3872 lines
No EOL
158 KiB
JSON
3872 lines
No EOL
158 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--5799af90-d8b4-416a-b5fb-49dc950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:14.000Z",
|
|
"modified": "2016-07-28T07:15:14.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--5799af90-d8b4-416a-b5fb-49dc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:14.000Z",
|
|
"modified": "2016-07-28T07:15:14.000Z",
|
|
"name": "OSINT - The Mad Max DGA",
|
|
"published": "2016-07-28T07:17:02Z",
|
|
"object_refs": [
|
|
"observed-data--5799af9a-f10c-46ab-b042-4dba950d210f",
|
|
"url--5799af9a-f10c-46ab-b042-4dba950d210f",
|
|
"x-misp-attribute--5799afae-6d78-488e-90e5-4574950d210f",
|
|
"x-misp-attribute--5799afb9-5408-4594-a2a6-4f9d950d210f",
|
|
"indicator--5799afcf-ef34-4c49-9470-4dcc950d210f",
|
|
"indicator--5799b001-fc88-4975-8e20-4a4f02de0b81",
|
|
"indicator--5799b001-ae00-4916-99ce-498202de0b81",
|
|
"observed-data--5799b002-c028-4c13-8a66-476302de0b81",
|
|
"url--5799b002-c028-4c13-8a66-476302de0b81",
|
|
"indicator--5799b027-d0e4-4b47-ba7e-4f06950d210f",
|
|
"x-misp-attribute--5799b05b-f38c-482d-be15-4532950d210f",
|
|
"indicator--5799b07d-d578-4220-9197-4fa0950d210f",
|
|
"indicator--5799b0e5-1c84-4db6-aa51-4609950d210f",
|
|
"indicator--5799b0e6-587c-4883-992d-4b7b950d210f",
|
|
"indicator--5799b0e6-821c-44cb-85bf-4ada950d210f",
|
|
"indicator--5799b0e6-4058-4108-931b-4071950d210f",
|
|
"indicator--5799b0e6-2998-4608-b782-4587950d210f",
|
|
"indicator--5799b0e6-3c34-42ef-9fcc-4560950d210f",
|
|
"indicator--5799b0e7-c724-47f9-abde-4496950d210f",
|
|
"indicator--5799b0e7-89ec-4f88-98ca-4cf6950d210f",
|
|
"indicator--5799b0e7-e040-4c60-9dd4-427b950d210f",
|
|
"indicator--5799b0e7-5b14-4e16-b7b7-4d69950d210f",
|
|
"indicator--5799b0e8-e3f0-4d17-8652-42ef950d210f",
|
|
"indicator--5799b0e8-1dc8-48b5-bcca-46d3950d210f",
|
|
"indicator--5799b0e8-2018-4229-986f-434f950d210f",
|
|
"indicator--5799b0e8-2cd8-4372-baea-4fb8950d210f",
|
|
"indicator--5799b0e8-2c48-4c27-8c5f-495f950d210f",
|
|
"indicator--5799b0e9-41c4-4667-8da4-4fdb950d210f",
|
|
"indicator--5799b0e9-f634-496a-8e27-4c86950d210f",
|
|
"indicator--5799b0e9-de30-4acc-bf35-4e70950d210f",
|
|
"indicator--5799b0e9-277c-48af-849f-4bec950d210f",
|
|
"indicator--5799b0e9-576c-4a53-b233-4fe5950d210f",
|
|
"indicator--5799b0ea-d5a0-4ce1-9e29-4193950d210f",
|
|
"indicator--5799b0ea-fdf8-4dcd-8486-467c950d210f",
|
|
"indicator--5799b0ea-3b28-4ba0-aa0e-4bb1950d210f",
|
|
"indicator--5799b0ea-495c-4308-919f-438e950d210f",
|
|
"indicator--5799b0eb-c740-49b0-89e8-4a09950d210f",
|
|
"indicator--5799b0eb-8e40-407d-a830-47b6950d210f",
|
|
"indicator--5799b0eb-569c-4d22-b8fb-4208950d210f",
|
|
"indicator--5799b0eb-0858-49bd-a641-40d8950d210f",
|
|
"indicator--5799b0eb-cf18-43b1-b38c-4e12950d210f",
|
|
"indicator--5799b0ec-c7a4-4f4d-b5a6-44bd950d210f",
|
|
"indicator--5799b0ec-eaa8-4c0c-a1ef-4c9f950d210f",
|
|
"indicator--5799b0ec-b370-475a-8a17-494d950d210f",
|
|
"indicator--5799b0ec-b928-4f90-9dfb-4674950d210f",
|
|
"indicator--5799b0ec-33c4-405b-9b00-4ab7950d210f",
|
|
"indicator--5799b0ed-1a14-44ed-b479-4e27950d210f",
|
|
"indicator--5799b0ed-f15c-426e-888d-495b950d210f",
|
|
"indicator--5799b0ed-15c4-479f-b20b-4d91950d210f",
|
|
"indicator--5799b0ed-e37c-47aa-afef-46f4950d210f",
|
|
"indicator--5799b0ed-9d10-49fa-8085-4f6e950d210f",
|
|
"indicator--5799b0ee-5250-4429-a9df-4eb9950d210f",
|
|
"indicator--5799b0ee-df30-4ec5-b364-4545950d210f",
|
|
"indicator--5799b0ee-e09c-4b6a-a507-491c950d210f",
|
|
"indicator--5799b0ee-132c-4f1f-b7b0-4692950d210f",
|
|
"indicator--5799b0ee-8b58-44dc-a36d-4ade950d210f",
|
|
