2956 lines
No EOL
120 KiB
JSON
2956 lines
No EOL
120 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--57b5892a-bfd8-49f1-8d6b-4a3d950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-23T13:32:47.000Z",
|
|
"modified": "2016-08-23T13:32:47.000Z",
|
|
"name": "CthulhuSPRL.be",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--57b5892a-bfd8-49f1-8d6b-4a3d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-23T13:32:47.000Z",
|
|
"modified": "2016-08-23T13:32:47.000Z",
|
|
"name": "OSINT Rex -Linux P2P Ransom botnet by This Is Security blog",
|
|
"published": "2017-01-11T18:00:49Z",
|
|
"object_refs": [
|
|
"observed-data--57b58935-bb84-4856-8919-4b5e950d210f",
|
|
"url--57b58935-bb84-4856-8919-4b5e950d210f",
|
|
"vulnerability--57b589c1-1338-4889-9c62-49a7950d210f",
|
|
"vulnerability--57b589c1-68bc-4a15-b4e1-43d1950d210f",
|
|
"vulnerability--57b589c1-c088-406c-8bc1-4f9f950d210f",
|
|
"vulnerability--57b589c1-b3b0-4738-b2c5-4cf6950d210f",
|
|
"vulnerability--57b589c1-8ba4-4c04-a274-40f3950d210f",
|
|
"indicator--57b589c1-c9b0-45c0-bdfe-46b2950d210f",
|
|
"indicator--57b589c1-e588-4a20-8cf7-4a6f950d210f",
|
|
"indicator--57b589c1-54dc-4a0d-aeb6-447d950d210f",
|
|
"indicator--57b589c2-bcd4-4637-a957-4ca8950d210f",
|
|
"indicator--57b589c2-a5f8-4971-a5b5-4b9d950d210f",
|
|
"indicator--57b589c2-2d48-4db9-a818-44a1950d210f",
|
|
"indicator--57b589c2-c9f8-4073-ba94-4aed950d210f",
|
|
"indicator--57b589c2-7e34-4f8f-b130-4f76950d210f",
|
|
"indicator--57b589c3-96dc-49b4-b734-4357950d210f",
|
|
"indicator--57b589c3-80ac-40cc-b431-4ecd950d210f",
|
|
"indicator--57b589c3-e55c-4ca0-83f0-44e0950d210f",
|
|
"indicator--57b589c3-6bf4-4a47-88b1-469e950d210f",
|
|
"indicator--57b589c4-e030-4114-aec9-484a950d210f",
|
|
"indicator--57b589c4-cab8-49c4-9124-4aad950d210f",
|
|
"indicator--57b589c4-0790-4f26-915b-4c71950d210f",
|
|
"indicator--57b589c4-fcac-4fd8-a9f5-494b950d210f",
|
|
"indicator--57b589c4-0fec-4b1f-b135-4c13950d210f",
|
|
"indicator--57b589c5-a104-4fb5-a50d-4258950d210f",
|
|
"indicator--57b589c5-15e0-4f60-8064-4939950d210f",
|
|
"indicator--57b589c5-2c34-499e-b682-4e91950d210f",
|
|
"indicator--57b589c5-eb2c-48b9-ae6b-4810950d210f",
|
|
"indicator--57b589c5-d500-4cbc-b5a4-4147950d210f",
|
|
"indicator--57b589c5-cdc8-4955-9763-402b950d210f",
|
|
"indicator--57b589c6-ecc4-4f7e-b681-42ca950d210f",
|
|
"indicator--57b589c6-f298-42d7-beb7-43b6950d210f",
|
|
"indicator--57b589c6-4b1c-47c2-825e-4ce7950d210f",
|
|
"indicator--57b589c6-1628-46cf-9943-4bac950d210f",
|
|
"indicator--57b589c6-a7dc-4ebe-a466-495e950d210f",
|
|
"indicator--57b589c6-4718-4910-a783-4494950d210f",
|
|
"indicator--57b589c7-fc8c-4dd1-a0cc-40b3950d210f",
|
|
"indicator--57b589c7-fdd8-4c11-b0e5-4d36950d210f",
|
|
"indicator--57b589c7-4384-4138-a080-40d1950d210f",
|
|
"indicator--57b589c7-0f9c-4d2a-8bfa-464d950d210f",
|
|
"indicator--57b589c7-274c-4ee2-93a4-4ce4950d210f",
|
|
"indicator--57b589c8-efb8-4636-ae3a-4a31950d210f",
|
|
"indicator--57b589c8-46f8-4664-b64e-45b1950d210f",
|
|
"indicator--57b589c8-b98c-4fb9-bd46-4baf950d210f",
|
|
"indicator--57b589c8-762c-49b3-811f-4d63950d210f",
|
|
"indicator--57b589c8-9118-4b1d-94d1-4416950d210f",
|
|
"indicator--57b589c9-b864-4873-a8c6-4c6b950d210f",
|
|
"indicator--57b589c9-6844-4468-8d85-49d7950d210f",
|
|
"indicator--57b589c9-422c-42d4-b0e9-4cd2950d210f",
|
|
"indicator--57b589c9-8fc0-4581-9141-4d85950d210f",
|
|
"indicator--57b7067d-c190-4e02-a661-47ae950d210f",
|
|
"indicator--57b7067f-47d0-4d01-b064-4339950d210f",
|
|
"indicator--57b70680-7cb0-41be-bc19-49f2950d210f",
|
|
"indicator--57b70681-6d48-4e05-b469-4121950d210f",
|
|
"indicator--57b70683-5044-4581-bee4-48ec950d210f",
|
|
"indicator--57b70684-5d10-4e4b-987b-4d39950d210f",
|
|
"indicator--57b70685-ece0-47d8-adcb-455b950d210f",
|
|
"indicator--57b70687-4f7c-4bf0-aa05-4757950d210f",
|
|
"indicator--57b70688-7724-4563-b5e1-413f950d210f",
|
|
"indicator--57b70689-ccf0-4e55-b16d-407f950d210f",
|
|
"indicator--57b7068b-aafc-483f-b8b0-4087950d210f",
|
|
"indicator--57b7068c-0fc8-44c0-9bb7-47e7950d210f",
|
|
"indicator--57b7068e-2ee4-4edc-a674-4a2a950d210f",
|
|
"indicator--57b7068f-2f50-4f6a-b48d-4280950d210f",
|
|
"indicator--57b70690-f888-4de2-b45e-445b950d210f",
|
|
"indicator--57b70692-deac-4d8b-85f5-4d5c950d210f",
|
|
"indicator--57b70693-ef68-4f11-ad9d-49dc950d210f",
|
|
"indicator--57b70694-c070-445f-b24c-4218950d210f",
|
|
"indicator--57b70696-e720-4aef-8ca0-4650950d210f",
|
|
"indicator--57b70697-90e4-4eeb-933a-4bc8950d210f",
|
|
"indicator--57b70698-d1b8-48d6-a9f9-4b26950d210f",
|
|
"indicator--57b7069a-d2f0-4e85-a4f6-4aba950d210f",
|
|
"indicator--57b7069b-5694-49a2-998b-4291950d210f",
|
|
"indicator--57b7069d-d584-46de-869a-4edb950d210f",
|
|
"indicator--57b7069e-7aa4-43e9-a3b0-4c58950d210f",
|
|
"indicator--57b706a0-ef7c-479e-b57e-4678950d210f",
|
|
"indicator--57b706a1-b3f8-4b11-ae24-4472950d210f",
|
|
"indicator--57b7066c-8e08-48d1-864f-40db950d210f",
|
|
"indicator--57b7066e-6594-47e3-ab75-43e8950d210f",
|
|
"indicator--57b7066f-4870-4308-b4a3-4e17950d210f",
|
|
"indicator--57b70671-9c88-4bd1-9b7b-4954950d210f",
|
|
"indicator--57b70672-e5bc-4d9c-a94f-4184950d210f",
|
|
"indicator--57b70673-a804-40f7-89bc-4e4d950d210f",
|
|
"indicator--57b70675-d56c-4137-8581-4886950d210f",
|
|
"indicator--57b70676-5e74-4a66-b2ad-40f0950d210f",
|
|
"indicator--57b70677-57e4-460c-aae2-4ffe950d210f",
|
|
"indicator--57b70678-0a38-4be6-b111-459b950d210f",
|
|
"indicator--57b7067a-5b44-49f9-b9dc-4e99950d210f",
|
|
"indicator--57b7067b-a458-42bd-b110-4278950d210f",
|
|
"indicator--57b7067c-9568-48cf-b0af-4a45950d210f",
|
|
"indicator--57b7067e-a4b8-471b-912f-49dd950d210f",
|
|
"indicator--57b7067f-5c28-4059-a230-4b2a950d210f",
|
|
"indicator--57b70680-2ccc-4e2c-9911-4516950d210f",
|
|
"indicator--57b70682-4ad0-419f-b776-4749950d210f",
|
|
"indicator--57b70683-b854-4534-945e-46f7950d210f",
|
|
"indicator--57b70684-1a20-427f-bc62-4e6a950d210f",
|
|
"indicator--57b70686-70f8-47be-8f03-4b0c950d210f",
|
|
"indicator--57b70687-3d58-4cf8-ba7a-413b950d210f",
|
|
"indicator--57b70688-a540-4283-aab1-4188950d210f",
|
|
"indicator--57b7068a-1084-441a-99c2-47ff950d210f",
|
|
"indicator--57b7068b-4f78-4643-9496-4dee950d210f",
|
|
"indicator--57b7068d-0874-4d61-acc5-4971950d210f",
|
|
"indicator--57b7068e-c098-40aa-9778-4623950d210f",
|
|
"indicator--57b7068f-10a4-4d28-b312-4268950d210f",
|
|
"indicator--57b70691-438c-4c07-bcc2-4a4f950d210f",
|
|
"indicator--57b70692-98b0-4c88-9d40-47eb950d210f",
|
|
"indicator--57b70693-e8d0-4f95-9f82-4a2d950d210f",
|
|
"indicator--57b70695-51d8-41c0-a513-4108950d210f",
|
|
"indicator--57b70696-9f04-494f-ac40-44a8950d210f",
|
|
"indicator--57b70697-3940-4de5-bf83-448d950d210f",
|
|
"indicator--57b70699-f47c-4bd7-bcfe-453b950d210f",
|
|
"indicator--57b7069a-617c-42b8-bc82-4979950d210f",
|
|
"indicator--57b7069c-81dc-4213-b388-4beb950d210f",
|
|
"indicator--57b7069d-e464-4bcd-a7ce-4ab1950d210f",
|
|
"indicator--57b7069f-4888-4196-8000-451a950d210f",
|
|
"indicator--57b706a0-95a4-43d9-8e08-443a950d210f",
|
|
"indicator--57b706a1-05f4-4490-bd49-4065950d210f",
|
|
"indicator--57b70672-c7ac-4c64-9386-48bd950d210f",
|
|
"indicator--57b70675-01e0-42aa-b877-4acb950d210f",
|
|
"indicator--57b7068a-75f8-4e00-87e9-4495950d210f",
|
|
"indicator--57b706a2-c894-4294-81f8-40a4950d210f"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"OSINT"
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--57b58935-bb84-4856-8919-4b5e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:08:53.000Z",
|
|
"modified": "2016-08-18T10:08:53.000Z",
|
|
"first_observed": "2016-08-18T10:08:53Z",
|
|
"last_observed": "2016-08-18T10:08:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--57b58935-bb84-4856-8919-4b5e950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--57b58935-bb84-4856-8919-4b5e950d210f",
|
|
"value": "https://thisissecurity.net/2016/08/17/from-website-locker-to-ddos-rex/"
|
|
},
|
|
{
|
|
"type": "vulnerability",
|
|
"spec_version": "2.1",
|
|
"id": "vulnerability--57b589c1-1338-4889-9c62-49a7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-23T13:21:17.000Z",
|
|
"modified": "2016-08-23T13:21:17.000Z",
|
|
"name": "CVE-2014-3704",
|
|
"labels": [
|
|
"misp:type=\"vulnerability\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "cve",
|
|
"external_id": "CVE-2014-3704"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"type": "vulnerability",
|
|
"spec_version": "2.1",
|
|
"id": "vulnerability--57b589c1-68bc-4a15-b4e1-43d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-23T13:21:40.000Z",
|
|
"modified": "2016-08-23T13:21:40.000Z",
|
|
"name": "CVE-2016-0710",
|
|
"labels": [
|
|
"misp:type=\"vulnerability\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "cve",
|
|
"external_id": "CVE-2016-0710"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"type": "vulnerability",
|
|
"spec_version": "2.1",
|
|
"id": "vulnerability--57b589c1-c088-406c-8bc1-4f9f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-23T13:23:26.000Z",
|
|
"modified": "2016-08-23T13:23:26.000Z",
|
|
"name": "CVE-2016-1560",
|
|
"labels": [
|
|
"misp:type=\"vulnerability\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "cve",
|
|
"external_id": "CVE-2016-1560"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"type": "vulnerability",
|
|
"spec_version": "2.1",
|
|
"id": "vulnerability--57b589c1-b3b0-4738-b2c5-4cf6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-23T13:24:04.000Z",
|
|
"modified": "2016-08-23T13:24:04.000Z",
|
|
"name": "CVE-2015-8351",
|
|
"labels": [
|
|
"misp:type=\"vulnerability\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "cve",
|
|
"external_id": "CVE-2015-8351"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"type": "vulnerability",
|
|
"spec_version": "2.1",
|
|
"id": "vulnerability--57b589c1-8ba4-4c04-a274-40f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-23T13:20:51.000Z",
|
|
"modified": "2016-08-23T13:20:51.000Z",
|
|
"name": "CVE-2015-1397",
|
|
"labels": [
|
|
"misp:type=\"vulnerability\"",
|
|
"misp:category=\"External analysis\"",
|
|
"misp:to_ids=\"True\""
|
|
],
|
|
"external_references": [
|
|
{
|
|
"source_name": "cve",
|
|
"external_id": "CVE-2015-1397"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c1-c9b0-45c0-bdfe-46b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:13.000Z",
|
|
"modified": "2016-08-18T10:11:13.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[email-message:from_ref.value = 'armada.collective@gmail.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"email-src\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c1-e588-4a20-8cf7-4a6f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:13.000Z",
|
|
"modified": "2016-08-18T10:11:13.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '9070f56651f44ec722e17df67b8a954888e387a8f2574594c80937d0f39c471a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c1-54dc-4a0d-aeb6-447d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:13.000Z",
|
|
"modified": "2016-08-18T10:11:13.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'bf211d46551079e7f7646ffd6bfda065f1307ea81508d1625b5c65005d929cb3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c2-bcd4-4637-a957-4ca8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:14.000Z",
|
|
"modified": "2016-08-18T10:11:14.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '550b9b4c5b2dbe83fa3e227cca65b9b9768e2ea597c2e109205dba51faee5869']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c2-a5f8-4971-a5b5-4b9d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:14.000Z",
|
|
"modified": "2016-08-18T10:11:14.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '677464da2fcf73b9793daca3191501da02957af08a6471a047410ce99ea49405']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c2-2d48-4db9-a818-44a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:14.000Z",
|
|
"modified": "2016-08-18T10:11:14.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '69402f4bd7718a3403f1caaaa387edc70b299f6aecc06de39e3a9ac28873a184']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c2-c9f8-4073-ba94-4aed950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:14.000Z",
|
|
"modified": "2016-08-18T10:11:14.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '32c921dd4b755af519f648102098735a569a0326a79a911eb47174bd058e5c43']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c2-7e34-4f8f-b130-4f76950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:14.000Z",
|
|
"modified": "2016-08-18T10:11:14.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '52bf6ae8fe7a0a59ca8d089444207c173e20a7a11c8b5e815b937e2f4224da4f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c3-96dc-49b4-b734-4357950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:15.000Z",
|
|
"modified": "2016-08-18T10:11:15.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '950cd068d9c51b941bdfe4721a3156af15dc408d2df23c1f2bc41b87159b109e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c3-80ac-40cc-b431-4ecd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:15.000Z",
|
|
"modified": "2016-08-18T10:11:15.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '1f4d876b17a6d786aa793b9c529235f9f9e164d70a74d8d26ca850d18f1329a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c3-e55c-4ca0-83f0-44e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:15.000Z",
|
|
"modified": "2016-08-18T10:11:15.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '09f1967e97a97a1d0963a84823fa2611b9555866f09d7a04bb69bc4d877f9631']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c3-6bf4-4a47-88b1-469e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:15.000Z",
|
|
"modified": "2016-08-18T10:11:15.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '3e4cebd60a1d6a6b29bac68ace2547c2e3894a0e5865dd90aff5764f8e7dc16d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c4-e030-4114-aec9-484a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:15.000Z",
|
|
"modified": "2016-08-18T10:11:15.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'dcd0e1586630bc8c50fe600899bee76b853057fd9158ed541d7ddec53c8f2186']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c4-cab8-49c4-9124-4aad950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:16.000Z",
|
|
"modified": "2016-08-18T10:11:16.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'cb42573e36fb148bc1109229a1025cdcb375c166361605f0681da9e54e3ef81d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c4-0790-4f26-915b-4c71950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:16.000Z",
|
|
"modified": "2016-08-18T10:11:16.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '08ab4abd017568142d061ffd5a2592a491730dddb4485211fda53f39d43e3efb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c4-fcac-4fd8-a9f5-494b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:16.000Z",
|
|
"modified": "2016-08-18T10:11:16.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'ac36c87cacbe1b8327fae3084ebd1740a3a5c6c6f208c1c77da56932a9ca3be6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c4-0fec-4b1f-b135-4c13950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:16.000Z",
|
|
"modified": "2016-08-18T10:11:16.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'd67ae5639618a3409711377e124ef2c6293200aa3026b8b2996654db63645481']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c5-a104-4fb5-a50d-4258950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:17.000Z",
|
|
"modified": "2016-08-18T10:11:17.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'a1610e735042ce0197859e6fd7772039e63efce78d6c9cf642492d1c8f1d7540']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c5-15e0-4f60-8064-4939950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:17.000Z",
|
|
"modified": "2016-08-18T10:11:17.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '07dd2c7be7a0becb178967c43684c1a687deb217e87575d18fd6b73dc988bd78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c5-2c34-499e-b682-4e91950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:17.000Z",
|
|
"modified": "2016-08-18T10:11:17.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'dbc3f96fcbbfd90f877dc11fcdedca1c1e574b951ac70edc3160ed9f389c3fd3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c5-eb2c-48b9-ae6b-4810950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:17.000Z",
|
|
"modified": "2016-08-18T10:11:17.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '8e7eaed42f50c865f72f7351b87a988de5aa94781b4dab4ddbe993872435f293']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c5-d500-4cbc-b5a4-4147950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:17.000Z",
|
|
"modified": "2016-08-18T10:11:17.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '97c1ed3d52d663f9bad2eef716169f06053dc2bcf8e3d857b0a702e8fae546c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c5-cdc8-4955-9763-402b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:17.000Z",
|
|
"modified": "2016-08-18T10:11:17.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'a1000d4cb81cfb7dfac660722938f3d9c7cb6e36c33e129097ddd29f3dfd1890']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c6-ecc4-4f7e-b681-42ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:18.000Z",
|
|
"modified": "2016-08-18T10:11:18.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '9f568df46838872b389628b665940415d897823b2e1804e2625c3dfb0b6850b4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c6-f298-42d7-beb7-43b6950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:18.000Z",
|
|
"modified": "2016-08-18T10:11:18.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'cc01ba0825208402b0fc2eb62146e856f69d1e9f53b745d8f068f0d09e6170c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c6-4b1c-47c2-825e-4ce7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:18.000Z",
|
|
"modified": "2016-08-18T10:11:18.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '40c882738ea1e01cc4e8027dd6ce5d55552e5630c8f65e86db630fca09d85fa9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c6-1628-46cf-9943-4bac950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:18.000Z",
|
|
"modified": "2016-08-18T10:11:18.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '0e6c53797964b611c867cb5e5b492d45edf5472924c9a60a99433240f1712f15']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c6-a7dc-4ebe-a466-495e950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:18.000Z",
|
|
"modified": "2016-08-18T10:11:18.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'c79d7b2a8caf5cc19a019772053c54d1ec02f8ae15b577bbbbd9bf82f19caedb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c6-4718-4910-a783-4494950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:18.000Z",
|
|
"modified": "2016-08-18T10:11:18.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'd097f55f82e88a32b057010c96f553aa7c8ccef12c2a8484aab0fb3dab9d4a0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c7-fc8c-4dd1-a0cc-40b3950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:19.000Z",
|
|
"modified": "2016-08-18T10:11:19.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'c058d576a108bdcf637a6ed399b4d9a1e3bbb6f194882ffada01b85e79109f65']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c7-fdd8-4c11-b0e5-4d36950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:19.000Z",
|
|
"modified": "2016-08-18T10:11:19.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '339eaabda43fbf0ee0caa6021a999d383713498911523d2b21e2ee2f1541f78f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c7-4384-4138-a080-40d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:19.000Z",
|
|
"modified": "2016-08-18T10:11:19.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '3dee377037f7fcfd6539c23bb1cdc6eda46680c8773525b784150c1237788965']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c7-0f9c-4d2a-8bfa-464d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:19.000Z",
|
|
"modified": "2016-08-18T10:11:19.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '9d41dc182dee0690e5c5f08f9276548a85f4b986478fd30ec4208d95d54cffeb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c7-274c-4ee2-93a4-4ce4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:19.000Z",
|
|
"modified": "2016-08-18T10:11:19.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'b30dfa13f8dc7162f3edb43dff8507f82c01bd5bd6e5a1ae2e3b2e55dd6b10c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c8-efb8-4636-ae3a-4a31950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:20.000Z",
|
|
"modified": "2016-08-18T10:11:20.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'f7bc5d56312ae6205b21aa4c72708383716907754b037013f47bc88203fbb450']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c8-46f8-4664-b64e-45b1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:20.000Z",
|
|
"modified": "2016-08-18T10:11:20.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '9909910d6e008e15c98d26e214f619a7a82787137158784998d99b5c03cbe8f2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c8-b98c-4fb9-bd46-4baf950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:20.000Z",
|
|
"modified": "2016-08-18T10:11:20.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '2549560970bb8ebca0136f7d6c8111196295d083c6fd6101a7f9178089502cc0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c8-762c-49b3-811f-4d63950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:20.000Z",
|
|
"modified": "2016-08-18T10:11:20.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = 'fe2c837d1662ca47ebd86c0cf0a3a382ee589bce6b77dabae30801d71a7d280f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c8-9118-4b1d-94d1-4416950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:20.000Z",
|
|
"modified": "2016-08-18T10:11:20.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '67a3b5d1fb946daccd7f3562e35b90537f9032184a0605cc9b8613c91a4ea1be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c9-b864-4873-a8c6-4c6b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:21.000Z",
|
|
"modified": "2016-08-18T10:11:21.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '22a578f2d30f316d441b73efbeaa0b53641686d2fa75ad44d4d3992da9ceaf5f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c9-6844-4468-8d85-49d7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:21.000Z",
|
|
"modified": "2016-08-18T10:11:21.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '0723de24bc86eedde149c53e0f93a18596bed424e823f1b46c2f97e358931b83']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c9-422c-42d4-b0e9-4cd2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:21.000Z",
|
|
"modified": "2016-08-18T10:11:21.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '6b46b6eff4be06d47284492fed7f71c53103bfaa610952151bddebb8046a34f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b589c9-8fc0-4581-9141-4d85950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-18T10:11:21.000Z",
|
|
"modified": "2016-08-18T10:11:21.000Z",
|
|
"description": "Imported via the Freetext Import Tool",
|
|
"pattern": "[file:hashes.SHA256 = '9bd1d3a567e2036f8e57745dd81333911b06a34f4ed6d7d68daa674aac0d7b96']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-18T10:11:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7067d-c190-4e02-a661-47ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:41.000Z",
|
|
"modified": "2016-08-19T13:15:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ac72eea1a88b97c89a9c6d8a50cfe154']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7067f-47d0-4d01-b064-4339950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:43.000Z",
|
|
"modified": "2016-08-19T13:15:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = '86f0ee133fa72bc5a95bb7001adeee69']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70680-7cb0-41be-bc19-49f2950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:44.000Z",
|
|
"modified": "2016-08-19T13:15:44.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd9bf742f0e295affee522041e29b20ec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70681-6d48-4e05-b469-4121950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:45.000Z",
|
|
"modified": "2016-08-19T13:15:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7ce450337d2ed3f6b14518076f2e76c6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70683-5044-4581-bee4-48ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:47.000Z",
|
|
"modified": "2016-08-19T13:15:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ce29fb5d0d66154054effd740dbbd9ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70684-5d10-4e4b-987b-4d39950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:48.000Z",
|
|
"modified": "2016-08-19T13:15:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6e278be3182bc14440184b0ceb7838e8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70685-ece0-47d8-adcb-455b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:49.000Z",
|
|
"modified": "2016-08-19T13:15:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = '942699e2b6debfacec7ac278b947ce86']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70687-4f7c-4bf0-aa05-4757950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:51.000Z",
|
|
"modified": "2016-08-19T13:15:51.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ff00f41067f1a421b6502253507686cb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70688-7724-4563-b5e1-413f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:52.000Z",
|
|
"modified": "2016-08-19T13:15:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0339b04c8dc2cc5c6746bd5e2261ab61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70689-ccf0-4e55-b16d-407f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:53.000Z",
|
|
"modified": "2016-08-19T13:15:53.000Z",
|
|
"pattern": "[file:hashes.MD5 = '48fc6baaa84fb40fa9016e8017dc2964']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068b-aafc-483f-b8b0-4087950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:55.000Z",
|
|
"modified": "2016-08-19T13:15:55.000Z",
|
|
"pattern": "[file:hashes.MD5 = '99968719931f5ad719c5b84e68aecad5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068c-0fc8-44c0-9bb7-47e7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:56.000Z",
|
|
"modified": "2016-08-19T13:15:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4aa43cead9cf8c7ba9216e5df67981ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068e-2ee4-4edc-a674-4a2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:58.000Z",
|
|
"modified": "2016-08-19T13:15:58.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ab6723643832bfe712a8d30d5fba828c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068f-2f50-4f6a-b48d-4280950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:59.000Z",
|
|
"modified": "2016-08-19T13:15:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = '15c514a37849dfe22a2431c1e2ea1a52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70690-f888-4de2-b45e-445b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:00.000Z",
|
|
"modified": "2016-08-19T13:16:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = '92544ccc25cc3a2da956bf41b2331c98']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70692-deac-4d8b-85f5-4d5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:02.000Z",
|
|
"modified": "2016-08-19T13:16:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1b9b87630049af66d3ce27d022dcad0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70693-ef68-4f11-ad9d-49dc950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:03.000Z",
|
|
"modified": "2016-08-19T13:16:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bed1f21abcacf1ba8ce6093dec0a2333']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70694-c070-445f-b24c-4218950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:04.000Z",
|
|
"modified": "2016-08-19T13:16:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5ea6d08c158143faa3ba527580a3134a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70696-e720-4aef-8ca0-4650950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:06.000Z",
|
|
"modified": "2016-08-19T13:16:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ea6cf7b6dd9c4c3df17fdda4eced84fc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70697-90e4-4eeb-933a-4bc8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:07.000Z",
|
|
"modified": "2016-08-19T13:16:07.000Z",
|
|
"pattern": "[file:hashes.MD5 = '8590a0a0bb5649e018a379be0eaf298d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70698-d1b8-48d6-a9f9-4b26950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:08.000Z",
|
|
"modified": "2016-08-19T13:16:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5dbfd0d04210b3ebb24c84042bfba547']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7069a-d2f0-4e85-a4f6-4aba950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:10.000Z",
|
|
"modified": "2016-08-19T13:16:10.000Z",
|
|
"pattern": "[file:hashes.MD5 = '02872cf1685be0b62e66469eb81a1d7f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7069b-5694-49a2-998b-4291950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:11.000Z",
|
|
"modified": "2016-08-19T13:16:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = '71c7d77f2bf13f25d08c8263cfc9280b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7069d-d584-46de-869a-4edb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:13.000Z",
|
|
"modified": "2016-08-19T13:16:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6b0a330d0ab9e78ed16875220b01d969']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7069e-7aa4-43e9-a3b0-4c58950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:14.000Z",
|
|
"modified": "2016-08-19T13:16:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '82728dc807ce4f8bfe868c1a0b7900b9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b706a0-ef7c-479e-b57e-4678950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:16.000Z",
|
|
"modified": "2016-08-19T13:16:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a95547ade3f49fdcc96b6c72a0030bcc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b706a1-b3f8-4b11-ae24-4472950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:17.000Z",
|
|
"modified": "2016-08-19T13:16:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = '28a4975dab4ae6da842d3d7a3f12cfc6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7066c-8e08-48d1-864f-40db950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:24.000Z",
|
|
"modified": "2016-08-19T13:15:24.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '261fd77a9e6d780959965e666926b0b3f2a79d15']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7066e-6594-47e3-ab75-43e8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:26.000Z",
|
|
"modified": "2016-08-19T13:15:26.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '4e40fa5f57d4a61c6016c21eee0dc302ee9d3cc7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7066f-4870-4308-b4a3-4e17950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:27.000Z",
|
|
"modified": "2016-08-19T13:15:27.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'c7418b901fda548b7f888b352c7585e39c320f92']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70671-9c88-4bd1-9b7b-4954950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:29.000Z",
|
|
"modified": "2016-08-19T13:15:29.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'a190cf18ae76f4d5803851683c7731f72d8ba3bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70672-e5bc-4d9c-a94f-4184950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:30.000Z",
|
|
"modified": "2016-08-19T13:15:30.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'f2b0081c0958e1ef486ad1f397513bc4c36ff9cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70673-a804-40f7-89bc-4e4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:31.000Z",
|
|
"modified": "2016-08-19T13:15:31.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'bba051ec1d0c4b1ac6bc031aba5af5897cc82d16']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70675-d56c-4137-8581-4886950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:33.000Z",
|
|
"modified": "2016-08-19T13:15:33.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'c57fd105dc64d143aa30821adabca86e3d7ecb16']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70676-5e74-4a66-b2ad-40f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:34.000Z",
|
|
"modified": "2016-08-19T13:15:34.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'dd5401d25b6de778a7f80bef7fe7d6921d7a5350']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70677-57e4-460c-aae2-4ffe950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:35.000Z",
|
|
"modified": "2016-08-19T13:15:35.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'dee0915500eaeab59f877eb4374cad81239da9a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70678-0a38-4be6-b111-459b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:36.000Z",
|
|
"modified": "2016-08-19T13:15:36.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'e5070e160c5e4ecb1c763fa616f4c8484316f09c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7067a-5b44-49f9-b9dc-4e99950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:38.000Z",
|
|
"modified": "2016-08-19T13:15:38.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '32616d57e2218a358f56fb6853264af8148d4c14']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7067b-a458-42bd-b110-4278950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:39.000Z",
|
|
"modified": "2016-08-19T13:15:39.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '8f8e1e42b1fac09f2f4449ac93113a779dad744e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7067c-9568-48cf-b0af-4a45950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:40.000Z",
|
|
"modified": "2016-08-19T13:15:40.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '4f70ce5c2a9eb66b98882c4a250aba4b03cab88f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7067e-a4b8-471b-912f-49dd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:42.000Z",
|
|
"modified": "2016-08-19T13:15:42.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '44e2de941b5e7300d7d6a58a36a5a8cf22fbb621']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7067f-5c28-4059-a230-4b2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:43.000Z",
|
|
"modified": "2016-08-19T13:15:43.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'dbfd2cec133c3c4c45760e4ca6a04c4b20b5a564']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70680-2ccc-4e2c-9911-4516950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:44.000Z",
|
|
"modified": "2016-08-19T13:15:44.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'fbea71e6960baf90f2930dc7ec180ff20adb3b6c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70682-4ad0-419f-b776-4749950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:46.000Z",
|
|
"modified": "2016-08-19T13:15:46.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '38e862645295b268d30f34978ebb65fba787343f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70683-b854-4534-945e-46f7950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:47.000Z",
|
|
"modified": "2016-08-19T13:15:47.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '0a1e1a134dffc7137b933934d1e76a6a58cc659a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70684-1a20-427f-bc62-4e6a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:48.000Z",
|
|
"modified": "2016-08-19T13:15:48.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'ab7f933f963ab911523521d1522b2063d0e22d04']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70686-70f8-47be-8f03-4b0c950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:50.000Z",
|
|
"modified": "2016-08-19T13:15:50.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'cf4035393e760c44a1c293fe511a8ab166d0283c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70687-3d58-4cf8-ba7a-413b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:51.000Z",
|
|
"modified": "2016-08-19T13:15:51.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '209a33d6776928533dbd7f96fecafb3aaa637bab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70688-a540-4283-aab1-4188950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:52.000Z",
|
|
"modified": "2016-08-19T13:15:52.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '9ae1fa769d48772bdfda88da337460e6882ac6af']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068a-1084-441a-99c2-47ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:54.000Z",
|
|
"modified": "2016-08-19T13:15:54.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '49281571f626154f3a0ed979e6c3d154ca72a5b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068b-4f78-4643-9496-4dee950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:55.000Z",
|
|
"modified": "2016-08-19T13:15:55.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'ee7cc9484d9d0534ad2f61d90fc0cd4bf67b782e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068d-0874-4d61-acc5-4971950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:57.000Z",
|
|
"modified": "2016-08-19T13:15:57.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '7557ff1db247dcf9e6876fc50209cbafc36f8192']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068e-c098-40aa-9778-4623950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:58.000Z",
|
|
"modified": "2016-08-19T13:15:58.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '9066892fee2cfbf12ddb0e3f356ed9c4882c58fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068f-10a4-4d28-b312-4268950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:59.000Z",
|
|
"modified": "2016-08-19T13:15:59.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '453b47a97027c7c40f27173fb3dd52a2f95be571']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70691-438c-4c07-bcc2-4a4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:01.000Z",
|
|
"modified": "2016-08-19T13:16:01.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '385a3631b7e67d101f7a896d7f821c26d67b72a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70692-98b0-4c88-9d40-47eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:02.000Z",
|
|
"modified": "2016-08-19T13:16:02.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '28ab6b2fb6011688593d22ada78ebff098467415']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70693-e8d0-4f95-9f82-4a2d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:03.000Z",
|
|
"modified": "2016-08-19T13:16:03.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '327e68fcc2805735d47bbff7ece5611e028623cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70695-51d8-41c0-a513-4108950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:05.000Z",
|
|
"modified": "2016-08-19T13:16:05.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'a2eca13110524e4f29e2641d02fbb2411617c0d6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70696-9f04-494f-ac40-44a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:06.000Z",
|
|
"modified": "2016-08-19T13:16:06.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'd9b872956a917823335fbdcd3c2254e46c851723']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70697-3940-4de5-bf83-448d950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:07.000Z",
|
|
"modified": "2016-08-19T13:16:07.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '9818acdd7bc627e2c87673b88dc16203908075a5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70699-f47c-4bd7-bcfe-453b950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:09.000Z",
|
|
"modified": "2016-08-19T13:16:09.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '475f45d3937176c0ba848afed318fbaa3303f73a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7069a-617c-42b8-bc82-4979950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:10.000Z",
|
|
"modified": "2016-08-19T13:16:10.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'f5fbac9efd268c323c34eb5c092b34adbfdd02a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7069c-81dc-4213-b388-4beb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:12.000Z",
|
|
"modified": "2016-08-19T13:16:12.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'ee4173cc2a14d380920dd0e8312fc9c26aa13788']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7069d-e464-4bcd-a7ce-4ab1950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:13.000Z",
|
|
"modified": "2016-08-19T13:16:13.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'bc7f77d3d5401aadd2ad9934f19abc1ccf4f95fb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7069f-4888-4196-8000-451a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:15.000Z",
|
|
"modified": "2016-08-19T13:16:15.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'fdec6599d8627fc37bcb029f69a1ac9c4ac739bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b706a0-95a4-43d9-8e08-443a950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:16.000Z",
|
|
"modified": "2016-08-19T13:16:16.000Z",
|
|
"pattern": "[file:hashes.SHA1 = '00c33a1c304682538dd4f75a66fcd18b5d1661b9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b706a1-05f4-4490-bd49-4065950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:17.000Z",
|
|
"modified": "2016-08-19T13:16:17.000Z",
|
|
"pattern": "[file:hashes.SHA1 = 'fe4388c9a268cbe6ad77f0df4fb1d62a1e20e3a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70672-c7ac-4c64-9386-48bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:30.000Z",
|
|
"modified": "2016-08-19T13:15:30.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '0fcbe18dcd71558eb191bb6d99b366353896ff31484a83cb9fc97d9267212bc3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b70675-01e0-42aa-b877-4acb950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:33.000Z",
|
|
"modified": "2016-08-19T13:15:33.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'b81a4634e201faa33dad7b3b9825d0e895d2cf6f1bc0b0d3825a2667a83437e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b7068a-75f8-4e00-87e9-4495950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:15:54.000Z",
|
|
"modified": "2016-08-19T13:15:54.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '2072dac948e0a87474eab2077085c75052e3161c88cc4c3b22a11b401f30a1d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:15:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57b706a2-c894-4294-81f8-40a4950d210f",
|
|
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
|
|
"created": "2016-08-19T13:16:18.000Z",
|
|
"modified": "2016-08-19T13:16:18.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '3cc4e1ede16e379e1301f028727c86135559611b8c9085909f38f9f8c3ec2952']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2016-08-19T13:16:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |