",
"indicator--576cee5d-80c8-4c06-8467-4cd6950d210f",
"indicator--576cee5d-db80-4a23-94e1-40ee950d210f",
"indicator--576cee5d-7228-402a-b627-42f9950d210f",
"indicator--576cee5d-d40c-46ca-bab5-49b3950d210f",
"indicator--576cee5d-2998-4042-ad3a-413b950d210f",
"indicator--576cee5d-8944-459c-86a6-43f8950d210f",
"indicator--576cee5e-86b0-4504-915a-4dc2950d210f",
"indicator--576cee5e-f258-41d5-abeb-4703950d210f",
"indicator--576cee5e-4cf4-4aa6-b6d6-4736950d210f",
"indicator--576cee5e-c240-4aeb-aede-42d6950d210f",
"indicator--576cee5e-bee8-4927-8665-4acb950d210f",
"indicator--576cee5f-8000-481b-af42-4f8d950d210f",
"indicator--576cee5f-fba8-4a02-b234-4778950d210f",
"indicator--576cee5f-a1f8-4acb-afe5-4020950d210f",
"indicator--576cee5f-9c78-476f-af3e-45d1950d210f",
"indicator--576cee5f-fe68-42bf-b66f-4e98950d210f",
"indicator--576cee5f-8bdc-44bf-b09f-45f1950d210f",
"indicator--576cee60-09a8-4f62-b338-45ec950d210f",
"indicator--576cee60-8aa8-4608-97da-41f1950d210f",
"indicator--576cee60-29e4-400a-9847-4986950d210f",
"indicator--576cee60-7694-4db3-85d0-41de950d210f",
"indicator--576cee60-c6c8-48da-8d2c-48d5950d210f",
"indicator--576cee60-67c4-44b3-a751-4e75950d210f",
"indicator--576cee61-89b0-4616-905d-45d3950d210f",
"indicator--576cee61-b3c4-4447-8683-4a5a950d210f",
"indicator--576cee61-7f64-467a-9174-4d6f950d210f",
"indicator--576cee61-df80-4163-a0f1-44b8950d210f",
"indicator--576cee61-d814-480f-b86d-4d4f950d210f",
"indicator--576cee61-4fa8-4e98-8540-45c5950d210f",
"indicator--576cee62-b4d8-4018-a7a5-41f2950d210f",
"indicator--576cee62-81c8-4d9a-969e-45a9950d210f",
"indicator--576cee62-e148-499c-95f2-4ffa950d210f",
"indicator--576cee62-591c-4c86-b5bb-4171950d210f",
"indicator--576cee62-cebc-44c1-b802-4f8b950d210f",
"indicator--576cee62-d2ec-48d6-b8a1-4d18950d210f",
"indicator--576cee63-d83c-4bd2-bab2-4013950d210f",
"indicator--576cee63-5838-4000-9043-45aa950d210f",
"indicator--576cee63-6afc-480b-8e47-4700950d210f",
"indicator--576cee63-9398-4acf-888c-4cc5950d210f",
"indicator--576cee63-c0e4-4290-9575-43d6950d210f",
"indicator--576cee64-79b8-4e33-b8ca-4840950d210f",
"indicator--576cee64-3f2c-423b-840c-492e950d210f",
"indicator--576cee64-1e04-4aed-8afe-432f950d210f",
"indicator--576cee64-41cc-473e-bf71-445e950d210f",
"indicator--576cee64-8c38-4e0d-b163-4a04950d210f",
"indicator--576cee64-2ccc-4e70-a492-405a950d210f",
"indicator--576cee65-e54c-4465-b826-426c950d210f",
"indicator--576cee65-d264-4df6-95bb-43c3950d210f",
"indicator--576cee65-8b60-493b-9f3f-4951950d210f",
"indicator--576cee65-afe8-4517-b490-4f3e950d210f",
"indicator--576cee65-eaa0-4394-bcb1-4af7950d210f",
"indicator--576cee65-d6c0-4a74-8cd8-44e1950d210f",
"indicator--576cee66-4e00-4e54-821f-4331950d210f",
"indicator--576cee66-7344-4dc4-aed7-47a6950d210f",
"indicator--576cee66-0c78-4ce3-9e32-4e30950d210f",
"indicator--576cee66-5fb0-4d71-814d-4299950d210f",
"indicator--576cee66-65c8-4104-ba59-43ef950d210f",
"indicator--576cee66-a8e8-4ed0-b375-4bdd950d210f",
"indicator--576cee67-19f4-4dff-9593-4c92950d210f",
"indicator--576cee67-5098-4e47-9614-4d3a950d210f",
"indicator--576cee67-c65c-4ab6-9fa0-414d950d210f",
"indicator--576cee67-222c-4837-9ac6-4779950d210f",
"indicator--576cee67-d7f8-4a99-80a1-4330950d210f",
"indicator--576cee67-6bc8-44f2-8a22-4581950d210f",
"indicator--576cee68-e9e4-44b2-a98a-4c52950d210f",
"indicator--576cee68-51f4-45aa-9ad9-4c6e950d210f",
"indicator--576cee68-70f4-43ba-9ff7-4b5a950d210f",
"indicator--576cee68-ecdc-4e49-9e5f-4152950d210f",
"indicator--576cee68-88b8-4ccf-aaf0-43b7950d210f",
"indicator--576cee69-c930-4e2a-acce-4b65950d210f",
"indicator--576cee69-6904-4708-b2b1-4908950d210f",
"indicator--576cee69-68ac-4400-8c72-42f5950d210f",
"indicator--576cee69-f11c-4439-a73a-473b950d210f",
"indicator--576cee69-0824-4eee-854e-4ba0950d210f",
"indicator--576cee69-6f78-416a-874c-4127950d210f",
"indicator--576cee6a-173c-47a3-bdb9-4e21950d210f",
"indicator--576cee6a-9e60-4ac4-9442-467e950d210f",
"indicator--576cee6a-9410-477a-8fa0-4cbf950d210f",
"indicator--576cee6a-eb1c-40e5-acf6-47c3950d210f",
"indicator--576cee6a-c1ec-4976-830b-458c950d210f",
"indicator--576cee6b-6274-4f50-9cd1-4b90950d210f",
"indicator--576cee6b-5b84-4ca6-bacc-4b5b950d210f",
"indicator--576cee6b-50b4-4aa3-999e-4844950d210f",
"indicator--576cee6b-1ac8-4a58-ab80-4e95950d210f",
"indicator--576cee6b-1218-4ac1-8459-4a87950d210f",
"indicator--576cee6b-98f0-4789-8085-4046950d210f",
"indicator--576cee6c-98b4-453c-a045-42e7950d210f",
"indicator--576cee6c-06f8-400b-a801-4ef1950d210f",
"indicator--576cee6c-9a94-4328-8f1c-41d3950d210f",
"indicator--576cee6c-ace8-4364-a4bd-440a950d210f",
"indicator--576cee6c-2d0c-4e6e-bcea-4430950d210f",
"indicator--576cee6d-36b0-432e-98bc-4c92950d210f",
"indicator--576cee6d-271c-4cd7-a4c0-448e950d210f",
"indicator--576cee6d-f2d8-4369-9fbf-417e950d210f",
"indicator--576cee6d-47dc-47c4-8094-487f950d210f",
"indicator--576cee6d-f8a0-4e17-aeec-4a52950d210f",
"indicator--576cee6d-52d8-4786-b7c9-49f6950d210f",
"indicator--576cee6e-d88c-4ae6-972c-43e7950d210f",
"indicator--576cee6e-ae4c-4a57-bc13-490c950d210f",
"indicator--576cee6e-e794-423f-a372-4c61950d210f",
"indicator--576cee6e-a20c-4756-aadf-4276950d210f",
"indicator--576cee6e-f15c-4e18-bc37-402e950d210f",
"indicator--576cee6e-d068-41b7-b221-4e25950d210f",
"indicator--576cee6f-a788-43f6-a102-422d950d210f",
"indicator--576cee6f-dc30-406b-a585-4417950d210f",
"indicator--576cee6f-7c54-4215-80d5-47cd950d210f",
"indicator--576cee6f-2884-4a6e-a734-4684950d210f",
"indicator--576cee6f-0f54-47ff-892c-45d9950d210f",
"indicator--576cee70-5454-40ca-b536-4cd0950d210f",
"indicator--576cee70-8138-4d51-ae35-4d92950d210f",
"indicator--576cee70-73a4-451a-8605-4099950d210f",
"indicator--576cee70-1acc-4994-801c-4936950d210f",
"indicator--576cee70-86f4-4a98-8f07-4c07950d210f",
"indicator--576cee71-cbe0-436a-a139-45eb950d210f",
"indicator--576cee71-c9cc-4c90-829f-4469950d210f",
"indicator--576cee71-bee0-4ddf-881c-4cec950d210f",
"indicator--576cee71-18c0-45eb-a043-4a86950d210f",
"indicator--576cee71-a374-4e1f-9409-49dc950d210f",
"indicator--576cee72-673c-488a-a3d1-465a950d210f",
"indicator--576cee72-d058-41eb-a0a2-4755950d210f",
"indicator--576cee72-3700-41f6-a1bf-483e950d210f",
"indicator--576cee72-6bd4-4cab-8211-44a7950d210f",
"indicator--576cee72-aa30-461c-b58d-4454950d210f",
"indicator--576cee73-3df0-4fb7-a397-4eb2950d210f",
"indicator--576cee73-6504-4441-bc71-4e92950d210f",
"indicator--576cee73-35bc-4d08-b6f7-4b40950d210f",
"indicator--576cee73-38ac-4474-8526-4e7c950d210f",
"x-misp-attribute--576cee8b-b888-45a1-af24-4e2b950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\"",
"veris:action:malware:variety=\"Ransomware\"",
"ecsirt:malicious-code=\"ransomware\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee58-cb54-4014-80cf-400d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:56.000Z",
"modified": "2016-06-24T08:24:56.000Z",
"description": "download location",
"pattern": "[url:value = 'http://focolareostuni.it/0k2ren']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee58-71ac-47a8-a5e6-445b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:56.000Z",
"modified": "2016-06-24T08:24:56.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'focolareostuni.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee59-c558-49bf-a6bc-4f18950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:57.000Z",
"modified": "2016-06-24T08:24:57.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.73.226.220']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee59-96bc-4a74-9905-46de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:57.000Z",
"modified": "2016-06-24T08:24:57.000Z",
"description": "download location",
"pattern": "[url:value = 'http://4k18.com/u69f97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee59-8884-4c6a-9a9e-4ae6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:57.000Z",
"modified": "2016-06-24T08:24:57.000Z",
"description": "download location",
"pattern": "[domain-name:value = '4k18.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee59-ac34-43d8-ad91-49b0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:57.000Z",
"modified": "2016-06-24T08:24:57.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '104.152.168.29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5a-9858-4ff4-b1f2-402a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:57.000Z",
"modified": "2016-06-24T08:24:57.000Z",
"description": "download location",
"pattern": "[url:value = 'http://arogyaforhealth.com/jujg6ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5a-80a0-41a7-a225-4346950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:58.000Z",
"modified": "2016-06-24T08:24:58.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'arogyaforhealth.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5a-8f14-4d0a-9a39-4951950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:58.000Z",
"modified": "2016-06-24T08:24:58.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.65.228']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5a-b09c-4399-aa85-43c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:58.000Z",
"modified": "2016-06-24T08:24:58.000Z",
"description": "download location",
"pattern": "[url:value = 'http://empiredeckandfence.com/h2uppib']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5a-9158-42ee-88ec-4d7c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:58.000Z",
"modified": "2016-06-24T08:24:58.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'empiredeckandfence.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5a-e2c8-46f9-89dc-4473950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:58.000Z",
"modified": "2016-06-24T08:24:58.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.225.43']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5b-3a38-4993-b7cb-479d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:59.000Z",
"modified": "2016-06-24T08:24:59.000Z",
"description": "download location",
"pattern": "[url:value = 'http://margohack.za.pl/wkiokl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5b-ca0c-43bb-a495-4090950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:59.000Z",
"modified": "2016-06-24T08:24:59.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'margohack.za.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5b-a0e8-472e-ae60-4d90950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:59.000Z",
"modified": "2016-06-24T08:24:59.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.203.99.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5b-cce8-4406-8d1c-4625950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:59.000Z",
"modified": "2016-06-24T08:24:59.000Z",
"description": "download location",
"pattern": "[url:value = 'http://bobbysinghwpg.com/pdqcqlnr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5b-d298-4215-b7f2-4d39950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:59.000Z",
"modified": "2016-06-24T08:24:59.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'bobbysinghwpg.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5c-a99c-41c4-ac28-45c1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:24:59.000Z",
"modified": "2016-06-24T08:24:59.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.186.246.98']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:24:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5c-46dc-4d6f-862d-429a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:00.000Z",
"modified": "2016-06-24T08:25:00.000Z",
"description": "download location",
"pattern": "[url:value = 'http://abligl.com/8v62l4i4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5c-db70-4575-9b36-41c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:00.000Z",
"modified": "2016-06-24T08:25:00.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'abligl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5c-9bd4-4310-9596-408f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:00.000Z",
"modified": "2016-06-24T08:25:00.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.153.73.196']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5c-09fc-482f-9f46-425e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:00.000Z",
"modified": "2016-06-24T08:25:00.000Z",
"description": "download location",
"pattern": "[url:value = 'http://mycreativeprint.com/mqib9te']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5c-40a8-47ac-a9d5-4317950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:00.000Z",
"modified": "2016-06-24T08:25:00.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'mycreativeprint.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5d-80c8-4c06-8467-4cd6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:01.000Z",
"modified": "2016-06-24T08:25:01.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.6.198.185']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5d-db80-4a23-94e1-40ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:01.000Z",
"modified": "2016-06-24T08:25:01.000Z",
"description": "download location",
"pattern": "[url:value = 'http://bptec.ir/kvk9leho']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5d-7228-402a-b627-42f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:01.000Z",
"modified": "2016-06-24T08:25:01.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'bptec.ir']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5d-d40c-46ca-bab5-49b3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:01.000Z",
"modified": "2016-06-24T08:25:01.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.38.60.148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5d-2998-4042-ad3a-413b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:01.000Z",
"modified": "2016-06-24T08:25:01.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.keven.site.aplus.net/fmlonxl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5d-8944-459c-86a6-43f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:01.000Z",
"modified": "2016-06-24T08:25:01.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.keven.site.aplus.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5e-86b0-4504-915a-4dc2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:02.000Z",
"modified": "2016-06-24T08:25:02.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.29.151.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5e-f258-41d5-abeb-4703950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:02.000Z",
"modified": "2016-06-24T08:25:02.000Z",
"description": "download location",
"pattern": "[url:value = 'http://cond.gribochechki.ru/zibni']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5e-4cf4-4aa6-b6d6-4736950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:02.000Z",
"modified": "2016-06-24T08:25:02.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'cond.gribochechki.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5e-c240-4aeb-aede-42d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:02.000Z",
"modified": "2016-06-24T08:25:02.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '143.95.250.67']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5e-bee8-4927-8665-4acb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:02.000Z",
"modified": "2016-06-24T08:25:02.000Z",
"description": "download location",
"pattern": "[url:value = 'http://redpower.com.au/xlkdld']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5f-8000-481b-af42-4f8d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:03.000Z",
"modified": "2016-06-24T08:25:03.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'redpower.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5f-fba8-4a02-b234-4778950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:03.000Z",
"modified": "2016-06-24T08:25:03.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.132.10.3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5f-a1f8-4acb-afe5-4020950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:03.000Z",
"modified": "2016-06-24T08:25:03.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.ellicottcitypediatrics.com/7d6sdl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5f-9c78-476f-af3e-45d1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:03.000Z",
"modified": "2016-06-24T08:25:03.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.ellicottcitypediatrics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5f-fe68-42bf-b66f-4e98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:03.000Z",
"modified": "2016-06-24T08:25:03.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.33.222.26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee5f-8bdc-44bf-b09f-45f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:03.000Z",
"modified": "2016-06-24T08:25:03.000Z",
"description": "download location",
"pattern": "[url:value = 'http://ideograph.com/k7qfsxx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee60-09a8-4f62-b338-45ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:04.000Z",
"modified": "2016-06-24T08:25:04.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'ideograph.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee60-8aa8-4608-97da-41f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:04.000Z",
"modified": "2016-06-24T08:25:04.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '75.119.198.150']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee60-29e4-400a-9847-4986950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:04.000Z",
"modified": "2016-06-24T08:25:04.000Z",
"description": "download location",
"pattern": "[url:value = 'http://grantica.ru/6hjli']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee60-7694-4db3-85d0-41de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:04.000Z",
"modified": "2016-06-24T08:25:04.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'grantica.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee60-c6c8-48da-8d2c-48d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:04.000Z",
"modified": "2016-06-24T08:25:04.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.174.64.15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee60-67c4-44b3-a751-4e75950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:04.000Z",
"modified": "2016-06-24T08:25:04.000Z",
"description": "download location",
"pattern": "[url:value = 'http://disneyexperience.com/psyyhe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee61-89b0-4616-905d-45d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:05.000Z",
"modified": "2016-06-24T08:25:05.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'disneyexperience.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee61-b3c4-4447-8683-4a5a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:05.000Z",
"modified": "2016-06-24T08:25:05.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.254.188.98']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee61-7f64-467a-9174-4d6f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:05.000Z",
"modified": "2016-06-24T08:25:05.000Z",
"description": "download location",
"pattern": "[url:value = 'http://boranwebshop.nl/ggc7ld']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee61-df80-4163-a0f1-44b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:05.000Z",
"modified": "2016-06-24T08:25:05.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'boranwebshop.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee61-d814-480f-b86d-4d4f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:05.000Z",
"modified": "2016-06-24T08:25:05.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.226.62.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee61-4fa8-4e98-8540-45c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:05.000Z",
"modified": "2016-06-24T08:25:05.000Z",
"description": "download location",
"pattern": "[url:value = 'http://aberfoyledental.ca/6dil05']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee62-b4d8-4018-a7a5-41f2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:06.000Z",
"modified": "2016-06-24T08:25:06.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'aberfoyledental.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee62-81c8-4d9a-969e-45a9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:06.000Z",
"modified": "2016-06-24T08:25:06.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.156.240.29']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee62-e148-499c-95f2-4ffa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:06.000Z",
"modified": "2016-06-24T08:25:06.000Z",
"description": "download location",
"pattern": "[url:value = 'http://clients.seospell.co.in/fkn67zy']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee62-591c-4c86-b5bb-4171950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:06.000Z",
"modified": "2016-06-24T08:25:06.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'clients.seospell.co.in']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee62-cebc-44c1-b802-4f8b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:06.000Z",
"modified": "2016-06-24T08:25:06.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.131.128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee62-d2ec-48d6-b8a1-4d18950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:06.000Z",
"modified": "2016-06-24T08:25:06.000Z",
"description": "download location",
"pattern": "[url:value = 'http://climairuk.com/h32k491o']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee63-d83c-4bd2-bab2-4013950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:07.000Z",
"modified": "2016-06-24T08:25:07.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'climairuk.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee63-5838-4000-9043-45aa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:07.000Z",
"modified": "2016-06-24T08:25:07.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.118.237.109']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee63-6afc-480b-8e47-4700950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:07.000Z",
"modified": "2016-06-24T08:25:07.000Z",
"description": "download location",
"pattern": "[url:value = 'http://century21keim.com/c7xb2xy']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee63-9398-4acf-888c-4cc5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:07.000Z",
"modified": "2016-06-24T08:25:07.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'century21keim.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee63-c0e4-4290-9575-43d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:07.000Z",
"modified": "2016-06-24T08:25:07.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.204.248.105']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee64-79b8-4e33-b8ca-4840950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:08.000Z",
"modified": "2016-06-24T08:25:08.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.darkhollowcoffee.com/oqlyd9m']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee64-3f2c-423b-840c-492e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:08.000Z",
"modified": "2016-06-24T08:25:08.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.darkhollowcoffee.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee64-1e04-4aed-8afe-432f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:08.000Z",
"modified": "2016-06-24T08:25:08.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '66.175.58.9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee64-41cc-473e-bf71-445e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:08.000Z",
"modified": "2016-06-24T08:25:08.000Z",
"description": "download location",
"pattern": "[url:value = 'http://euro-support.be/rdl3n7u']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee64-8c38-4e0d-b163-4a04950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:08.000Z",
"modified": "2016-06-24T08:25:08.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'euro-support.be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee64-2ccc-4e70-a492-405a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:08.000Z",
"modified": "2016-06-24T08:25:08.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.62.167.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee65-e54c-4465-b826-426c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:09.000Z",
"modified": "2016-06-24T08:25:09.000Z",
"description": "download location",
"pattern": "[url:value = 'http://matvil8.freehostia.com/64tmb1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee65-d264-4df6-95bb-43c3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:09.000Z",
"modified": "2016-06-24T08:25:09.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'matvil8.freehostia.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee65-8b60-493b-9f3f-4951950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:09.000Z",
"modified": "2016-06-24T08:25:09.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.210.102.232']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee65-afe8-4517-b490-4f3e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:09.000Z",
"modified": "2016-06-24T08:25:09.000Z",
"description": "download location",
"pattern": "[url:value = 'http://freesource.su/ijugasq1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee65-eaa0-4394-bcb1-4af7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:09.000Z",
"modified": "2016-06-24T08:25:09.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'freesource.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee65-d6c0-4a74-8cd8-44e1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:09.000Z",
"modified": "2016-06-24T08:25:09.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '136.243.176.66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee66-4e00-4e54-821f-4331950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:10.000Z",
"modified": "2016-06-24T08:25:10.000Z",
"description": "download location",
"pattern": "[url:value = 'http://cg.wandashops.com/evqbfwkx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee66-7344-4dc4-aed7-47a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:10.000Z",
"modified": "2016-06-24T08:25:10.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'cg.wandashops.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee66-0c78-4ce3-9e32-4e30950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:10.000Z",
"modified": "2016-06-24T08:25:10.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.25.235.209']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee66-5fb0-4d71-814d-4299950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:10.000Z",
"modified": "2016-06-24T08:25:10.000Z",
"description": "download location",
"pattern": "[url:value = 'http://adbm.co.uk/1o2wejz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee66-65c8-4104-ba59-43ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:10.000Z",
"modified": "2016-06-24T08:25:10.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'adbm.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee66-a8e8-4ed0-b375-4bdd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:10.000Z",
"modified": "2016-06-24T08:25:10.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.6.169.61']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee67-19f4-4dff-9593-4c92950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:11.000Z",
"modified": "2016-06-24T08:25:11.000Z",
"description": "download location",
"pattern": "[url:value = 'http://capitalwomanmagazine.ca/6k1oig']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee67-5098-4e47-9614-4d3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:11.000Z",
"modified": "2016-06-24T08:25:11.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'capitalwomanmagazine.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee67-c65c-4ab6-9fa0-414d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:11.000Z",
"modified": "2016-06-24T08:25:11.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '65.39.184.151']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee67-222c-4837-9ac6-4779950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:11.000Z",
"modified": "2016-06-24T08:25:11.000Z",
"description": "download location",
"pattern": "[url:value = 'http://babycotsonline.com/ph42q6ue']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee67-d7f8-4a99-80a1-4330950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:11.000Z",
"modified": "2016-06-24T08:25:11.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'babycotsonline.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee67-6bc8-44f2-8a22-4581950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:11.000Z",
"modified": "2016-06-24T08:25:11.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.185.146.153']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee68-e9e4-44b2-a98a-4c52950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:12.000Z",
"modified": "2016-06-24T08:25:12.000Z",
"description": "download location",
"pattern": "[url:value = 'http://bilgoray.com/vi5sfu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee68-51f4-45aa-9ad9-4c6e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:12.000Z",
"modified": "2016-06-24T08:25:12.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'bilgoray.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee68-70f4-43ba-9ff7-4b5a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:12.000Z",
"modified": "2016-06-24T08:25:12.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.120.252.191']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee68-ecdc-4e49-9e5f-4152950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:12.000Z",
"modified": "2016-06-24T08:25:12.000Z",
"description": "download location",
"pattern": "[url:value = 'http://tip.ub.ac.id/k2e32vh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee68-88b8-4ccf-aaf0-43b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:12.000Z",
"modified": "2016-06-24T08:25:12.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'tip.ub.ac.id']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee69-c930-4e2a-acce-4b65950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:13.000Z",
"modified": "2016-06-24T08:25:13.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '175.45.184.160']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee69-6904-4708-b2b1-4908950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:13.000Z",
"modified": "2016-06-24T08:25:13.000Z",
"description": "download location",
"pattern": "[url:value = 'http://promoresults.com.au/gx4al']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee69-68ac-4400-8c72-42f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:13.000Z",
"modified": "2016-06-24T08:25:13.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'promoresults.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee69-f11c-4439-a73a-473b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:13.000Z",
"modified": "2016-06-24T08:25:13.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '202.124.241.203']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee69-0824-4eee-854e-4ba0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:13.000Z",
"modified": "2016-06-24T08:25:13.000Z",
"description": "download location",
"pattern": "[url:value = 'http://immoclic.o2switch.net/styvuwti']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee69-6f78-416a-874c-4127950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:13.000Z",
"modified": "2016-06-24T08:25:13.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'immoclic.o2switch.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6a-173c-47a3-bdb9-4e21950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:14.000Z",
"modified": "2016-06-24T08:25:14.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.234.160.30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6a-9e60-4ac4-9442-467e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:14.000Z",
"modified": "2016-06-24T08:25:14.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.centroinfantilelmolino.com/60wfh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6a-9410-477a-8fa0-4cbf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:14.000Z",
"modified": "2016-06-24T08:25:14.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.centroinfantilelmolino.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6a-eb1c-40e5-acf6-47c3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:14.000Z",
"modified": "2016-06-24T08:25:14.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.76.156.98']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6a-c1ec-4976-830b-458c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:14.000Z",
"modified": "2016-06-24T08:25:14.000Z",
"description": "download location",
"pattern": "[url:value = 'http://karl-lee.se/x23ft']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6b-6274-4f50-9cd1-4b90950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:15.000Z",
"modified": "2016-06-24T08:25:15.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'karl-lee.se']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6b-5b84-4ca6-bacc-4b5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:15.000Z",
"modified": "2016-06-24T08:25:15.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.247.170.75']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6b-50b4-4aa3-999e-4844950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:15.000Z",
"modified": "2016-06-24T08:25:15.000Z",
"description": "download location",
"pattern": "[url:value = 'http://atlantaelectronics.co.id/quv7rcc1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6b-1ac8-4a58-ab80-4e95950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:15.000Z",
"modified": "2016-06-24T08:25:15.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'atlantaelectronics.co.id']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6b-1218-4ac1-8459-4a87950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:15.000Z",
"modified": "2016-06-24T08:25:15.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.241.184.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6b-98f0-4789-8085-4046950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:15.000Z",
"modified": "2016-06-24T08:25:15.000Z",
"description": "download location",
"pattern": "[url:value = 'http://oakashandthorn.charybdis.seedboxes.cc/f7ge4y3k']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6c-98b4-453c-a045-42e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:16.000Z",
"modified": "2016-06-24T08:25:16.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'oakashandthorn.charybdis.seedboxes.cc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6c-06f8-400b-a801-4ef1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:16.000Z",
"modified": "2016-06-24T08:25:16.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.149.90.4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6c-9a94-4328-8f1c-41d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:16.000Z",
"modified": "2016-06-24T08:25:16.000Z",
"description": "download location",
"pattern": "[url:value = 'http://certifiedbanker.org/obmv6590']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6c-ace8-4364-a4bd-440a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:16.000Z",
"modified": "2016-06-24T08:25:16.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'certifiedbanker.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6c-2d0c-4e6e-bcea-4430950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:16.000Z",
"modified": "2016-06-24T08:25:16.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '166.63.125.135']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6d-36b0-432e-98bc-4c92950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:16.000Z",
"modified": "2016-06-24T08:25:16.000Z",
"description": "download location",
"pattern": "[url:value = 'http://honeystays.co.za/siu2k']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6d-271c-4cd7-a4c0-448e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:17.000Z",
"modified": "2016-06-24T08:25:17.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'honeystays.co.za']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6d-f2d8-4369-9fbf-417e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:17.000Z",
"modified": "2016-06-24T08:25:17.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.40.0.214']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6d-47dc-47c4-8094-487f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:17.000Z",
"modified": "2016-06-24T08:25:17.000Z",
"description": "download location",
"pattern": "[url:value = 'http://elviraminkina.com/ojyq1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6d-f8a0-4e17-aeec-4a52950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:17.000Z",
"modified": "2016-06-24T08:25:17.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'elviraminkina.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6d-52d8-4786-b7c9-49f6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:17.000Z",
"modified": "2016-06-24T08:25:17.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '146.120.112.197']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6e-d88c-4ae6-972c-43e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:18.000Z",
"modified": "2016-06-24T08:25:18.000Z",
"description": "download location",
"pattern": "[url:value = 'http://dentalshop4you.nl/m22brjfz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6e-ae4c-4a57-bc13-490c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:18.000Z",
"modified": "2016-06-24T08:25:18.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'dentalshop4you.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6e-e794-423f-a372-4c61950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:18.000Z",
"modified": "2016-06-24T08:25:18.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.226.62.145']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6e-a20c-4756-aadf-4276950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:18.000Z",
"modified": "2016-06-24T08:25:18.000Z",
"description": "download location",
"pattern": "[url:value = 'http://angeelle.nichost.ru/y6s1y9h']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6e-f15c-4e18-bc37-402e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:18.000Z",
"modified": "2016-06-24T08:25:18.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'angeelle.nichost.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6e-d068-41b7-b221-4e25950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:18.000Z",
"modified": "2016-06-24T08:25:18.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '195.208.0.136']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6f-a788-43f6-a102-422d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:19.000Z",
"modified": "2016-06-24T08:25:19.000Z",
"description": "download location",
"pattern": "[url:value = 'http://3141592.ru/wyesvj']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6f-dc30-406b-a585-4417950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:19.000Z",
"modified": "2016-06-24T08:25:19.000Z",
"description": "download location",
"pattern": "[domain-name:value = '3141592.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6f-7c54-4215-80d5-47cd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:19.000Z",
"modified": "2016-06-24T08:25:19.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.53.126.193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6f-2884-4a6e-a734-4684950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:19.000Z",
"modified": "2016-06-24T08:25:19.000Z",
"description": "download location",
"pattern": "[url:value = 'http://climatizareonline.ro/azkqs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee6f-0f54-47ff-892c-45d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:19.000Z",
"modified": "2016-06-24T08:25:19.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'climatizareonline.ro']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee70-5454-40ca-b536-4cd0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:20.000Z",
"modified": "2016-06-24T08:25:20.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.36.135.166']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee70-8138-4d51-ae35-4d92950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:20.000Z",
"modified": "2016-06-24T08:25:20.000Z",
"description": "download location",
"pattern": "[url:value = 'http://pipt.wallst.ru/qojqp2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee70-73a4-451a-8605-4099950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:20.000Z",
"modified": "2016-06-24T08:25:20.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'pipt.wallst.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee70-1acc-4994-801c-4936950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:20.000Z",
"modified": "2016-06-24T08:25:20.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.46.196.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee70-86f4-4a98-8f07-4c07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:20.000Z",
"modified": "2016-06-24T08:25:20.000Z",
"description": "download location",
"pattern": "[url:value = 'http://imetinyang.za.pl/74hd4by5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee71-cbe0-436a-a139-45eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:21.000Z",
"modified": "2016-06-24T08:25:21.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'imetinyang.za.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee71-c9cc-4c90-829f-4469950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:21.000Z",
"modified": "2016-06-24T08:25:21.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '193.203.99.111']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee71-bee0-4ddf-881c-4cec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:21.000Z",
"modified": "2016-06-24T08:25:21.000Z",
"description": "download location",
"pattern": "[url:value = 'http://barum.de/c2blg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee71-18c0-45eb-a043-4a86950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:21.000Z",
"modified": "2016-06-24T08:25:21.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'barum.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee71-a374-4e1f-9409-49dc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:21.000Z",
"modified": "2016-06-24T08:25:21.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.78.166.19']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee72-673c-488a-a3d1-465a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:22.000Z",
"modified": "2016-06-24T08:25:22.000Z",
"description": "download location",
"pattern": "[url:value = 'http://cameramartusa.info/xrfpm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee72-d058-41eb-a0a2-4755950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:22.000Z",
"modified": "2016-06-24T08:25:22.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'cameramartusa.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee72-3700-41f6-a1bf-483e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:22.000Z",
"modified": "2016-06-24T08:25:22.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.180.24.238']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee72-6bd4-4cab-8211-44a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:22.000Z",
"modified": "2016-06-24T08:25:22.000Z",
"description": "download location",
"pattern": "[url:value = 'http://jd-products.nl/xjld131']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee72-aa30-461c-b58d-4454950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:22.000Z",
"modified": "2016-06-24T08:25:22.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'jd-products.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee73-3df0-4fb7-a397-4eb2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:23.000Z",
"modified": "2016-06-24T08:25:23.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '83.96.159.64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee73-6504-4441-bc71-4e92950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:23.000Z",
"modified": "2016-06-24T08:25:23.000Z",
"description": "download location",
"pattern": "[url:value = 'http://beautifulhosting.com.au/rxn80']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee73-35bc-4d08-b6f7-4b40950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:23.000Z",
"modified": "2016-06-24T08:25:23.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'beautifulhosting.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--576cee73-38ac-4474-8526-4e7c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:23.000Z",
"modified": "2016-06-24T08:25:23.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '112.140.178.249']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-06-24T08:25:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--576cee8b-b888-45a1-af24-4e2b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-06-24T08:25:47.000Z",
"modified": "2016-06-24T08:25:47.000Z",
"labels": [
"misp:type=\"user-agent\"",
"misp:category=\"Network activity\""
],
"x_misp_category": "Network activity",
"x_misp_type": "user-agent",
"x_misp_value": "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)"
}
]
}
Reference in a new issue View git blame Copy permalink