"indicator--5799b0ef-b6f4-4edf-a8f3-430c950d210f",
|
|
"indicator--5799b0ef-82e4-46d8-92bd-43a6950d210f",
|
|
"indicator--5799b0ef-8ef0-4fd7-a7f2-4ad5950d210f",
|
|
"indicator--5799b0ef-4850-48ef-baeb-4593950d210f",
|
|
"indicator--5799b0f0-bd78-47ae-8f5f-4340950d210f",
|
|
"indicator--5799b0f0-70c4-4916-a875-483b950d210f",
|
|
"indicator--5799b0f0-d1e4-4564-af4e-4991950d210f",
|
|
"indicator--5799b0f0-ab54-4a54-ac82-40e3950d210f",
|
|
"indicator--5799b0f0-84e8-4b77-be09-4073950d210f",
|
|
"indicator--5799b0f1-5920-46ae-a1e2-4ccd950d210f",
|
|
"indicator--5799b0f1-3e08-4949-96b2-4c4c950d210f",
|
|
"indicator--5799b0f1-c6c8-4d83-b04e-4491950d210f",
|
|
"indicator--5799b0f1-d640-4500-9d5f-4d64950d210f",
|
|
"indicator--5799b0f1-2558-4811-88c2-4291950d210f",
|
|
"indicator--5799b0f2-8860-4f2a-882a-4238950d210f",
|
|
"indicator--5799b0f2-740c-406a-8ecc-455f950d210f",
|
|
"indicator--5799b0f2-3fcc-446c-ba69-42c4950d210f",
|
|
"indicator--5799b0f2-df38-43bd-9fc0-43f0950d210f",
|
|
"indicator--5799b0f2-4420-43f0-b9a6-4f96950d210f",
|
|
"indicator--5799b0f2-379c-489b-ab17-4223950d210f",
|
|
"indicator--5799b0f3-63bc-4f60-bfdd-48fc950d210f",
|
|
"indicator--5799b0f3-54c0-4213-b089-44ea950d210f",
|
|
"indicator--5799b0f3-0390-4a77-9c98-48ee950d210f",
|
|
"indicator--5799b0f3-c42c-45f5-8a0c-4986950d210f",
|
|
"indicator--5799b0f3-ad80-49af-8c13-4289950d210f",
|
|
"indicator--5799b0f4-bc00-4b3c-9388-4fb7950d210f",
|
|
"indicator--5799b0f4-a8e0-41a4-99e8-46a4950d210f",
|
|
"indicator--5799b0f4-e498-47f6-95e4-46ab950d210f",
|
|
"indicator--5799b0f4-87bc-43b0-b8ea-4040950d210f",
|
|
"indicator--5799b0f4-e044-41c1-8c32-41a9950d210f",
|
|
"indicator--5799b0f5-7c18-47ae-baf3-4205950d210f",
|
|
"indicator--5799b0f5-be78-4a24-b2cd-4b51950d210f",
|
|
"indicator--5799b0f5-3f28-45df-922e-495c950d210f",
|
|
"indicator--5799b0f5-975c-4819-af0f-4119950d210f",
|
|
"indicator--5799b0f5-82c8-4e2d-8414-429a950d210f",
|
|
"indicator--5799b0f6-dc88-4469-9364-4ae5950d210f",
|
|
"indicator--5799b0f6-55f8-413c-9cd3-45ed950d210f",
|
|
"indicator--5799b0f6-9c5c-46d9-97b4-4ed8950d210f",
|
|
"indicator--5799b0f6-1ab0-4809-b42d-4b31950d210f",
|
|
"indicator--5799b0f6-f580-4779-b910-435b950d210f",
|
|
"indicator--5799b0f6-78d4-4185-8d68-4a3a950d210f",
|
|
"indicator--5799b0f7-8aa0-46c2-94f4-453f950d210f",
|
|
"indicator--5799b0f7-747c-44a0-ac93-414c950d210f",
|
|
"indicator--5799b0f7-5434-4b4f-a661-491c950d210f",
|
|
"indicator--5799b0f7-87d4-417a-8d94-45f5950d210f",
|
|
"indicator--5799b0f7-5b98-4325-b0a2-4eaa950d210f",
|
|
"indicator--5799b0f8-78c4-42fd-99b4-4df9950d210f",
|
|
"indicator--5799b0f8-bce0-4382-9ace-4629950d210f",
|
|
"indicator--5799b0f8-238c-4721-aedc-4031950d210f",
|
|
"indicator--5799b0f8-1d94-47b5-ba6a-44e2950d210f",
|
|
"indicator--5799b0f8-a370-41d3-8603-4bb1950d210f",
|
|
"indicator--5799b0f9-8430-424b-979c-4f8f950d210f",
|
|
"indicator--5799b0f9-32cc-4128-9dde-4314950d210f",
|
|
"indicator--5799b0f9-73a4-426a-9059-45e0950d210f",
|
|
"indicator--5799b0f9-588c-4b16-a731-4d5d950d210f",
|
|
"indicator--5799b0f9-9e90-4ae3-a256-44e5950d210f",
|
|
"indicator--5799b0fa-284c-4354-95b2-46f6950d210f",
|
|
"indicator--5799b0fa-cbf4-4cac-8dd9-4a88950d210f",
|
|
"indicator--5799b0fa-e700-44d5-b9e1-4757950d210f",
|
|
"indicator--5799b0fa-87dc-4f05-b383-4d6f950d210f",
|
|
"indicator--5799b0fa-7c84-4fc2-b70b-4ee6950d210f",
|
|
"indicator--5799b0fa-3fdc-4986-9ddf-4aca950d210f",
|
|
"indicator--5799b0fb-edc4-44d2-ae4f-4b1a950d210f",
|
|
"indicator--5799b0fb-81cc-4e6e-8cd5-4ef3950d210f",
|
|
"indicator--5799b0fb-224c-4e12-b3b2-4a1b950d210f",
|
|
"indicator--5799b0fb-18c4-4491-a1c4-4f5f950d210f",
|
|
"indicator--5799b0fb-1bac-4e89-95e4-4f91950d210f",
|
|
"indicator--5799b0fc-ffec-4a10-a43d-415e950d210f",
|
|
"indicator--5799b0fc-388c-4e7a-a4c9-4036950d210f",
|
|
"indicator--5799b0fc-3630-4aba-92e7-4fab950d210f",
|
|
"indicator--5799b0fc-a134-4c01-b433-4a59950d210f",
|
|
"indicator--5799b0fc-f820-4304-b286-4321950d210f",
|
|
"indicator--5799b0fc-7d6c-48d4-9ba5-46a3950d210f",
|
|
"indicator--5799b0fd-b780-43c1-b07f-479f950d210f",
|
|
"indicator--5799b0fd-eb28-4ef7-b50a-4316950d210f",
|
|
"indicator--5799b0fd-e41c-400f-b828-470f950d210f",
|
|
"indicator--5799b0fd-0c5c-413f-9d20-440a950d210f",
|
|
"indicator--5799b0fd-9c28-4ae3-a35c-4ff0950d210f",
|
|
"indicator--5799b0fd-51b4-4824-98c0-47ec950d210f",
|
|
"indicator--5799b0fe-70b0-40a4-9f5f-4bf5950d210f",
|
|
"indicator--5799b0fe-cec8-412c-ad3d-4ea5950d210f",
|
|
"indicator--5799b0fe-9568-4257-b88b-45fd950d210f",
|
|
"indicator--5799b0fe-4604-4dea-ba24-4df7950d210f",
|
|
"indicator--5799b0fe-da0c-474c-a1a3-423c950d210f",
|
|
"indicator--5799b0ff-d09c-4cf1-9f30-49b6950d210f",
|
|
"indicator--5799b0ff-7bf8-47c9-a11f-481f950d210f",
|
|
"indicator--5799b0ff-7e8c-47b3-a989-4e45950d210f",
|
|
"indicator--5799b0ff-daac-4df7-86a5-43e5950d210f",
|
|
"indicator--5799b0ff-d17c-44a0-8c7a-42f3950d210f",
|
|
"indicator--5799b100-fcd8-4db5-87a4-4ee1950d210f",
|
|
"indicator--5799b100-e054-4e5d-9f3c-483f950d210f",
|
|
"indicator--5799b100-d33c-48e9-932c-4068950d210f",
|
|
"indicator--5799b100-a644-4aaa-afa9-4d1d950d210f",
|
|
"indicator--5799b100-e730-4495-93f7-4e67950d210f",
|
|
"indicator--5799b101-c7a8-4fe7-ae5a-4187950d210f",
|
|
"indicator--5799b101-554c-4520-be12-49ca950d210f",
|
|
"indicator--5799b101-96bc-4f1e-873a-4079950d210f",
|
|
"indicator--5799b101-712c-4c54-b7d2-4560950d210f",
|
|
"indicator--5799b101-ba7c-4009-999d-437d950d210f",
|
|
"indicator--5799b102-80a8-4081-a961-4964950d210f"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"type:OSINT",
|
|
"circl:incident-classification=\"malware\""
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5799af9a-f10c-46ab-b042-4dba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:09:14.000Z",
|
|
"modified": "2016-07-28T07:09:14.000Z",
|
|
"first_observed": "2016-07-28T07:09:14Z",
|
|
"last_observed": "2016-07-28T07:09:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5799af9a-f10c-46ab-b042-4dba950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5799af9a-f10c-46ab-b042-4dba950d210f",
|
|
"value": "https://www.arbornetworks.com/blog/asert/mad-max-dga/"
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5799afae-6d78-488e-90e5-4574950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:09:34.000Z",
|
|
"modified": "2016-07-28T07:09:34.000Z",
|
|
"labels": [
|
|
"misp:type=\"comment\"",
|
|
"misp:category=\"External analysis\""
|
|
],
|
|
"x_misp_category": "External analysis",
|
|
"x_misp_type": "comment",
|
|
"x_misp_value": "This post describes a domain generation algorithm (DGA) used by the \u00e2\u20ac\u0153Mad Max\u00e2\u20ac\u009d malware family. Mad Max is a targeted trojan, and we plan to post a follow-up article that documents our findings regarding the features of the Mad Max malware itself. But for now we will focus on the reversing of its DGA, since we were unable to find any other published research on this topic.\r\n\r\nThe reference sample we focus on has MD5 hash c7d1357f4c4acceb1780db12ad1b4de1. It first came to our attention because it triggered an ETPro signature alert for \u00e2\u20ac\u0153APT.MADMAX\u00e2\u20ac\u009d while passing through our sandboxing automation. We could find very little published research on this threat, other than one analysis report from Sophos [1]."
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5799afb9-5408-4594-a2a6-4f9d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:09:45.000Z",
|
|
"modified": "2016-07-28T07:09:45.000Z",
|
|
"labels": [
|
|
"misp:type=\"text\"",
|
|
"misp:category=\"Antivirus detection\""
|
|
],
|
|
"x_misp_category": "Antivirus detection",
|
|
"x_misp_type": "text",
|
|
"x_misp_value": "APT.MADMAX"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799afcf-ef34-4c49-9470-4dcc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:10:07.000Z",
|
|
"modified": "2016-07-28T07:10:07.000Z",
|
|
"description": "The reference sample we focus",
|
|
"pattern": "[file:hashes.MD5 = 'c7d1357f4c4acceb1780db12ad1b4de1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:10:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload installation"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload installation\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b001-fc88-4975-8e20-4a4f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:10:57.000Z",
|
|
"modified": "2016-07-28T07:10:57.000Z",
|
|
"description": "The reference sample we focus - Xchecked via VT: c7d1357f4c4acceb1780db12ad1b4de1",
|
|
"pattern": "[file:hashes.SHA256 = '57976133193b732bb5602345d6aa7ff83555a365f415212dbefae016fc3b57aa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:10:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload installation"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload installation\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b001-ae00-4916-99ce-498202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:10:57.000Z",
|
|
"modified": "2016-07-28T07:10:57.000Z",
|
|
"description": "The reference sample we focus - Xchecked via VT: c7d1357f4c4acceb1780db12ad1b4de1",
|
|
"pattern": "[file:hashes.SHA1 = '693a9936e56d19448cedc9ccda519b4c0f57d7d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:10:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload installation"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload installation\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5799b002-c028-4c13-8a66-476302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:10:58.000Z",
|
|
"modified": "2016-07-28T07:10:58.000Z",
|
|
"first_observed": "2016-07-28T07:10:58Z",
|
|
"last_observed": "2016-07-28T07:10:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5799b002-c028-4c13-8a66-476302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5799b002-c028-4c13-8a66-476302de0b81",
|
|
"value": "https://www.virustotal.com/file/57976133193b732bb5602345d6aa7ff83555a365f415212dbefae016fc3b57aa/analysis/1469617861/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b027-d0e4-4b47-ba7e-4f06950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:11:35.000Z",
|
|
"modified": "2016-07-28T07:11:35.000Z",
|
|
"description": "During the reversing of Mad Max\u00e2\u20ac\u2122s DGA, the dropped DLL that we spent the most time with weighed 1,561,600 bytes",
|
|
"pattern": "[file:hashes.MD5 = '43538f5fb75003cbea84c9216e12c94a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:11:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload installation"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload installation\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5799b05b-f38c-482d-be15-4532950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:12:27.000Z",
|
|
"modified": "2016-07-28T07:12:27.000Z",
|
|
"labels": [
|
|
"misp:type=\"pattern-in-memory\"",
|
|
"misp:category=\"Artifacts dropped\"",
|
|
"misp:to_ids=\"True\""
|
|
],
|
|
"x_misp_category": "Artifacts dropped",
|
|
"x_misp_type": "pattern-in-memory",
|
|
"x_misp_value": "jfyicbya26h5hvepgq07zfsqmdk4xcet9annmwuw8rok3lzsxlvjpdubog1rit"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b07d-d578-4220-9197-4fa0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:13:01.000Z",
|
|
"modified": "2016-07-28T07:13:01.000Z",
|
|
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.253.126.58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:13:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e5-1c84-4db6-aa51-4609950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:45.000Z",
|
|
"modified": "2016-07-28T07:14:45.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.3ipp3xuzn2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e6-587c-4883-992d-4b7b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:46.000Z",
|
|
"modified": "2016-07-28T07:14:46.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.norkfcncep.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e6-821c-44cb-85bf-4ada950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:46.000Z",
|
|
"modified": "2016-07-28T07:14:46.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.b9koz9cfsv.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e6-4058-4108-931b-4071950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:46.000Z",
|
|
"modified": "2016-07-28T07:14:46.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.zl4w1ywkcb.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e6-2998-4608-b782-4587950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:46.000Z",
|
|
"modified": "2016-07-28T07:14:46.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.d0yfmwte92.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e6-3c34-42ef-9fcc-4560950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:46.000Z",
|
|
"modified": "2016-07-28T07:14:46.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.cqzlyy4r70.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e7-c724-47f9-abde-4496950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:47.000Z",
|
|
"modified": "2016-07-28T07:14:47.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.w6zwihbwio.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e7-89ec-4f88-98ca-4cf6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:47.000Z",
|
|
"modified": "2016-07-28T07:14:47.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.n2cackqdam.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e7-e040-4c60-9dd4-427b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:47.000Z",
|
|
"modified": "2016-07-28T07:14:47.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.6jh8djurlq.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e7-5b14-4e16-b7b7-4d69950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:47.000Z",
|
|
"modified": "2016-07-28T07:14:47.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.mdfpzugyee.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e8-e3f0-4d17-8652-42ef950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:48.000Z",
|
|
"modified": "2016-07-28T07:14:48.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.yucunblst3.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e8-1dc8-48b5-bcca-46d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:48.000Z",
|
|
"modified": "2016-07-28T07:14:48.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ms4qvaqbfj.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e8-2018-4229-986f-434f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:48.000Z",
|
|
"modified": "2016-07-28T07:14:48.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ovkdxfokzv.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e8-2cd8-4372-baea-4fb8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:48.000Z",
|
|
"modified": "2016-07-28T07:14:48.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.u6urscrrk6.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e8-2c48-4c27-8c5f-495f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:48.000Z",
|
|
"modified": "2016-07-28T07:14:48.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.7wxdv4ko7j.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e9-41c4-4667-8da4-4fdb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:49.000Z",
|
|
"modified": "2016-07-28T07:14:49.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.a3wanm9tiu.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e9-f634-496a-8e27-4c86950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:49.000Z",
|
|
"modified": "2016-07-28T07:14:49.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.8gdgsnvzbk.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e9-de30-4acc-bf35-4e70950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:49.000Z",
|
|
"modified": "2016-07-28T07:14:49.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.yucb4xun51.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e9-277c-48af-849f-4bec950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:49.000Z",
|
|
"modified": "2016-07-28T07:14:49.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.5iedn8pao3.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0e9-576c-4a53-b233-4fe5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:49.000Z",
|
|
"modified": "2016-07-28T07:14:49.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.n5wzg9nvlf.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ea-d5a0-4ce1-9e29-4193950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:50.000Z",
|
|
"modified": "2016-07-28T07:14:50.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.gy7h1eunzx.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ea-fdf8-4dcd-8486-467c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:50.000Z",
|
|
"modified": "2016-07-28T07:14:50.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.q77mygab2h.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ea-3b28-4ba0-aa0e-4bb1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:50.000Z",
|
|
"modified": "2016-07-28T07:14:50.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.x3vr7fujhv.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ea-495c-4308-919f-438e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:50.000Z",
|
|
"modified": "2016-07-28T07:14:50.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.k4gs4f0p1d.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0eb-c740-49b0-89e8-4a09950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:51.000Z",
|
|
"modified": "2016-07-28T07:14:51.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.t8ozdrm7it.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0eb-8e40-407d-a830-47b6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:51.000Z",
|
|
"modified": "2016-07-28T07:14:51.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.lwhma1sp3b.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0eb-569c-4d22-b8fb-4208950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:51.000Z",
|
|
"modified": "2016-07-28T07:14:51.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.jcevu6f8qn.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0eb-0858-49bd-a641-40d8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:51.000Z",
|
|
"modified": "2016-07-28T07:14:51.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.wb02o7dcww.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0eb-cf18-43b1-b38c-4e12950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:51.000Z",
|
|
"modified": "2016-07-28T07:14:51.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.lufwdyiqcl.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ec-c7a4-4f4d-b5a6-44bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:52.000Z",
|
|
"modified": "2016-07-28T07:14:52.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.k4uso1k8gw.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ec-eaa8-4c0c-a1ef-4c9f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:52.000Z",
|
|
"modified": "2016-07-28T07:14:52.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.e8ypd5j6cu.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ec-b370-475a-8a17-494d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:52.000Z",
|
|
"modified": "2016-07-28T07:14:52.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.sddtlblj6b.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ec-b928-4f90-9dfb-4674950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:52.000Z",
|
|
"modified": "2016-07-28T07:14:52.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.gxqy0a6cr3.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ec-33c4-405b-9b00-4ab7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:52.000Z",
|
|
"modified": "2016-07-28T07:14:52.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.zmxguyaa0d.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ed-1a14-44ed-b479-4e27950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:53.000Z",
|
|
"modified": "2016-07-28T07:14:53.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.tuagk50g8f.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ed-f15c-426e-888d-495b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:53.000Z",
|
|
"modified": "2016-07-28T07:14:53.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.dara03tcod.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ed-15c4-479f-b20b-4d91950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:53.000Z",
|
|
"modified": "2016-07-28T07:14:53.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.tlw495w9fy.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ed-e37c-47aa-afef-46f4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:53.000Z",
|
|
"modified": "2016-07-28T07:14:53.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.q9efocpl9a.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ed-9d10-49fa-8085-4f6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:53.000Z",
|
|
"modified": "2016-07-28T07:14:53.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.h53tk2ckgc.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ee-5250-4429-a9df-4eb9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:54.000Z",
|
|
"modified": "2016-07-28T07:14:54.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.84j8ctoyno.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ee-df30-4ec5-b364-4545950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:54.000Z",
|
|
"modified": "2016-07-28T07:14:54.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.cahxfxwhdl.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ee-e09c-4b6a-a507-491c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:54.000Z",
|
|
"modified": "2016-07-28T07:14:54.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.hi6ke3wjg5.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ee-132c-4f1f-b7b0-4692950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:54.000Z",
|
|
"modified": "2016-07-28T07:14:54.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.win1kzex2h.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ee-8b58-44dc-a36d-4ade950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:54.000Z",
|
|
"modified": "2016-07-28T07:14:54.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.lkddneksnw.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ef-b6f4-4edf-a8f3-430c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:55.000Z",
|
|
"modified": "2016-07-28T07:14:55.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ovfqt1wjba.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ef-82e4-46d8-92bd-43a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:55.000Z",
|
|
"modified": "2016-07-28T07:14:55.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.aniiz4kdof.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ef-8ef0-4fd7-a7f2-4ad5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:55.000Z",
|
|
"modified": "2016-07-28T07:14:55.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.5oh99oqwdd.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ef-4850-48ef-baeb-4593950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:55.000Z",
|
|
"modified": "2016-07-28T07:14:55.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.d2dpbnmola.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f0-bd78-47ae-8f5f-4340950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:56.000Z",
|
|
"modified": "2016-07-28T07:14:56.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.8ryede20if.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f0-70c4-4916-a875-483b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:56.000Z",
|
|
"modified": "2016-07-28T07:14:56.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.iuj5agqlbr.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f0-d1e4-4564-af4e-4991950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:56.000Z",
|
|
"modified": "2016-07-28T07:14:56.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.bu0acmfjvq.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f0-ab54-4a54-ac82-40e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:56.000Z",
|
|
"modified": "2016-07-28T07:14:56.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.43apmlncap.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f0-84e8-4b77-be09-4073950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:56.000Z",
|
|
"modified": "2016-07-28T07:14:56.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.d0m1c7devn.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f1-5920-46ae-a1e2-4ccd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:57.000Z",
|
|
"modified": "2016-07-28T07:14:57.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.bdw0gn8ne9.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f1-3e08-4949-96b2-4c4c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:57.000Z",
|
|
"modified": "2016-07-28T07:14:57.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.9c8lj4fko5.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f1-c6c8-4d83-b04e-4491950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:57.000Z",
|
|
"modified": "2016-07-28T07:14:57.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.zti79gweis.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f1-d640-4500-9d5f-4d64950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:57.000Z",
|
|
"modified": "2016-07-28T07:14:57.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.sc2k3hlvwx.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f1-2558-4811-88c2-4291950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:57.000Z",
|
|
"modified": "2016-07-28T07:14:57.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.aonbxu3hnd.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f2-8860-4f2a-882a-4238950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:58.000Z",
|
|
"modified": "2016-07-28T07:14:58.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.oybsgskbne.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f2-740c-406a-8ecc-455f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:58.000Z",
|
|
"modified": "2016-07-28T07:14:58.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ptvrgivuiq.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f2-3fcc-446c-ba69-42c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:58.000Z",
|
|
"modified": "2016-07-28T07:14:58.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.iovljwr3n4.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f2-df38-43bd-9fc0-43f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:58.000Z",
|
|
"modified": "2016-07-28T07:14:58.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.jybiis0pee.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f2-4420-43f0-b9a6-4f96950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:58.000Z",
|
|
"modified": "2016-07-28T07:14:58.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.oamkjmuhnr.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f2-379c-489b-ab17-4223950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:58.000Z",
|
|
"modified": "2016-07-28T07:14:58.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.n6jj3oqmzc.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f3-63bc-4f60-bfdd-48fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:59.000Z",
|
|
"modified": "2016-07-28T07:14:59.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.kkgchkblea.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f3-54c0-4213-b089-44ea950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:59.000Z",
|
|
"modified": "2016-07-28T07:14:59.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.0dljcawhwp.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f3-0390-4a77-9c98-48ee950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:59.000Z",
|
|
"modified": "2016-07-28T07:14:59.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.auvkhn16f9.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f3-c42c-45f5-8a0c-4986950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:59.000Z",
|
|
"modified": "2016-07-28T07:14:59.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.fmwglrs6aj.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f3-ad80-49af-8c13-4289950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:14:59.000Z",
|
|
"modified": "2016-07-28T07:14:59.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.d5rwfbm8qf.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:14:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f4-bc00-4b3c-9388-4fb7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:00.000Z",
|
|
"modified": "2016-07-28T07:15:00.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ecickytlhg.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f4-a8e0-41a4-99e8-46a4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:00.000Z",
|
|
"modified": "2016-07-28T07:15:00.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.at7vcefg1a.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f4-e498-47f6-95e4-46ab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:00.000Z",
|
|
"modified": "2016-07-28T07:15:00.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.efqkyjaflp.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f4-87bc-43b0-b8ea-4040950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:00.000Z",
|
|
"modified": "2016-07-28T07:15:00.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ulitjdfbs1.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f4-e044-41c1-8c32-41a9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:00.000Z",
|
|
"modified": "2016-07-28T07:15:00.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.9qnr6oyssk.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f5-7c18-47ae-baf3-4205950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:01.000Z",
|
|
"modified": "2016-07-28T07:15:01.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.4eabktj4al.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f5-be78-4a24-b2cd-4b51950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:01.000Z",
|
|
"modified": "2016-07-28T07:15:01.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.9varj35nsb.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f5-3f28-45df-922e-495c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:01.000Z",
|
|
"modified": "2016-07-28T07:15:01.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.s82r4luxrw.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f5-975c-4819-af0f-4119950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:01.000Z",
|
|
"modified": "2016-07-28T07:15:01.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.avuhtrgawe.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f5-82c8-4e2d-8414-429a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:01.000Z",
|
|
"modified": "2016-07-28T07:15:01.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.v4begpio9s.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f6-dc88-4469-9364-4ae5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:02.000Z",
|
|
"modified": "2016-07-28T07:15:02.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.qkqlh7fkuz.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f6-55f8-413c-9cd3-45ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:02.000Z",
|
|
"modified": "2016-07-28T07:15:02.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.sozlflvrdn.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f6-9c5c-46d9-97b4-4ed8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:02.000Z",
|
|
"modified": "2016-07-28T07:15:02.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.4buzxug5wz.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f6-1ab0-4809-b42d-4b31950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:02.000Z",
|
|
"modified": "2016-07-28T07:15:02.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.pipo6fidim.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f6-f580-4779-b910-435b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:02.000Z",
|
|
"modified": "2016-07-28T07:15:02.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.oavgocbqyd.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f6-78d4-4185-8d68-4a3a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:02.000Z",
|
|
"modified": "2016-07-28T07:15:02.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.dxhgzvc5bn.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f7-8aa0-46c2-94f4-453f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:03.000Z",
|
|
"modified": "2016-07-28T07:15:03.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.1nxkak8yvo.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f7-747c-44a0-ac93-414c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:03.000Z",
|
|
"modified": "2016-07-28T07:15:03.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ikssxlzftv.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f7-5434-4b4f-a661-491c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:03.000Z",
|
|
"modified": "2016-07-28T07:15:03.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.6yena7muyi.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f7-87d4-417a-8d94-45f5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:03.000Z",
|
|
"modified": "2016-07-28T07:15:03.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.5mswkfpzq5.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f7-5b98-4325-b0a2-4eaa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:03.000Z",
|
|
"modified": "2016-07-28T07:15:03.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.dbajiezq61.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f8-78c4-42fd-99b4-4df9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:04.000Z",
|
|
"modified": "2016-07-28T07:15:04.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ebxevvp7lz.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f8-bce0-4382-9ace-4629950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:04.000Z",
|
|
"modified": "2016-07-28T07:15:04.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.qy3qn7ccl4.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f8-238c-4721-aedc-4031950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:04.000Z",
|
|
"modified": "2016-07-28T07:15:04.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.qnrpkzdr24.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f8-1d94-47b5-ba6a-44e2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:04.000Z",
|
|
"modified": "2016-07-28T07:15:04.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.wbk5mt3tmu.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f8-a370-41d3-8603-4bb1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:04.000Z",
|
|
"modified": "2016-07-28T07:15:04.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ummoejaz44.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f9-8430-424b-979c-4f8f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:05.000Z",
|
|
"modified": "2016-07-28T07:15:05.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.xmuo30ddhw.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f9-32cc-4128-9dde-4314950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:05.000Z",
|
|
"modified": "2016-07-28T07:15:05.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ml219cyxyp.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f9-73a4-426a-9059-45e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:05.000Z",
|
|
"modified": "2016-07-28T07:15:05.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.p4e8ev61mg.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f9-588c-4b16-a731-4d5d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:05.000Z",
|
|
"modified": "2016-07-28T07:15:05.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.9r2nlncjqm.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0f9-9e90-4ae3-a256-44e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:05.000Z",
|
|
"modified": "2016-07-28T07:15:05.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.vdnjax5lmw.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fa-284c-4354-95b2-46f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:06.000Z",
|
|
"modified": "2016-07-28T07:15:06.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.lleafj9q6y.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fa-cbf4-4cac-8dd9-4a88950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:06.000Z",
|
|
"modified": "2016-07-28T07:15:06.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.bgyeydxsu7.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fa-e700-44d5-b9e1-4757950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:06.000Z",
|
|
"modified": "2016-07-28T07:15:06.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.m6u8pqstmz.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fa-87dc-4f05-b383-4d6f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:06.000Z",
|
|
"modified": "2016-07-28T07:15:06.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.15fe6ouzhm.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fa-7c84-4fc2-b70b-4ee6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:06.000Z",
|
|
"modified": "2016-07-28T07:15:06.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.efvdz4a52w.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fa-3fdc-4986-9ddf-4aca950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:06.000Z",
|
|
"modified": "2016-07-28T07:15:06.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.5shtguwy5y.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fb-edc4-44d2-ae4f-4b1a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:07.000Z",
|
|
"modified": "2016-07-28T07:15:07.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.muwiyn4lvd.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fb-81cc-4e6e-8cd5-4ef3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:07.000Z",
|
|
"modified": "2016-07-28T07:15:07.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ganuj7lstm.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fb-224c-4e12-b3b2-4a1b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:07.000Z",
|
|
"modified": "2016-07-28T07:15:07.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.wyiywtizcw.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fb-18c4-4491-a1c4-4f5f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:07.000Z",
|
|
"modified": "2016-07-28T07:15:07.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.sb3ydum9tt.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fb-1bac-4e89-95e4-4f91950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:07.000Z",
|
|
"modified": "2016-07-28T07:15:07.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.cuqndqykyn.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fc-ffec-4a10-a43d-415e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:08.000Z",
|
|
"modified": "2016-07-28T07:15:08.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.36dfnss0ay.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fc-388c-4e7a-a4c9-4036950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:08.000Z",
|
|
"modified": "2016-07-28T07:15:08.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.aqe4c5zj3k.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fc-3630-4aba-92e7-4fab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:08.000Z",
|
|
"modified": "2016-07-28T07:15:08.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.qasygeakes.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fc-a134-4c01-b433-4a59950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:08.000Z",
|
|
"modified": "2016-07-28T07:15:08.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.yz3fnfbqqa.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fc-f820-4304-b286-4321950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:08.000Z",
|
|
"modified": "2016-07-28T07:15:08.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.muwenvpb9h.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fc-7d6c-48d4-9ba5-46a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:08.000Z",
|
|
"modified": "2016-07-28T07:15:08.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.whvr841hjs.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fd-b780-43c1-b07f-479f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:09.000Z",
|
|
"modified": "2016-07-28T07:15:09.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.pg0tndvnuq.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fd-eb28-4ef7-b50a-4316950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:09.000Z",
|
|
"modified": "2016-07-28T07:15:09.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.cdmcowgsw0.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fd-e41c-400f-b828-470f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:09.000Z",
|
|
"modified": "2016-07-28T07:15:09.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.akxnea6j2k.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fd-0c5c-413f-9d20-440a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:09.000Z",
|
|
"modified": "2016-07-28T07:15:09.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.pykrlt96ci.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fd-9c28-4ae3-a35c-4ff0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:09.000Z",
|
|
"modified": "2016-07-28T07:15:09.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.dtitoebznc.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fd-51b4-4824-98c0-47ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:09.000Z",
|
|
"modified": "2016-07-28T07:15:09.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.iqm0ncmlty.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fe-70b0-40a4-9f5f-4bf5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:10.000Z",
|
|
"modified": "2016-07-28T07:15:10.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.59kneir7td.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fe-cec8-412c-ad3d-4ea5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:10.000Z",
|
|
"modified": "2016-07-28T07:15:10.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.wmi7swjzxh.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fe-9568-4257-b88b-45fd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:10.000Z",
|
|
"modified": "2016-07-28T07:15:10.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.jbagepu54e.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fe-4604-4dea-ba24-4df7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:10.000Z",
|
|
"modified": "2016-07-28T07:15:10.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.eftjllp0k9.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0fe-da0c-474c-a1a3-423c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:10.000Z",
|
|
"modified": "2016-07-28T07:15:10.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.qbnrsypzap.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ff-d09c-4cf1-9f30-49b6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:11.000Z",
|
|
"modified": "2016-07-28T07:15:11.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.6asglp09sf.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ff-7bf8-47c9-a11f-481f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:11.000Z",
|
|
"modified": "2016-07-28T07:15:11.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.b2igkosvy7.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ff-7e8c-47b3-a989-4e45950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:11.000Z",
|
|
"modified": "2016-07-28T07:15:11.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.4bpifpk85d.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ff-daac-4df7-86a5-43e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:11.000Z",
|
|
"modified": "2016-07-28T07:15:11.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.hnipgwg00w.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b0ff-d17c-44a0-8c7a-42f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:11.000Z",
|
|
"modified": "2016-07-28T07:15:11.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.r3ngsciwxs.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b100-fcd8-4db5-87a4-4ee1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:12.000Z",
|
|
"modified": "2016-07-28T07:15:12.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.ib3cdbcoe1.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b100-e054-4e5d-9f3c-483f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:12.000Z",
|
|
"modified": "2016-07-28T07:15:12.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.alqkjj0lpa.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b100-d33c-48e9-932c-4068950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:12.000Z",
|
|
"modified": "2016-07-28T07:15:12.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.yp9bd1yuio.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b100-a644-4aaa-afa9-4d1d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:12.000Z",
|
|
"modified": "2016-07-28T07:15:12.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.pkxcla4lqj.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b100-e730-4495-93f7-4e67950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:12.000Z",
|
|
"modified": "2016-07-28T07:15:12.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.xjnf8aswtj.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b101-c7a8-4fe7-ae5a-4187950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:13.000Z",
|
|
"modified": "2016-07-28T07:15:13.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.shbpagdfgg.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b101-554c-4520-be12-49ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:13.000Z",
|
|
"modified": "2016-07-28T07:15:13.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.qksibgsbkb.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b101-96bc-4f1e-873a-4079950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:13.000Z",
|
|
"modified": "2016-07-28T07:15:13.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.mwtetcdhcp.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b101-712c-4c54-b7d2-4560950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:13.000Z",
|
|
"modified": "2016-07-28T07:15:13.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.nazqb1dulk.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b101-ba7c-4009-999d-437d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:13.000Z",
|
|
"modified": "2016-07-28T07:15:13.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.gpsh39jabf.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5799b102-80a8-4081-a961-4964950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2016-07-28T07:15:14.000Z",
|
|
"modified": "2016-07-28T07:15:14.000Z",
|
|
"description": "Mad Max Domains for 2015 through 2017",
|
|
"pattern": "[domain-name:value = 'www.87uaj1f4cp.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-07-28T07:15:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |