adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5902e33b-5f04-44d9-8260-427e950d210f.json

19365 lines
No EOL
788 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--5902e33b-5f04-44d9-8260-427e950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:27:45.000Z",
"modified": "2017-04-28T07:27:45.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5902e33b-5f04-44d9-8260-427e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:27:45.000Z",
"modified": "2017-04-28T07:27:45.000Z",
"name": "OSINT - Alert (TA17-117A) Intrusions Affecting Multiple Victims Across Multiple Sectors",
"published": "2017-04-28T07:29:26Z",
"object_refs": [
"observed-data--5902e34b-0728-4d97-9a52-4852950d210f",
"url--5902e34b-0728-4d97-9a52-4852950d210f",
"x-misp-attribute--5902e35b-24d0-47e1-a02f-41ac950d210f",
"observed-data--5902e382-95a8-44bd-aa64-445e950d210f",
"url--5902e382-95a8-44bd-aa64-445e950d210f",
"observed-data--5902e383-662c-4854-99f8-47ca950d210f",
"url--5902e383-662c-4854-99f8-47ca950d210f",
"observed-data--5902e383-13e8-487b-a0aa-4a57950d210f",
"url--5902e383-13e8-487b-a0aa-4a57950d210f",
"indicator--5902e56e-bcf4-43d3-8328-4c1b950d210f",
"indicator--5902e56f-72ec-4d28-9af4-4fcf950d210f",
"indicator--5902e56f-7f4c-4c16-9e0a-4b18950d210f",
"indicator--5902e56f-ad38-4d98-aeca-4120950d210f",
"indicator--5902e570-4194-4706-9351-41b3950d210f",
"indicator--5902e570-5dfc-40c6-90f9-4ae8950d210f",
"indicator--5902e571-1130-4146-ba62-4c0c950d210f",
"indicator--5902e571-4284-48e7-ab47-4bc4950d210f",
"indicator--5902e571-d4f0-4705-a886-4ac9950d210f",
"indicator--5902e572-6424-479a-88ca-414b950d210f",
"indicator--5902e572-23f0-470d-b812-4372950d210f",
"indicator--5902e573-50b4-4f6e-a6f4-4e5c950d210f",
"indicator--5902e573-1140-41b1-822d-43a7950d210f",
"indicator--5902e573-0634-4ab6-803f-47b0950d210f",
"indicator--5902e574-e044-4bdc-8276-4f6d950d210f",
"indicator--5902e574-9f68-49e1-8e92-44c7950d210f",
"indicator--5902e575-9974-4159-9be5-47c2950d210f",
"indicator--5902e575-fcec-4448-99f9-4bc5950d210f",
"indicator--5902e575-55f8-465c-8c37-4547950d210f",
"indicator--5902e576-33cc-483e-804e-4303950d210f",
"indicator--5902e576-0b18-4fb6-bddb-41b8950d210f",
"indicator--5902e577-5780-42e1-a356-47d0950d210f",
"indicator--5902e577-cb5c-4bde-bc93-4994950d210f",
"indicator--5902e577-47a4-4410-abc8-4646950d210f",
"indicator--5902e578-2110-43cf-9fe8-4bfd950d210f",
"indicator--5902e578-b3c8-4a9c-856c-42f1950d210f",
"indicator--5902e579-bd60-48dc-8de8-43b5950d210f",
"indicator--5902e579-95b8-45de-848f-491a950d210f",
"indicator--5902e579-5e98-48c3-a839-4fd5950d210f",
"indicator--5902e57a-9174-4eda-b6b6-4a7d950d210f",
"indicator--5902e57a-f854-4d1a-bc16-4a05950d210f",
"indicator--5902e57b-78bc-4394-9661-468e950d210f",
"indicator--5902e57b-87cc-49dc-ae51-4d5c950d210f",
"indicator--5902e57c-11a4-4f80-ad5b-4b6b950d210f",
"indicator--5902e57c-3f98-4c16-88b2-4f3f950d210f",
"indicator--5902e5c0-0cbc-40bf-b435-4fc4950d210f",
"indicator--5902e5c1-d5ec-401e-a1db-45cc950d210f",
"indicator--5902e5c1-90f0-4629-9b8e-44dc950d210f",
"indicator--5902e5c1-b59c-44c8-8386-489f950d210f",
"indicator--5902e5c2-e8f8-4c55-9897-4379950d210f",
"indicator--5902e5c2-1a14-4116-866b-464c950d210f",
"indicator--5902e5c3-dca8-41be-9774-4152950d210f",
"indicator--5902e5c3-ecdc-4c65-867b-4175950d210f",
"indicator--5902e5c3-12c4-4483-a10b-4b80950d210f",
"indicator--5902e5c4-eff0-4c2d-8464-4027950d210f",
"indicator--5902e5c4-eb68-41d0-ab6e-460a950d210f",
"indicator--5902e5c5-946c-40b5-8c19-4dfd950d210f",
"indicator--5902e5c5-d3c0-4cfd-8e0f-45c0950d210f",
"indicator--5902e5c6-89c0-4825-b633-455e950d210f",
"indicator--5902e5c6-f930-46e4-a8ef-40be950d210f",
"indicator--5902e5c6-d694-471a-ba3d-42fb950d210f",
"indicator--5902e5c7-3908-457d-b6da-4b4a950d210f",
"indicator--5902e5c7-f710-400a-b10e-4183950d210f",
"indicator--5902e5c8-8a7c-4669-99c1-407b950d210f",
"indicator--5902e5c8-90c8-4497-b3b9-41f1950d210f",
"indicator--5902e5c8-869c-48dd-ac91-453e950d210f",
"indicator--5902e5c9-13a4-4f6e-ac55-41ea950d210f",
"indicator--5902e5c9-b69c-4c35-afa1-4cde950d210f",
"indicator--5902e5ca-fac8-4bfa-972c-49a9950d210f",
"indicator--5902e5ca-4400-4e45-b501-4a60950d210f",
"indicator--5902e5ca-9330-4ec9-b734-44a3950d210f",
"indicator--5902e5cb-ee48-4590-9d3c-4c51950d210f",
"indicator--5902e5cb-6ab0-476f-bbe1-47f1950d210f",
"indicator--5902e5cc-ee90-4d35-8753-42d5950d210f",
"indicator--5902e5cc-2bcc-4825-bf97-46d3950d210f",
"indicator--5902e5cd-c814-493b-b4ca-417d950d210f",
"indicator--5902e5cd-66f0-472d-91da-43fe950d210f",
"indicator--5902e5cd-630c-4d15-a1c6-41b1950d210f",
"indicator--5902e5ce-b6b0-44e0-bf17-4c99950d210f",
"indicator--5902e5ce-af00-4d35-ad8a-4618950d210f",
"indicator--5902e5cf-9268-4c19-a800-4033950d210f",
"indicator--5902e5cf-bcec-4571-a3a8-4db3950d210f",
"indicator--5902e5f8-c0f0-4c01-bae7-4c05950d210f",
"indicator--5902e5f9-854c-49eb-ba92-4a83950d210f",
"indicator--5902e5f9-71dc-451a-8d38-47cf950d210f",
"indicator--5902e5f9-5374-42ee-a53d-4cd7950d210f",
"indicator--5902e5fa-9024-4024-bae7-4cf1950d210f",
"indicator--5902e5fa-8a4c-4b0a-96aa-48a2950d210f",
"indicator--5902e5fb-0a20-4e66-9296-4186950d210f",
"indicator--5902e5fb-7360-4f17-b02f-4c8d950d210f",
"indicator--5902e5fb-f178-4d01-ad62-4c25950d210f",
"indicator--5902e653-fc5c-4edb-b3fd-4973950d210f",
"indicator--5902e653-de44-4429-9839-41fd950d210f",
"indicator--5902e654-0b04-4601-9568-465b950d210f",
"indicator--5902e654-055c-43ef-ba1d-4bc6950d210f",
"indicator--5902e654-bc68-4987-ae4a-43ac950d210f",
"indicator--5902e655-d74c-4a83-a967-4231950d210f",
"indicator--5902e655-feb8-43ad-8658-49b0950d210f",
"indicator--5902e656-0fd8-450c-ada6-4541950d210f",
"indicator--5902e656-5fb0-4f0e-bcf2-4733950d210f",
"indicator--5902e656-ef84-49b8-9c47-4ba5950d210f",
"indicator--5902e657-09b8-484e-8a24-433a950d210f",
"indicator--5902e657-d25c-472b-b59f-42f4950d210f",
"indicator--5902e658-c834-4001-8bb4-4958950d210f",
"indicator--5902e658-68e4-4a2e-9892-4659950d210f",
"indicator--5902e658-32fc-49f9-a785-4c9c950d210f",
"indicator--5902e659-fb4c-4cfa-8cdd-49a5950d210f",
"indicator--5902e659-bbc8-4339-9b42-4819950d210f",
"indicator--5902e65a-f3f4-43a3-8080-4af4950d210f",
"indicator--5902e65a-8de0-4a01-8a8f-419a950d210f",
"indicator--5902e65a-b574-4d3a-b59a-4abe950d210f",
"indicator--5902e65b-6564-4458-8762-41a4950d210f",
"indicator--5902e65b-ffc4-4c53-a53f-460d950d210f",
"indicator--5902e65c-2348-438f-b23c-478d950d210f",
"indicator--5902e65c-61cc-4be3-9e3b-4eba950d210f",
"indicator--5902e65d-4a58-4a8e-b9d1-4044950d210f",
"indicator--5902e65d-ee6c-429b-9199-4848950d210f",
"indicator--5902e65d-f29c-4253-8cee-40d1950d210f",
"indicator--5902e65e-b668-4aab-80f3-45d5950d210f",
"indicator--5902e65e-0cd4-4135-ac17-46e4950d210f",
"indicator--5902e65e-efbc-443e-9cc2-468d950d210f",
"indicator--5902e65f-ae3c-4482-835c-4164950d210f",
"indicator--5902e65f-ce5c-457b-b9f5-456e950d210f",
"indicator--5902e660-bc30-4b0e-aae1-458e950d210f",
"indicator--5902e660-e324-4fc7-b269-4e82950d210f",
"indicator--5902e660-6e78-4f99-a123-4da3950d210f",
"indicator--5902e661-a9a8-4d6c-afb5-4984950d210f",
"indicator--5902e661-4cc0-4880-87cd-4f84950d210f",
"indicator--5902e695-514c-4401-9ea2-4a1e950d210f",
"indicator--5902e696-01d8-4797-9958-4b6a950d210f",
"indicator--5902e696-27b0-48aa-9d0e-446d950d210f",
"indicator--5902e697-cfd4-4d89-b930-4fe8950d210f",
"indicator--5902e697-b3bc-412f-a6d8-4eb5950d210f",
"indicator--5902e697-d98c-4944-939c-45c4950d210f",
"indicator--5902e698-6630-4f06-a84d-4be8950d210f",
"indicator--5902e6e5-4c5c-448f-ae32-431d950d210f",
"indicator--5902e6e5-23d4-4a68-ae54-40e1950d210f",
"indicator--5902e6e6-5e0c-47c7-b168-443d950d210f",
"indicator--5902e6e6-be6c-454f-a5f8-4aff950d210f",
"indicator--5902e6e6-f798-4d9e-a0a2-43ff950d210f",
"indicator--5902e6e7-59a8-4577-ad21-4148950d210f",
"indicator--5902e6e7-1f98-4343-984c-49fd950d210f",
"indicator--5902e6e7-3650-4c3b-b211-4ed1950d210f",
"indicator--5902e6e8-e2e4-439a-8de5-4d6c950d210f",
"indicator--5902e6e8-f79c-48a2-af57-421b950d210f",
"indicator--5902e6e9-cf44-4bd9-a55d-4f75950d210f",
"indicator--5902e6e9-de48-4402-b680-4e15950d210f",
"indicator--5902e6e9-8c08-4099-a01b-4bb1950d210f",
"indicator--5902e6ea-cf94-4fde-b7c5-4c0c950d210f",
"indicator--5902e6ea-83d8-405a-9daa-4ecb950d210f",
"indicator--5902e6eb-44cc-450b-803a-42e8950d210f",
"indicator--5902e6eb-b4d4-410d-9dc4-4b7f950d210f",
"indicator--5902e6eb-c414-4aae-bd23-427a950d210f",
"indicator--5902e6ec-5d30-47b8-b9e8-4145950d210f",
"indicator--5902e6ec-6e44-4ccf-8bbb-4703950d210f",
"indicator--5902e6ec-9b44-4a9a-bb6c-4bd9950d210f",
"indicator--5902e6ed-d910-4914-b444-4c2d950d210f",
"indicator--5902e6ed-b790-482f-bb86-429f950d210f",
"indicator--5902e6ee-2a0c-430f-b912-4350950d210f",
"indicator--5902e6ee-bf4c-41a0-be9b-4433950d210f",
"indicator--5902e6ee-cf2c-4a47-85fe-4009950d210f",
"indicator--5902e6ef-8d34-4938-9642-4e15950d210f",
"indicator--5902e6ef-5544-47d5-a381-442f950d210f",
"indicator--5902e6f0-2798-476c-acc3-47fe950d210f",
"indicator--5902e6f0-66d4-48a9-9bbc-4f73950d210f",
"indicator--5902e6f0-7324-46e1-a25f-4941950d210f",
"indicator--5902e6f1-8254-41e6-962c-4d40950d210f",
"indicator--5902e6f1-e1ac-41cc-8a05-4595950d210f",
"indicator--5902e6f1-a318-4e20-94b4-4a71950d210f",
"indicator--5902e6f2-8ed8-4b1e-9725-4812950d210f",
"indicator--5902e6f2-0df8-4915-9598-484d950d210f",
"indicator--5902e6f3-5070-4483-b9c9-4cbc950d210f",
"indicator--5902e6f3-2a34-472a-844d-48f4950d210f",
"indicator--5902e6f3-c440-4eef-8f85-45c6950d210f",
"indicator--5902e6f4-11c0-48fd-b43c-4fbd950d210f",
"indicator--5902e72c-a6c8-46e6-8bf6-496e950d210f",
"indicator--5902e72d-3fa4-4dd3-9f17-4535950d210f",
"indicator--5902e72d-4558-40de-907c-4714950d210f",
"indicator--5902e72e-f614-4147-82e8-4dfb950d210f",
"indicator--5902e72e-56d0-4b0a-8d78-498e950d210f",
"indicator--5902e72e-0edc-4912-a867-4045950d210f",
"indicator--5902e72f-3774-4b50-ba68-43ff950d210f",
"indicator--5902e72f-5bf4-4a4b-af30-4b08950d210f",
"indicator--5902e72f-2f2c-4c1d-b75b-4b38950d210f",
"indicator--5902e730-3314-41f9-9644-40f5950d210f",
"indicator--5902e730-608c-4f5a-a095-4168950d210f",
"indicator--5902e731-a9e8-48f1-a518-4be5950d210f",
"indicator--5902e731-4258-4235-87af-429d950d210f",
"indicator--5902e731-ee38-473a-8658-41b7950d210f",
"indicator--5902e732-0cd8-490f-8901-4d40950d210f",
"indicator--5902e732-5ea8-406e-9eab-4f52950d210f",
"indicator--5902e733-675c-44ef-abe5-4e79950d210f",
"indicator--5902e733-7998-4754-9211-4afd950d210f",
"indicator--5902e733-9b24-4f03-964e-4650950d210f",
"indicator--5902e734-ebec-402e-ba04-4202950d210f",
"indicator--5902e734-9864-49dc-b70f-439b950d210f",
"indicator--5902e735-f920-440f-ab1b-4002950d210f",
"indicator--5902e735-7770-4a6f-95be-4518950d210f",
"indicator--5902e735-4848-47b8-91ef-4e6a950d210f",
"indicator--5902e736-a9d4-42f5-b703-461a950d210f",
"indicator--5902e736-6588-49fc-aecf-4e25950d210f",
"indicator--5902e736-9334-4693-a36e-4a02950d210f",
"indicator--5902e737-a5b4-46f6-8589-4b02950d210f",
"indicator--5902e737-7988-4d47-8969-43c3950d210f",
"indicator--5902e738-59dc-4f5d-8a6f-4c59950d210f",
"indicator--5902e738-69c8-4d49-bb75-4bd2950d210f",
"indicator--5902e738-1a08-4e73-b52a-4caf950d210f",
"indicator--5902e826-7a30-4474-b7f1-4d96950d210f",
"indicator--5902e826-46dc-4b64-b736-46de950d210f",
"indicator--5902e827-f998-48e2-82ff-4310950d210f",
"indicator--5902e827-4ff8-47b7-8381-4150950d210f",
"indicator--5902e828-ea24-4ce8-9c7b-4c58950d210f",
"indicator--5902e828-8af8-4dde-8368-4ba6950d210f",
"indicator--5902e828-ed7c-4a10-838c-485c950d210f",
"indicator--5902e829-8e44-4ec5-af65-475b950d210f",
"indicator--5902e829-9b20-471b-a774-4718950d210f",
"indicator--5902e829-e3e0-438e-b3ff-4b39950d210f",
"indicator--5902e82a-4924-4b1e-93d7-4c89950d210f",
"indicator--5902e82a-78bc-4232-b669-47ab950d210f",
"indicator--5902e82b-fccc-4e2a-95f3-42ce950d210f",
"indicator--5902e82b-e4c8-4226-98dc-4772950d210f",
"indicator--5902e82b-16b0-4cae-9372-4183950d210f",
"indicator--5902e82c-80a0-4e98-8e13-404e950d210f",
"indicator--5902e82c-8d58-4e1b-9257-4c25950d210f",
"indicator--5902e82d-7fd8-4b91-9463-4ab9950d210f",
"indicator--5902e82d-ab5c-40f1-926b-43cd950d210f",
"indicator--5902e82d-4e60-4729-a0c9-4faa950d210f",
"indicator--5902e82e-8114-410d-9581-4080950d210f",
"indicator--5902e82e-4474-443b-8ea8-498c950d210f",
"indicator--5902e82f-15a0-45ad-88cc-4527950d210f",
"indicator--5902e82f-1668-40d0-bf1d-4f9b950d210f",
"indicator--5902e82f-eff0-459c-a864-498a950d210f",
"indicator--5902e830-c4e4-4737-a3d1-4233950d210f",
"indicator--5902e830-49e0-424c-b0a3-40ad950d210f",
"indicator--5902e831-2640-4aaa-9f5f-4131950d210f",
"indicator--5902e831-8638-4926-a59b-4991950d210f",
"indicator--5902e831-c54c-4608-bf66-4d52950d210f",
"indicator--5902e832-b318-43ac-9442-4de5950d210f",
"indicator--5902e832-c474-4cb2-974b-420f950d210f",
"indicator--5902e833-f084-47bb-806a-47d5950d210f",
"indicator--5902e833-886c-477f-a444-4e94950d210f",
"indicator--5902e833-5bcc-46ab-a857-46ad950d210f",
"indicator--5902e834-ac10-407e-92a2-4777950d210f",
"indicator--5902e834-8edc-47ee-ba23-4662950d210f",
"indicator--5902e835-1c7c-4f21-ac18-4265950d210f",
"indicator--5902e835-6558-4b6e-9d6e-4243950d210f",
"indicator--5902e835-87a0-4bb1-ab4d-4c09950d210f",
"indicator--5902e836-f2d4-45e1-9e67-4ee8950d210f",
"indicator--5902e836-c07c-49df-b898-41dc950d210f",
"indicator--5902e836-8858-471d-a4eb-45a5950d210f",
"indicator--5902e837-4404-4029-8510-4281950d210f",
"indicator--5902e837-1bd8-46ac-956e-4a74950d210f",
"indicator--5902e838-ecdc-4792-989e-451e950d210f",
"indicator--5902e838-1310-4507-9347-43b7950d210f",
"indicator--5902e838-3e64-4e0f-9be4-4361950d210f",
"indicator--5902e839-b048-483e-80c9-42ec950d210f",
"indicator--5902e839-ea04-4059-a0bc-4727950d210f",
"indicator--5902e839-3bb0-4fe3-85ef-4a5b950d210f",
"indicator--5902e83a-ea9c-433e-baa0-4d8f950d210f",
"indicator--5902e83a-ba34-4096-a64e-49a5950d210f",
"indicator--5902e83a-45a0-407c-99f3-4738950d210f",
"indicator--5902e83b-43bc-4884-b8e4-43cd950d210f",
"indicator--5902e83b-3388-4583-9e99-417c950d210f",
"indicator--5902e83c-b898-4f08-91ff-42a8950d210f",
"indicator--5902e83c-c42c-4666-ba00-40ec950d210f",
"indicator--5902e83c-5924-42cc-8698-48dc950d210f",
"indicator--5902e83d-a964-4103-96ac-4496950d210f",
"indicator--5902e83d-fb84-4595-a588-41cb950d210f",
"indicator--5902e83d-5174-4578-a5f0-46ce950d210f",
"indicator--5902e83e-e260-4c75-b8ac-4b52950d210f",
"indicator--5902e83e-12d0-46fc-93ed-488a950d210f",
"indicator--5902e83f-c018-4e5a-a1d5-4c75950d210f",
"indicator--5902e83f-0e14-42d6-a5ba-44a1950d210f",
"indicator--5902e83f-ae44-4a2e-8935-4328950d210f",
"indicator--5902e840-e554-4f67-adcd-4744950d210f",
"indicator--5902e840-b08c-49e4-8f20-4002950d210f",
"indicator--5902e841-362c-46c0-b973-4c5c950d210f",
"indicator--5902e841-9f04-4d8e-b763-45e7950d210f",
"indicator--5902e841-19dc-4a74-9322-49d3950d210f",
"indicator--5902e842-ae68-4e34-b1dd-48b3950d210f",
"indicator--5902e842-3ee4-4d03-a914-4676950d210f",
"indicator--5902e843-ddf0-42f1-b116-4729950d210f",
"indicator--5902e843-0cb0-4917-ab31-46ec950d210f",
"indicator--5902e843-9314-4684-8cc9-43b4950d210f",
"indicator--5902e844-f308-4ee4-8fe8-49ae950d210f",
"indicator--5902e844-e2a0-4e6b-bb65-4a38950d210f",
"indicator--5902e845-512c-413c-8b10-45ce950d210f",
"indicator--5902e845-1894-443d-a6f0-427a950d210f",
"indicator--5902e845-3784-4b29-b5cf-4d00950d210f",
"indicator--5902e846-c9fc-4e4b-ba5a-46a6950d210f",
"indicator--5902e846-7fa8-4827-9a1e-4f3e950d210f",
"indicator--5902e847-4ca4-47ea-84ec-430e950d210f",
"indicator--5902e847-4b04-439e-8b72-4274950d210f",
"indicator--5902e847-6cec-4d24-adc0-4972950d210f",
"indicator--5902e848-b340-42a5-953e-4387950d210f",
"indicator--5902e848-4854-4702-9609-4754950d210f",
"indicator--5902e849-5a80-4f5d-9a81-405e950d210f",
"indicator--5902e849-de2c-42f0-b29d-4ff7950d210f",
"indicator--5902e849-e9c4-4bf4-aa16-4fc6950d210f",
"indicator--5902e84a-202c-4e93-9204-40a9950d210f",
"indicator--5902e84a-0a24-4a0f-b5ff-47bd950d210f",
"indicator--5902e84b-9930-40df-9413-41af950d210f",
"indicator--5902e84b-3a00-478e-8b80-4f15950d210f",
"indicator--5902e84b-7b48-4fa9-9cfa-4f11950d210f",
"indicator--5902e84c-1170-41d0-a34e-46d1950d210f",
"indicator--5902e84c-12bc-4e22-b358-41fc950d210f",
"indicator--5902e84d-885c-4c8c-94f6-4d68950d210f",
"indicator--5902e84d-7f80-4d06-b407-414d950d210f",
"indicator--5902e84e-0024-481d-b95d-4c93950d210f",
"indicator--5902e84e-8dd0-4c2c-b328-4bb3950d210f",
"indicator--5902e84f-99d4-461d-a163-44c6950d210f",
"indicator--5902e84f-69b0-4d38-a81e-430a950d210f",
"indicator--5902e84f-efd4-434f-a28b-4041950d210f",
"indicator--5902e850-3f58-43ac-a601-4caa950d210f",
"indicator--5902e850-81c4-4ee0-8782-4e7f950d210f",
"indicator--5902e851-9d04-4eaa-bcf9-499a950d210f",
"indicator--5902e851-23ec-428f-a891-4a64950d210f",
"indicator--5902e852-92ac-4470-a6a8-404c950d210f",
"indicator--5902e852-80b0-416d-a036-459b950d210f",
"indicator--5902e853-1df4-4bca-bda0-4c4c950d210f",
"indicator--5902e853-a878-4bab-b12d-40d6950d210f",
"indicator--5902e853-cf44-4212-82dc-46c4950d210f",
"indicator--5902e854-74a0-4fbf-96dc-49b4950d210f",
"indicator--5902e854-d408-465c-bb4b-4bb0950d210f",
"indicator--5902e855-31d4-4e9c-a0bf-4bd9950d210f",
"indicator--5902e855-04c0-4ec4-9cc4-426a950d210f",
"indicator--5902e856-1b54-46c6-9ac8-4ed4950d210f",
"indicator--5902e856-9d28-44f9-a195-48cf950d210f",
"indicator--5902e857-46bc-4a06-9694-467f950d210f",
"indicator--5902e857-6600-461e-a025-44c2950d210f",
"indicator--5902e858-eee0-4627-913f-4471950d210f",
"indicator--5902e858-dd7c-47d1-ac9d-4130950d210f",
"indicator--5902e858-1e44-45c5-a6f9-4ba2950d210f",
"indicator--5902e859-e608-4698-bd8a-4650950d210f",
"indicator--5902e859-dbd0-4268-a237-4eba950d210f",
"indicator--5902e85a-b7a4-4b74-8810-4625950d210f",
"indicator--5902e85a-efd4-4d36-871b-4475950d210f",
"indicator--5902e85b-5c5c-494f-be40-43c1950d210f",
"indicator--5902e85b-1200-47aa-aa56-4e0a950d210f",
"indicator--5902e85c-b5d4-480e-8668-46c5950d210f",
"indicator--5902e85c-e1d8-446e-b84b-4fbf950d210f",
"indicator--5902e85c-ebe0-484a-9200-4b80950d210f",
"indicator--5902e85d-551c-44ee-891f-4b76950d210f",
"indicator--5902e85d-75f8-40ab-904f-41a2950d210f",
"indicator--5902e85e-0ba8-4002-bd77-4749950d210f",
"indicator--5902e85e-1524-44a9-89a2-4beb950d210f",
"indicator--5902e85f-2768-4226-92e8-42e8950d210f",
"indicator--5902e85f-7a18-4fa9-98e9-4e01950d210f",
"indicator--5902e860-9e70-46a4-b3fb-4908950d210f",
"indicator--5902e860-c19c-4089-9f24-4098950d210f",
"indicator--5902e860-5228-4b48-bac2-4f3a950d210f",
"indicator--5902e861-cabc-4ec5-9a52-4d6c950d210f",
"indicator--5902e861-bd54-410d-97cb-49f9950d210f",
"indicator--5902e862-6598-4a14-9615-48f9950d210f",
"indicator--5902e862-cec4-462b-aafd-4bf6950d210f",
"indicator--5902e863-9ed8-4325-a2b0-4e99950d210f",
"indicator--5902e863-ddf8-45a3-b8e3-4e00950d210f",
"indicator--5902e864-5128-4834-ba0a-4797950d210f",
"indicator--5902e864-66f0-420a-a729-4507950d210f",
"indicator--5902e864-a180-4574-b6dd-419d950d210f",
"indicator--5902e865-5498-4880-a0bf-493f950d210f",
"indicator--5902e865-1460-45b0-86b6-47a1950d210f",
"indicator--5902e866-f4b8-4432-bb48-4d4f950d210f",
"indicator--5902e866-19ac-4fd0-8e75-4985950d210f",
"indicator--5902e867-9c4c-44f9-b49a-4f58950d210f",
"indicator--5902e867-e260-4a9a-8d40-45a0950d210f",
"indicator--5902e868-01e4-4c94-9b75-4bda950d210f",
"indicator--5902e868-9b9c-4d2d-b669-4f75950d210f",
"indicator--5902e868-eef0-4659-85ab-476b950d210f",
"indicator--5902e869-ffe0-448a-9855-4c0e950d210f",
"indicator--5902e869-4dd0-475e-a229-437b950d210f",
"indicator--5902e86a-55ac-4c99-8c61-42d2950d210f",
"indicator--5902e86a-ed98-487a-9ba9-4086950d210f",
"indicator--5902e86b-b434-44e1-a7fc-4bdf950d210f",
"indicator--5902e86b-732c-4c4f-84ce-48dd950d210f",
"indicator--5902e86b-5fec-488f-bdeb-45d8950d210f",
"indicator--5902e86c-64f4-49de-b80c-4044950d210f",
"indicator--5902e86c-4634-4c99-8a1e-43bc950d210f",
"indicator--5902e86c-310c-4ff7-8658-435c950d210f",
"indicator--5902e86d-cc0c-4487-88bc-4324950d210f",
"indicator--5902e86d-f950-47d3-bcaa-456a950d210f",
"indicator--5902e86e-1d18-4401-883c-494e950d210f",
"indicator--5902e86e-a41c-40d8-a9d4-4171950d210f",
"indicator--5902e86e-4800-461e-8bc5-4018950d210f",
"indicator--5902e86f-c35c-4da7-9794-44a9950d210f",
"indicator--5902e86f-9c3c-4a11-b03b-497a950d210f",
"indicator--5902e86f-c1f8-4989-b6fb-40b2950d210f",
"indicator--5902e870-af6c-47a9-80bb-48f0950d210f",
"indicator--5902e870-224c-431a-b2b7-47ae950d210f",
"indicator--5902e871-e740-446b-a1dd-4f0c950d210f",
"indicator--5902e871-ea28-4cc3-af3e-43dc950d210f",
"indicator--5902e871-eb4c-427d-82a7-4e90950d210f",
"indicator--5902e872-cbfc-4f39-a7ee-4e9d950d210f",
"indicator--5902e872-bbd4-458e-8e91-4086950d210f",
"indicator--5902e873-6bb8-4b9b-965e-4fc5950d210f",
"indicator--5902e873-108c-4b32-8f66-44be950d210f",
"indicator--5902e873-1e90-423e-ac20-4de7950d210f",
"indicator--5902e874-7b74-4d1f-a5bb-4345950d210f",
"indicator--5902e874-5540-49e1-ac6b-4528950d210f",
"indicator--5902e875-664c-4660-bbff-4963950d210f",
"indicator--5902e875-d0d4-4099-84d3-4cb1950d210f",
"indicator--5902e876-c720-4a64-9552-447c950d210f",
"indicator--5902e876-a0f0-4834-9064-4f76950d210f",
"indicator--5902e877-7284-417f-b0ee-4322950d210f",
"indicator--5902e877-90f4-41a2-808d-4946950d210f",
"indicator--5902e877-918c-4284-b45d-4ad2950d210f",
"indicator--5902e878-13a4-45b4-bc5b-46db950d210f",
"indicator--5902e878-2a50-43f4-b635-4d73950d210f",
"indicator--5902e879-6470-4bf2-aa60-446d950d210f",
"indicator--5902e879-0904-4655-be1d-402c950d210f",
"indicator--5902e87a-c76c-46b4-b525-43f5950d210f",
"indicator--5902e87a-1888-48b0-8620-4ae5950d210f",
"indicator--5902e87b-7728-4737-b03e-4524950d210f",
"indicator--5902e87b-451c-4e14-beb9-439b950d210f",
"indicator--5902e87b-12f4-4f32-9fd1-49c7950d210f",
"indicator--5902e87c-1b9c-4c96-ae05-42e9950d210f",
"indicator--5902e87c-8300-4e01-89f9-4db4950d210f",
"indicator--5902e87d-fd70-452d-b105-40b3950d210f",
"indicator--5902e87d-6658-4475-89e6-4cdd950d210f",
"indicator--5902e87d-b864-40e3-a77c-4866950d210f",
"indicator--5902e87e-60f0-4c80-9098-4081950d210f",
"indicator--5902e87e-4dac-47d1-a651-4504950d210f",
"indicator--5902e87f-e5c0-41bc-a26b-434a950d210f",
"indicator--5902e87f-51ec-4a62-abf3-4ed8950d210f",
"indicator--5902e880-f5dc-4e19-8dbf-45ee950d210f",
"indicator--5902e880-f020-4056-8d72-4e12950d210f",
"indicator--5902e880-fe5c-4d41-b3cf-4124950d210f",
"indicator--5902e881-4430-4413-87a3-4c55950d210f",
"indicator--5902e881-be38-43c0-a4b9-4f8c950d210f",
"indicator--5902e882-eeb0-470b-9815-4927950d210f",
"indicator--5902e882-0c74-4ad3-92f6-4f0e950d210f",
"indicator--5902e883-8794-4344-a880-498d950d210f",
"indicator--5902e883-6034-4cd9-afb3-45c4950d210f",
"indicator--5902e884-ec6c-4fc4-b639-4947950d210f",
"indicator--5902e884-7dec-4cd5-b2a9-4580950d210f",
"indicator--5902e885-ae38-4ccd-b4c6-4c39950d210f",
"indicator--5902e885-c7b4-4cb1-9511-4eef950d210f",
"indicator--5902e885-a45c-4a9f-8513-4c42950d210f",
"indicator--5902e886-a034-459d-9b94-4838950d210f",
"indicator--5902e886-45fc-4dcd-b2cb-4e5f950d210f",
"indicator--5902e887-7860-48c8-8805-40f6950d210f",
"indicator--5902e887-0018-4d66-ad66-4157950d210f",
"indicator--5902e888-99d8-43a0-abcd-4eb2950d210f",
"indicator--5902e888-6f44-491c-8160-4a5e950d210f",
"indicator--5902e889-38a0-4217-afa8-46f6950d210f",
"indicator--5902e889-d8e8-4009-9a39-4dea950d210f",
"indicator--5902e889-fa28-4c69-ba83-4291950d210f",
"indicator--5902e88a-9264-4143-a8c7-4a65950d210f",
"indicator--5902e88a-ba74-4732-9733-43ef950d210f",
"indicator--5902e88b-b044-4f3f-98b7-430a950d210f",
"indicator--5902e88b-cd60-4052-ac2e-42cf950d210f",
"indicator--5902e88c-ac44-491f-b834-4d1b950d210f",
"indicator--5902e88c-0d20-4527-a26a-463a950d210f",
"indicator--5902e88d-393c-413e-bcca-4c22950d210f",
"indicator--5902e88d-4ebc-421c-90cc-46f1950d210f",
"indicator--5902e88d-1258-474a-ac60-450c950d210f",
"indicator--5902e88e-5ec0-499c-a58f-4d21950d210f",
"indicator--5902e88e-0894-4a36-8cc7-4283950d210f",
"indicator--5902e88f-a12c-496e-8027-497b950d210f",
"indicator--5902e88f-40f8-447d-98eb-46e4950d210f",
"indicator--5902e890-9370-4f31-90e4-4d5a950d210f",
"indicator--5902e891-c74c-4fe4-9204-4008950d210f",
"indicator--5902e891-e514-46ee-96a6-4e01950d210f",
"indicator--5902e892-8a10-4e18-9c06-4b37950d210f",
"indicator--5902e892-e2bc-427b-929e-4b5d950d210f",
"indicator--5902e893-91bc-4790-b72d-454a950d210f",
"indicator--5902e893-39f4-4244-984d-48f7950d210f",
"indicator--5902e894-72b0-4914-94ce-4b45950d210f",
"indicator--5902e894-d0f0-4441-96ab-416b950d210f",
"indicator--5902e894-940c-49ec-a446-4d98950d210f",
"indicator--5902e895-078c-4b58-bf6b-407f950d210f",
"indicator--5902e895-6c64-46f2-90d0-4b90950d210f",
"indicator--5902e896-2c44-40ee-83f1-4546950d210f",
"indicator--5902e896-6e20-4a79-b0c7-43bc950d210f",
"indicator--5902e897-f180-452f-b5cf-4880950d210f",
"indicator--5902e897-d3a8-4c59-84fa-462e950d210f",
"indicator--5902e897-3bcc-47f2-a8bf-4703950d210f",
"indicator--5902e898-d834-4108-8b87-4302950d210f",
"indicator--5902e898-8fac-46e6-9dfb-4722950d210f",
"indicator--5902e899-3890-4cc7-856b-4e1d950d210f",
"indicator--5902e899-15d4-4c1e-8292-48eb950d210f",
"indicator--5902e89a-01a8-4589-9dec-47c9950d210f",
"indicator--5902e89a-db30-460b-b28a-4404950d210f",
"indicator--5902e89b-ce8c-4f67-9134-4c73950d210f",
"indicator--5902e89b-eaec-4f66-92a7-47eb950d210f",
"indicator--5902e89c-2154-4097-b025-46b2950d210f",
"indicator--5902e89c-cde0-4f87-91cc-453d950d210f",
"indicator--5902e89d-b734-487c-922d-4f91950d210f",
"indicator--5902e89d-1eac-4335-b391-43fb950d210f",
"indicator--5902e89d-1eb0-44d7-bc45-4eb3950d210f",
"indicator--5902e89e-4f10-4821-92d1-4dcf950d210f",
"indicator--5902e89e-f6f4-4fe0-88de-4218950d210f",
"indicator--5902e89f-3f04-4748-bd97-4798950d210f",
"indicator--5902e89f-9b14-48c0-8903-42f2950d210f",
"indicator--5902e8a0-49b0-436b-8799-4408950d210f",
"indicator--5902e8a0-28a8-45eb-a8bb-4277950d210f",
"indicator--5902e8a1-4654-48e4-9a64-4f87950d210f",
"indicator--5902e8a1-13ec-4390-800a-4112950d210f",
"indicator--5902e8a2-c674-4ad3-b6c4-4a75950d210f",
"indicator--5902e8a2-8690-445f-babb-494e950d210f",
"indicator--5902e8a3-4670-4e29-9c47-4248950d210f",
"indicator--5902e8a3-96b8-4ee5-94f2-4c14950d210f",
"indicator--5902e8a4-99fc-4ac7-9893-4b8c950d210f",
"indicator--5902e8a4-b070-436d-8d12-4f06950d210f",
"indicator--5902e8a4-2a70-43d3-86c9-4d70950d210f",
"indicator--5902e8a5-8198-423d-81f4-42be950d210f",
"indicator--5902e8a5-2140-4b3f-a1f2-400c950d210f",
"indicator--5902e8a6-3238-4f52-a480-4f20950d210f",
"indicator--5902e8a6-e6f4-4d8f-9d7e-4cc1950d210f",
"indicator--5902e8a7-7e6c-4cc1-ac26-45dd950d210f",
"indicator--5902e8a7-4d80-49ff-9031-480e950d210f",
"indicator--5902e8a8-746c-4777-9dee-47fe950d210f",
"indicator--5902e8a8-7560-4f46-971d-431c950d210f",
"indicator--5902e8a9-fe68-40ba-87d4-419c950d210f",
"indicator--5902e8a9-ad94-408a-89da-407c950d210f",
"indicator--5902e8a9-bf5c-433a-8343-4b14950d210f",
"indicator--5902e8aa-39e4-4dc6-aee7-48f2950d210f",
"indicator--5902e8aa-0b8c-4882-8518-4d57950d210f",
"indicator--5902e8ab-2b68-411b-a035-483d950d210f",
"indicator--5902e8ab-e9cc-4a29-9928-41a0950d210f",
"indicator--5902e8ac-8b70-49aa-9688-4210950d210f",
"indicator--5902e8ac-5804-410c-bcd4-448a950d210f",
"indicator--5902e8ac-45d0-4690-ad17-4b83950d210f",
"indicator--5902e8ad-4c50-4020-8c40-461d950d210f",
"indicator--5902e8ad-4078-4535-89b3-4a4b950d210f",
"indicator--5902e8ae-3778-42c1-926f-46f3950d210f",
"indicator--5902e8ae-1e88-45e7-9915-4a8e950d210f",
"indicator--5902e8af-7cf4-487d-9fca-4b8d950d210f",
"indicator--5902e8af-fb3c-4025-a443-446d950d210f",
"indicator--5902e8b0-ae20-4569-9f4b-48e0950d210f",
"indicator--5902e8b0-a984-4161-9afc-4579950d210f",
"indicator--5902e8b1-07fc-4dc9-b4f2-431f950d210f",
"indicator--5902e8b1-0704-4dea-b07f-467f950d210f",
"indicator--5902e8b2-0e24-4f64-84d9-49c0950d210f",
"indicator--5902e8b2-3904-4e7a-9f9d-4f4d950d210f",
"indicator--5902e8b3-7d0c-410e-8cfc-40fa950d210f",
"indicator--5902e8b3-7c60-42a5-aa08-4552950d210f",
"indicator--5902e8b4-86b4-4514-aa0c-4f54950d210f",
"indicator--5902e8b4-248c-42fb-b261-4a86950d210f",
"indicator--5902e8b5-ded4-48a4-aacf-49e1950d210f",
"indicator--5902e8b5-6020-476f-bc7e-4282950d210f",
"indicator--5902e8b5-3c1c-45cc-a7b6-4342950d210f",
"indicator--5902e8b6-fc28-4928-932d-4c31950d210f",
"indicator--5902e8b6-f97c-4590-8f07-4237950d210f",
"indicator--5902e8b7-486c-4b22-b3f7-4e11950d210f",
"indicator--5902e8b7-747c-41ac-b55b-429f950d210f",
"indicator--5902e8b8-3d30-4681-b6e4-4802950d210f",
"indicator--5902e8b8-b680-4ef5-b97e-41cc950d210f",
"indicator--5902e8b9-48b0-4fc1-9293-4436950d210f",
"indicator--5902e8b9-3eac-4231-95ef-4963950d210f",
"indicator--5902e8ba-e5a0-46d2-9d76-47e5950d210f",
"indicator--5902e8ba-0d64-4bd5-b462-4d20950d210f",
"indicator--5902e8bb-4dc8-41db-bcd8-4dbc950d210f",
"indicator--5902e8bb-4a8c-40e7-83de-4200950d210f",
"indicator--5902e8bc-0ab8-4516-9ec2-41a6950d210f",
"indicator--5902e8bc-93d8-4c85-83b7-43d0950d210f",
"indicator--5902e8bd-1204-4a71-95a7-4007950d210f",
"indicator--5902e8bd-6630-4907-b564-4888950d210f",
"indicator--5902e8be-dd98-4ab9-9ec0-45e3950d210f",
"indicator--5902e8be-bcd0-4059-bb6f-4aca950d210f",
"indicator--5902e8bf-3c58-4413-8654-4e13950d210f",
"indicator--5902e8bf-3974-4f49-87f5-494c950d210f",
"indicator--5902e8c0-edf0-4113-9aeb-4855950d210f",
"indicator--5902e8c0-42c4-4fcf-88b0-493b950d210f",
"indicator--5902e8c0-1aa0-43ca-9162-43b2950d210f",
"indicator--5902e8c1-71fc-4983-aa2d-493c950d210f",
"indicator--5902e8c1-6320-4591-a1fb-4201950d210f",
"indicator--5902e8c2-bfc0-4b6f-b496-475c950d210f",
"indicator--5902e8c2-6b34-4a14-8546-4a69950d210f",
"indicator--5902e8c3-398c-4458-a096-416c950d210f",
"indicator--5902e8c3-95a8-4f30-bada-452f950d210f",
"indicator--5902e8c4-3dec-46f5-8044-4ad1950d210f",
"indicator--5902e8c4-744c-46a8-ae58-4824950d210f",
"indicator--5902e8c5-9034-4b13-a67d-4735950d210f",
"indicator--5902e8c5-96c8-4890-99f3-4143950d210f",
"indicator--5902e8c6-f398-42ce-bbc5-4ade950d210f",
"indicator--5902e8c6-99e0-4f22-9c63-47e0950d210f",
"indicator--5902e8c7-ed4c-4179-b63e-43fb950d210f",
"indicator--5902e8c7-abe8-445b-afc9-4730950d210f",
"indicator--5902e8c8-7b40-4b70-be57-45c3950d210f",
"indicator--5902e8c8-a1c4-41d5-8f86-4eb8950d210f",
"indicator--5902e8c9-2040-4c5a-9f78-4c9f950d210f",
"indicator--5902e8c9-33dc-43be-9bf5-48a0950d210f",
"indicator--5902e8ca-a65c-4cba-ad79-484a950d210f",
"indicator--5902e8ca-4e80-4f4a-ad2b-4233950d210f",
"indicator--5902e8cb-42f0-464d-b98e-4da3950d210f",
"indicator--5902e8cb-797c-40e1-a685-44df950d210f",
"indicator--5902e8cc-9890-457e-97ad-48de950d210f",
"indicator--5902e8cc-15e8-43c4-a821-4fc1950d210f",
"indicator--5902e8cd-bc6c-4558-ae7b-4b2d950d210f",
"indicator--5902e8cd-edc0-4616-a05b-44cb950d210f",
"indicator--5902e8cd-3254-4af8-9eb3-4d97950d210f",
"indicator--5902e8ce-5080-4453-9293-4330950d210f",
"indicator--5902e8ce-3678-45bc-b8d1-4a6b950d210f",
"indicator--5902e8cf-0d34-4516-a810-4bee950d210f",
"indicator--5902e8cf-24d8-42dd-8e4a-4212950d210f",
"indicator--5902e8d0-a450-45b7-b7b8-4909950d210f",
"indicator--5902e8d0-73fc-4dd3-bf97-4bf0950d210f",
"indicator--5902e8d1-da6c-4942-a096-4413950d210f",
"indicator--5902e8d1-f8b8-4f96-af70-41f8950d210f",
"indicator--5902e8d2-70e0-4692-b6e8-43ca950d210f",
"indicator--5902e8d2-16e4-4d94-9b59-4bef950d210f",
"indicator--5902e8d3-cb00-4cf9-b5e9-435d950d210f",
"indicator--5902e8d3-74b4-427e-bc82-4ff6950d210f",
"indicator--5902e8d4-ef0c-46cd-87bc-4808950d210f",
"indicator--5902e8d4-9980-4dd8-94ac-415a950d210f",
"indicator--5902e8d5-153c-4cc1-aa33-446b950d210f",
"indicator--5902e8d5-9780-485f-9a0e-4095950d210f",
"indicator--5902e8d6-8728-42bd-bcaa-4f9d950d210f",
"indicator--5902e8d6-8130-42fa-9f73-4979950d210f",
"indicator--5902e8d7-ad4c-4dd9-9d65-483c950d210f",
"indicator--5902e8d7-888c-4436-8130-4a75950d210f",
"indicator--5902e8d8-118c-4937-9c9c-4375950d210f",
"indicator--5902e8d8-a4f8-4f62-a912-4759950d210f",
"indicator--5902e8d9-bed0-4804-95ea-4ea7950d210f",
"indicator--5902e8d9-1f18-48ee-9c2e-4bfb950d210f",
"indicator--5902e8da-cb18-4ed8-b403-40d8950d210f",
"indicator--5902e8da-ba24-4c0c-87ba-4a8b950d210f",
"indicator--5902e8da-de30-4eed-88bb-467c950d210f",
"indicator--5902e8db-9240-42e1-bc65-440a950d210f",
"indicator--5902e8db-5a1c-478f-bb06-483f950d210f",
"indicator--5902e8dc-073c-4b47-a509-4d10950d210f",
"indicator--5902e8dc-44e0-45c1-9b8b-4c75950d210f",
"indicator--5902e8dd-990c-42c8-9bf6-4857950d210f",
"indicator--5902e8dd-16b4-4797-8074-4f7f950d210f",
"indicator--5902e8de-36b8-4fd9-a7e3-4cef950d210f",
"indicator--5902e8de-db1c-4482-b6de-4ef2950d210f",
"indicator--5902e8df-2948-49bd-96d3-4126950d210f",
"indicator--5902e8df-8a44-4f1e-9fe6-40bf950d210f",
"indicator--5902e8e0-a1bc-46e0-9c1a-4dac950d210f",
"indicator--5902e8e0-914c-497a-ab94-4a10950d210f",
"indicator--5902e8e1-289c-4e54-8ee7-4399950d210f",
"indicator--5902e8e1-70e4-4e0a-a4b7-47e2950d210f",
"indicator--5902e8e2-7970-4efb-b9db-4c3b950d210f",
"indicator--5902e8e2-6a64-4ee8-b83a-4c06950d210f",
"indicator--5902e8e3-9864-4f85-a3b3-45e7950d210f",
"indicator--5902e8e3-a1e0-41bf-ae45-4591950d210f",
"indicator--5902e8e4-3ff8-4567-bd6d-459b950d210f",
"indicator--5902e8e4-1ff8-4d72-9cce-421f950d210f",
"indicator--5902e8e5-5e0c-4fed-8611-4e90950d210f",
"indicator--5902e8e5-82fc-43b8-acb3-46fe950d210f",
"indicator--5902e8e6-f220-4c5c-9452-45c4950d210f",
"indicator--5902e8e6-e550-4743-88d3-49b1950d210f",
"indicator--5902e8e6-e284-4893-a8c0-4a35950d210f",
"indicator--5902e8e7-6878-44cc-b820-4798950d210f",
"indicator--5902e8e7-edc4-4d3a-8a94-42cd950d210f",
"indicator--5902e8e8-49bc-4d96-80f2-4214950d210f",
"indicator--5902e8e8-b888-493e-ac08-47ba950d210f",
"indicator--5902e8e9-aa8c-4c19-8a4f-467c950d210f",
"indicator--5902e8e9-e8b0-4a5e-b94e-44e3950d210f",
"indicator--5902e8ea-28e4-40af-9b25-4cf8950d210f",
"indicator--5902e8ea-2b84-4be2-baf5-49fb950d210f",
"indicator--5902e8eb-3f48-45c5-b5d7-4d73950d210f",
"indicator--5902e8eb-b140-4a94-9cd3-4048950d210f",
"indicator--5902e8ec-2988-4d37-847f-4d5a950d210f",
"indicator--5902e8ec-1a48-49e8-b767-4916950d210f",
"indicator--5902e8ed-815c-4fe1-a091-4a28950d210f",
"indicator--5902e8ed-a998-433c-b29f-4da5950d210f",
"indicator--5902e8ee-a584-4828-adc2-46f9950d210f",
"indicator--5902e8ee-5fa0-49d1-99a1-400e950d210f",
"indicator--5902e8ef-26c8-442a-b035-483d950d210f",
"indicator--5902e8ef-5fac-47fb-8522-4ddf950d210f",
"indicator--5902e8f0-fa30-493f-ad8f-49e5950d210f",
"indicator--5902e8f0-cfd0-455e-a2b2-496c950d210f",
"indicator--5902e8f1-7cf8-409e-ae1c-4233950d210f",
"indicator--5902e8f1-8c3c-4b01-a51e-417b950d210f",
"indicator--5902e8f2-c45c-44b1-90cc-4511950d210f",
"indicator--5902e8f2-c124-43f9-ae40-469f950d210f",
"indicator--5902e8f3-1af0-493e-873d-4882950d210f",
"indicator--5902e8f3-e860-4324-86c4-4afc950d210f",
"indicator--5902e8f4-7000-4660-999c-4605950d210f",
"indicator--5902e8f4-f3c8-464a-a581-482f950d210f",
"indicator--5902e8f5-2a4c-4867-abe2-4755950d210f",
"indicator--5902e8f5-18e4-441c-b4ef-4f36950d210f",
"indicator--5902e8f6-db0c-4868-8c0b-4bc5950d210f",
"indicator--5902e8f6-256c-4ea5-9a66-4a68950d210f",
"indicator--5902e8f7-a9d8-4529-a43c-4578950d210f",
"indicator--5902e8f7-24e8-4428-857e-4dce950d210f",
"indicator--5902e8f8-7b44-4149-b9e4-40c6950d210f",
"indicator--5902e8f8-9658-421c-9458-4aa8950d210f",
"indicator--5902e8f8-266c-40ba-9e9a-4c39950d210f",
"indicator--5902e8f9-6718-447b-8dd5-4caa950d210f",
"indicator--5902e8fa-0884-4246-9608-453c950d210f",
"indicator--5902e8fa-6910-4754-b8ab-4077950d210f",
"indicator--5902e8fb-97f4-49a6-be82-4e04950d210f",
"indicator--5902e8fb-c8b8-4a1d-a2e9-4247950d210f",
"indicator--5902e8fb-7af4-4f71-9f47-4983950d210f",
"indicator--5902e8fc-51fc-415d-aadd-4572950d210f",
"indicator--5902e8fc-0f2c-47d1-bef4-4dd0950d210f",
"indicator--5902e8fd-caa0-4c54-a06c-4a1a950d210f",
"indicator--5902e8fd-9dc0-41f9-b0c3-40bd950d210f",
"indicator--5902e8fe-c830-4f59-8a79-4dce950d210f",
"indicator--5902e8fe-d5bc-4846-b722-4e46950d210f",
"indicator--5902e8ff-6fc8-4a5a-a5f4-4cd0950d210f",
"indicator--5902e8ff-b600-4480-8276-4681950d210f",
"indicator--5902e900-9830-4766-9ddd-4a3d950d210f",
"indicator--5902e900-b28c-42f3-b995-408f950d210f",
"indicator--5902e901-ce3c-4b87-b867-4590950d210f",
"indicator--5902e901-6d14-4ee7-a3e6-4f6b950d210f",
"indicator--5902e902-c2c0-41ca-81d2-4a2a950d210f",
"indicator--5902e902-46c4-4155-b0f9-4bb4950d210f",
"indicator--5902e903-2b3c-4de5-89fa-4035950d210f",
"indicator--5902e903-0f54-4ed5-a762-409a950d210f",
"indicator--5902e904-a624-4493-bfdb-4e07950d210f",
"indicator--5902e904-18f0-4c90-b7c1-4879950d210f",
"indicator--5902e905-9378-42bb-974f-4e06950d210f",
"indicator--5902e905-1654-4403-8f7c-4eab950d210f",
"indicator--5902e906-9324-4041-aaa1-4c14950d210f",
"indicator--5902e906-1000-4be6-adfe-42ad950d210f",
"indicator--5902e907-ca3c-40ed-9435-49a5950d210f",
"indicator--5902e907-fd9c-490d-934c-4afb950d210f",
"indicator--5902e908-7b14-4ca2-b28b-452d950d210f",
"indicator--5902e908-45d8-4805-8a33-4d98950d210f",
"indicator--5902e949-4fe4-4e6a-bc1c-417e950d210f",
"indicator--5902e985-e854-4e6e-9269-4bb4950d210f",
"indicator--5902e9ad-d554-4234-b809-49c5950d210f",
"indicator--5902e9d9-9ea0-451f-9c1f-4bf9950d210f",
"indicator--5902ea4d-393c-4163-9e84-46f6950d210f",
"indicator--5902ea6c-5304-4c4c-9663-49f7950d210f",
"indicator--5902ea82-f8f0-423b-8dcc-4001950d210f",
"indicator--5902eabd-52d0-4ecd-ba61-46bf950d210f",
"indicator--5902ead9-a210-4fa4-856c-4f86950d210f",
"indicator--5902eb18-5250-4d6e-8395-47af950d210f",
"indicator--5902eba4-4ed4-4b59-8aa5-4843950d210f",
"x-misp-attribute--5902ebd1-5d2c-4506-81cf-4edd950d210f",
"indicator--5902ec84-cc5c-488b-8847-44b5950d210f",
"indicator--5902ec85-d764-49a1-bd2d-4bb2950d210f",
"x-misp-attribute--5902ecc1-0bac-4a9d-92eb-40ed950d210f",
"indicator--5902ecf9-bbe8-4cb7-83b4-42ff950d210f",
"indicator--5902ed18-75d8-455d-943f-4b0c950d210f",
"indicator--5902ed18-a7ec-40f8-b6ac-40d9950d210f",
"indicator--5902ed19-87b4-4725-9ef8-4671950d210f",
"indicator--5902ed89-5744-4b2b-9c03-45ab950d210f",
"indicator--5902ed8a-8424-4f45-b500-4ab5950d210f",
"indicator--5902ef1a-a9a4-47a3-bd35-4fc402de0b81",
"indicator--5902ef1a-c0a4-49cd-adf9-4b8802de0b81",
"observed-data--5902ef1a-76e8-4178-8743-4a7102de0b81",
"url--5902ef1a-76e8-4178-8743-4a7102de0b81",
"observed-data--5902ef1b-0578-4462-abf1-4d8d02de0b81",
"url--5902ef1b-0578-4462-abf1-4d8d02de0b81",
"observed-data--5902ef1b-4548-4adc-b1e2-4fc302de0b81",
"url--5902ef1b-4548-4adc-b1e2-4fc302de0b81",
"observed-data--5902ef1c-9334-4241-8c5c-45d102de0b81",
"url--5902ef1c-9334-4241-8c5c-45d102de0b81",
"observed-data--5902ef1c-989c-47c0-a5dd-454102de0b81",
"url--5902ef1c-989c-47c0-a5dd-454102de0b81",
"observed-data--5902ef1d-3f50-451c-9807-4e9802de0b81",
"url--5902ef1d-3f50-451c-9807-4e9802de0b81",
"observed-data--5902ef1d-4894-4168-8606-446902de0b81",
"url--5902ef1d-4894-4168-8606-446902de0b81",
"observed-data--5902ef1e-7d3c-4f53-beee-46a002de0b81",
"url--5902ef1e-7d3c-4f53-beee-46a002de0b81",
"observed-data--5902ef1e-116c-4b52-874b-41a202de0b81",
"url--5902ef1e-116c-4b52-874b-41a202de0b81",
"observed-data--5902ef1e-25d8-495a-9ac1-445e02de0b81",
"url--5902ef1e-25d8-495a-9ac1-445e02de0b81",
"observed-data--5902ef1f-a37c-40ca-8646-482802de0b81",
"url--5902ef1f-a37c-40ca-8646-482802de0b81",
"observed-data--5902ef1f-1a74-4d29-9645-4e2d02de0b81",
"url--5902ef1f-1a74-4d29-9645-4e2d02de0b81",
"observed-data--5902ef20-eae8-4e7a-9e84-498202de0b81",
"url--5902ef20-eae8-4e7a-9e84-498202de0b81",
"observed-data--5902ef20-f394-48e1-b2ab-4b4702de0b81",
"url--5902ef20-f394-48e1-b2ab-4b4702de0b81",
"observed-data--5902ef20-7bd4-4e55-8a82-425102de0b81",
"url--5902ef20-7bd4-4e55-8a82-425102de0b81",
"observed-data--5902ef21-795c-4804-a586-463402de0b81",
"url--5902ef21-795c-4804-a586-463402de0b81",
"observed-data--5902ef21-55a4-4ad0-ac9d-47b202de0b81",
"url--5902ef21-55a4-4ad0-ac9d-47b202de0b81",
"observed-data--5902ef22-2b0c-469b-98ab-4ab002de0b81",
"url--5902ef22-2b0c-469b-98ab-4ab002de0b81",
"observed-data--5902ef22-6b3c-4349-8b48-41cc02de0b81",
"url--5902ef22-6b3c-4349-8b48-41cc02de0b81",
"observed-data--5902ef23-dedc-4679-b5a2-4cbd02de0b81",
"url--5902ef23-dedc-4679-b5a2-4cbd02de0b81",
"observed-data--5902ef23-d0b4-41e9-a956-45ad02de0b81",
"url--5902ef23-d0b4-41e9-a956-45ad02de0b81",
"observed-data--5902ef23-553c-467c-b8c0-42f302de0b81",
"url--5902ef23-553c-467c-b8c0-42f302de0b81",
"observed-data--5902ef24-0dc0-47cb-8908-475902de0b81",
"url--5902ef24-0dc0-47cb-8908-475902de0b81",
"observed-data--5902ef24-256c-4632-bd53-4c3c02de0b81",
"url--5902ef24-256c-4632-bd53-4c3c02de0b81",
"observed-data--5902ef25-8e48-4669-9677-4d3202de0b81",
"url--5902ef25-8e48-4669-9677-4d3202de0b81",
"observed-data--5902ef25-ecd4-4df3-8e9d-4aab02de0b81",
"url--5902ef25-ecd4-4df3-8e9d-4aab02de0b81",
"observed-data--5902ef26-d108-471e-8f01-4bef02de0b81",
"url--5902ef26-d108-471e-8f01-4bef02de0b81",
"observed-data--5902ef26-21f8-4823-ad14-45fa02de0b81",
"url--5902ef26-21f8-4823-ad14-45fa02de0b81",
"observed-data--5902ef27-3e48-4829-8156-4df502de0b81",
"url--5902ef27-3e48-4829-8156-4df502de0b81",
"observed-data--5902ef27-43b8-42fa-8ae3-4eda02de0b81",
"url--5902ef27-43b8-42fa-8ae3-4eda02de0b81",
"observed-data--5902ef28-12b0-4047-b145-435002de0b81",
"url--5902ef28-12b0-4047-b145-435002de0b81",
"observed-data--5902ef28-4520-45c5-9c3e-475b02de0b81",
"url--5902ef28-4520-45c5-9c3e-475b02de0b81",
"observed-data--5902ef28-59c4-4895-b28e-4b7702de0b81",
"url--5902ef28-59c4-4895-b28e-4b7702de0b81",
"indicator--5902ef29-9f54-46f4-86d6-49d502de0b81",
"observed-data--5902ef29-75a8-48f5-9561-44e002de0b81",
"url--5902ef29-75a8-48f5-9561-44e002de0b81",
"indicator--5902ef29-00c4-4f0d-ab33-4bcd02de0b81",
"observed-data--5902ef2a-e1ec-4eb5-a551-466602de0b81",
"url--5902ef2a-e1ec-4eb5-a551-466602de0b81",
"indicator--5902ef2a-1c00-402b-ac99-4c1302de0b81",
"observed-data--5902ef2b-8630-4a46-8665-456a02de0b81",
"url--5902ef2b-8630-4a46-8665-456a02de0b81",
"indicator--5902ef2b-28b4-47d7-802d-4f2202de0b81",
"observed-data--5902ef2c-0eec-424d-9879-418502de0b81",
"url--5902ef2c-0eec-424d-9879-418502de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:tool=\"PlugX\"",
"misp-galaxy:tool=\"REDLEAVES\"",
"estimative-language:likelihood-probability=\"very-likely\"",
"admiralty-scale:source-reliability=\"b\"",
"admiralty-scale:information-credibility=\"1\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902e34b-0728-4d97-9a52-4852950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"first_observed": "2017-04-28T07:23:24Z",
"last_observed": "2017-04-28T07:23:24Z",
"number_observed": 1,
"object_refs": [
"url--5902e34b-0728-4d97-9a52-4852950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"technical-report\"",
"admiralty-scale:source-reliability=\"b\"",
"estimative-language:likelihood-probability=\"very-likely\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902e34b-0728-4d97-9a52-4852950d210f",
"value": "https://www.us-cert.gov/ncas/alerts/TA17-117A"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5902e35b-24d0-47e1-a02f-41ac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"technical-report\"",
"admiralty-scale:source-reliability=\"b\"",
"estimative-language:likelihood-probability=\"very-likely\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "The National Cybersecurity and Communications Integration Center (NCCIC) has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple malware implants. Initial victims have been identified in several sectors, including Information Technology, Energy, Healthcare and Public Health, Communications, and Critical Manufacturing.\r\nAccording to preliminary analysis, threat actors appear to be leveraging stolen administrative credentials (local and domain) and certificates, along with placing sophisticated malware implants on critical systems. Some of the campaign victims have been IT service providers, where credential compromises could potentially be leveraged to access customer environments. Depending on the defensive mitigations in place, the threat actor could possibly gain full access to networks and data in a way that appears legitimate to existing monitoring tools.\r\nAlthough this activity is still under investigation, NCCIC is sharing this information to provide organizations information for the detection of potential compromises within their organizations."
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902e382-95a8-44bd-aa64-445e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"first_observed": "2017-04-28T07:23:24Z",
"last_observed": "2017-04-28T07:23:24Z",
"number_observed": 1,
"object_refs": [
"url--5902e382-95a8-44bd-aa64-445e950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"technical-report\"",
"admiralty-scale:source-reliability=\"b\"",
"estimative-language:likelihood-probability=\"very-likely\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902e382-95a8-44bd-aa64-445e950d210f",
"value": "https://www.us-cert.gov/sites/default/files/publications/IR-ALERT-MED-17-093-01C-Intrusions_Affecting_Multiple_Victims_Across_Multiple_Sectors.pdf"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902e383-662c-4854-99f8-47ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"first_observed": "2017-04-28T07:23:24Z",
"last_observed": "2017-04-28T07:23:24Z",
"number_observed": 1,
"object_refs": [
"url--5902e383-662c-4854-99f8-47ca950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"technical-report\"",
"admiralty-scale:source-reliability=\"b\"",
"estimative-language:likelihood-probability=\"very-likely\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902e383-662c-4854-99f8-47ca950d210f",
"value": "https://www.us-cert.gov/sites/default/files/publications/IR-ALERT-MED-17-093-01C.xlsx"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902e383-13e8-487b-a0aa-4a57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"first_observed": "2017-04-28T07:23:24Z",
"last_observed": "2017-04-28T07:23:24Z",
"number_observed": 1,
"object_refs": [
"url--5902e383-13e8-487b-a0aa-4a57950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\"",
"osint:source-type=\"technical-report\"",
"admiralty-scale:source-reliability=\"b\"",
"estimative-language:likelihood-probability=\"very-likely\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902e383-13e8-487b-a0aa-4a57950d210f",
"value": "https://www.us-cert.gov/sites/default/files/publications/IR-ALERT-MED-17-093-01C.stix.xml"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e56e-bcf4-43d3-8328-4c1b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '61.97.241.239']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e56f-72ec-4d28-9af4-4fcf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.208.86.129']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e56f-7f4c-4c16-9e0a-4b18950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.237.108.202']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e56f-ad38-4d98-aeca-4120950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.237.111.175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e570-4194-4706-9351-41b3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.248.222.85']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e570-5dfc-40c6-90f9-4ae8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.47.156.86']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e571-1130-4146-ba62-4c0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '162.243.6.98']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e571-4284-48e7-ab47-4bc4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.202.163.78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e571-d4f0-4705-a886-4ac9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '86.106.102.3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e572-6424-479a-88ca-414b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '110.10.176.181']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e572-23f0-470d-b812-4372950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.133.40.63']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e573-50b4-4f6e-a6f4-4e5c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.14.185.189']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e573-1140-41b1-822d-43a7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.183.52.57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e573-0634-4ab6-803f-47b0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.117.88.78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e574-e044-4bdc-8276-4f6d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.117.88.77']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e574-9f68-49e1-8e92-44c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.117.88.82']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e575-9974-4159-9be5-47c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.237.108.150']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e575-fcec-4448-99f9-4bc5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.110.17.209']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e575-55f8-465c-8c37-4547950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.176.239.56']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e576-33cc-483e-804e-4303950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.236.20.16']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e576-0b18-4fb6-bddb-41b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '107.181.160.109']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e577-5780-42e1-a356-47d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.101.100.73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e577-cb5c-4bde-bc93-4994950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.255.208.170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e577-47a4-4410-abc8-4646950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.255.208.189']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e578-2110-43cf-9fe8-4bfd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '158.255.208.61']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e578-b3c8-4a9c-856c-42f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.202.163.79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e579-bd60-48dc-8de8-43b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.202.163.82']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e579-95b8-45de-848f-491a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.202.163.90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e579-5e98-48c3-a839-4fd5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '160.202.163.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e57a-9174-4eda-b6b6-4a7d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.117.88.81']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e57a-f854-4d1a-bc16-4a05950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.141.25.33']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e57b-78bc-4394-9661-468e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.184.198.23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e57b-87cc-49dc-ae51-4d5c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.184.198.38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e57c-11a4-4f80-ad5b-4b6b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.242.144.2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e57c-3f98-4c16-88b2-4f3f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "IP Watchlist",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '183.134.11.84']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c0-0cbc-40bf-b435-4fc4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '8a93859e5f7079d6746832a3a22ff65c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c1-d5ec-401e-a1db-45cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'b0649c1f7fb15796805ca983fd8f95a3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c1-90f0-4629-9b8e-44dc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'c1cb28327d3364768d1c1e4ce0d9bc07']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c1-b59c-44c8-8386-489f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'c0c8dcc9dad39da8278bf8956e30a3fc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c2-e8f8-4c55-9897-4379950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'db212129be94fe77362751c557d0e893']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c2-1a14-4116-866b-464c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '23d03ee4bf57de7087055b230dae7c5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c3-dca8-41be-9774-4152950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '472b1710794d5c420b9d921c484ca9e8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c3-ecdc-4c65-867b-4175950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '19610f0d343657f6842d2045e8818f09']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c3-12c4-4483-a10b-4b80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'f5744d72c6919f994ff452b0e758ffee']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c4-eff0-4c2d-8464-4027950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '7891f00dcab0e4a2f928422062e94213']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c4-eb68-41d0-ab6e-460a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '1b891bc2e5038615efafabe48920f200']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c5-946c-40b5-8c19-4dfd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'dbb867c2250b5be4e67d1977fcf721fb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c5-d3c0-4cfd-8e0f-45c0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'f03f70d331c6564aec8931f481949188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c6-89c0-4825-b633-455e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '75500bb4143a052795ec7d2e61ac3261']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c6-f930-46e4-a8ef-40be950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '0f6b00b0c5a26a5aa8942ae356329945']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c6-d694-471a-ba3d-42fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'd316848ce47c098ccfe72aa7311aaffa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c7-3908-457d-b6da-4b4a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'e975d5b29d988929e5ad3a8fa19083d1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c7-f710-400a-b10e-4183950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '667989ffa5e77943f3384e78adf93510']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c8-8a7c-4669-99c1-407b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '5a78974df88ab6a67bb72a5c7a437fb2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c8-90c8-4497-b3b9-41f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '8ece7de82e1bdd4659a122c06ea9533e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c8-869c-48dd-ac91-453e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '850a7e877d8e68188714ff5344f6fc15']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c9-13a4-4f6e-ac55-41ea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '3afa9243b3aeb534e02426569d85e517']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5c9-b69c-4c35-afa1-4cde950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '0c0a39e1cab4fc9896bdf5ef3c96a716']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5ca-fac8-4bfa-972c-49a9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'ca9644ef0f7ed355a842f6e2d4511546']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5ca-4400-4e45-b501-4a60950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'f586edd88023f49bc4f9d84f9fb6bd7d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5ca-9330-4ec9-b734-44a3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '3cbb5664d70bbe62f19ee28f26f21d7e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cb-ee48-4590-9d3c-4c51950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'd1bab4a30f2889ad392d17573302f097']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cb-6ab0-476f-bbe1-47f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '19417f7551bc54db6783823325557773']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cc-ee90-4d35-8753-42d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'bb269704ba8647da97377440d403ae4d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cc-2bcc-4825-bf97-46d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'fa89eeaac3c9de18aee8c58b6580dfea']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cd-c814-493b-b4ca-417d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '81df89d6fa0b26cadd4e50ef5350f341']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cd-66f0-472d-91da-43fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '06b0af6ff00647f57119d8a261829f73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cd-630c-4d15-a1c6-41b1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'dd0494eb1ab29e577354fca895bec92a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5ce-b6b0-44e0-bf17-4c99950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '6fccfa1559a64edff571d6042abd8a59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5ce-af00-4d35-ad8a-4618950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '9ae3b326cf716fbccbecfd292846a3a9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cf-9268-4c19-a800-4033950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '598ff82ea4fb52717acafb227c83d474']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5cf-bcec-4571-a3a8-4db3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '0b05143e2e4b56dbf5ef7a58b5013bc3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5f8-c0f0-4c01-bae7-4c05950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '9c2f3bbfbb1cdfe30ef0aad88d461daf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5f9-854c-49eb-ba92-4a83950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '7d10708a518b26cc8c3cbfbaa224e032']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5f9-71dc-451a-8d38-47cf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '6235e5a45fa51a10826ced8e90adcf93']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5f9-5374-42ee-a53d-4cd7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'ad879f64e9137836283592720d95aadb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5fa-9024-4024-bae7-4cf1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'af406d35c77b1e0df17f839e36bce630']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5fa-8a4c-4b0a-96aa-48a2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '6ec0f91b5b74bc06ebb561cdeb0f4796']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5fb-0a20-4e66-9296-4186950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '80dfcb6ec50f381f153ade2866f18d4b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5fb-7360-4f17-b02f-4c8d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = 'f50460d3ddcc9628d0e86de1aa292895']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e5fb-f178-4d01-ad62-4c25950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.MD5 = '3ebbfeee3a832c92bb60b531f749230e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e653-fc5c-4edb-b3fd-4973950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '56d6c3ffa4f3d5ae742f937fae85f0995814cf90']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e653-de44-4429-9839-41fd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '56126b1c19c1121c0f5065204ef5cc4633079b98']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e654-0b04-4601-9568-465b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '741e955a9e458a70b5c085b3bfba800fdfb4ccde']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e654-055c-43ef-ba1d-4bc6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '009b639441ad5c1260f55afde2d5d21fc5b4f96c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e654-bc68-4987-ae4a-43ac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '7fe6c8191749767254513b03da03cfbf6dd6c139']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e655-d74c-4a83-a967-4231950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '7cace2e51e8ecc5ddb9720a8dc9e1f3596fe343b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e655-feb8-43ad-8658-49b0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '2c1b42e8c8acea5082275b6ea5f5c64ebaf4fa30']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e656-0fd8-450c-ada6-4541950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '42d5c9c4c02e6d5c88ec0acce72327389a92f0d7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e656-5fb0-4f0e-bcf2-4733950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'a954a3f20ef8065d98d9e3a3c5ae254e27c63bf6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e656-ef84-49b8-9c47-4ba5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '7cb04a4b86d998604341bc2b610a0a556830993d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e657-09b8-484e-8a24-433a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '95ab56ab1f0d4f010569ead7915fbc833a36cd73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e657-d25c-472b-b59f-42f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '1df29c63c917b089fe0fc099e2783c0c679892e5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e658-c834-4001-8bb4-4958950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '01edb82de7b9666eaa5d2791a14092f2e73d2795']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e658-68e4-4a2e-9892-4659950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'a7d0b38bda630c927820380d311ddc70a9606407']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e658-32fc-49f9-a785-4c9c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '1f412a62f50ff71f0b2b2f54aaa980962ebfd8a4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e659-fb4c-4cfa-8cdd-49a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '4132068417bcbffec16ac655a14f29aa74189fcb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e659-bbc8-4339-9b42-4819950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'b1043250c499ccf0ad56a688ccce662f42386869']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65a-f3f4-43a3-8080-4af4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'aee17dbab01ed334bb94506fcbc2ed259242159e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65a-8de0-4a01-8a8f-419a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '68e3f80012a78518ddbde055b5e42dd4d82e58e5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65a-b574-4d3a-b59a-4abe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '83d419bc812d08c9d09baa49a4313a81eda54702']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65b-6564-4458-8762-41a4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'aaee7385b2c836e9d3e14812807f911c2144a894']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65b-ffc4-4c53-a53f-460d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'df8f49a3fdf8a9d550b22d65d21a8006ff593ac4']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65c-2348-438f-b23c-478d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'de5af856804974ba3df03928fff03447e8f4c9c2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65c-61cc-4be3-9e3b-4eba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'a91669bb4dcb713e997ddf98417730de78cb990a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65d-4a58-4a8e-b9d1-4044950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'b966657d35bba9416775d320bb87086001995bbe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65d-ee6c-429b-9199-4848950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '6edd9bb17a999b5f5abcf123a2701e4ea4ada9a2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65d-f29c-4253-8cee-40d1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '5b045d98606f000a236b1bd4ac4c9e482b3f5475']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65e-b668-4aab-80f3-45d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '2d5c5e210c7db4ba6012bd761154db0d1f5cd658']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65e-0cd4-4135-ac17-46e4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '86cea2cb7510a6031d44b8472d806ae2205f438f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65e-efbc-443e-9cc2-468d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '61df36789f7d2314c79a41be512300d7c84131bb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65f-ae3c-4482-835c-4164950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'bd4110fdaa3c99c09ad4883085ddd62b6f9f9bd7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e65f-ce5c-457b-b9f5-456e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '9188923fcfca6bda9e13ec2efeb3b4ccc5f560cc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e660-bc30-4b0e-aae1-458e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '81ba8a1a9e26950c52580f5b046dbe1c8b6f6868']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e660-e324-4fc7-b269-4e82950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'da3cb3ade7f129838ff3c816b223859d91d377b6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e660-6e78-4f99-a123-4da3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'c793c4e63fe61140dc92749a38e63820776548a3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e661-a9a8-4d6c-afb5-4984950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '9e0b78aacf4871cddc0468d517f928970fd54c8d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e661-4cc0-4880-87cd-4f84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '2a07420c768fa49c05327741e0709c3ac5a71a06']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e695-514c-4401-9ea2-4a1e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'e418387dd296e00aea9141c8c4b73690495640a0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e696-01d8-4797-9958-4b6a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'aaec782a5256150c88b75c912bf4d091cf0c32e9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e696-27b0-48aa-9d0e-446d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '3cfb1bf0063ea9d893f9e95c11e223cc06299337']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e697-cfd4-4d89-b930-4fe8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'a6284ed7e11fdffa6b187c0fefafa421e0f56318']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e697-b3bc-412f-a6d8-4eb5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'a82a59fd073c3c868be93f52d09203e93e87d79a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e697-d98c-4944-939c-45c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = 'aaa19e15cfe66a105428048f3242889afae170dd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e698-6630-4f06-a84d-4be8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA1 = '0876f0cb9d03bc5539b242a374976b217095ec0d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e5-4c5c-448f-ae32-431d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'ae6b45a92384f6e43672e617c53a44225e2944d66c1ffb074694526386074145']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e5-23d4-4a68-ae54-40e1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'fd6a956a7708708cddff78c8505c7db73d7c4e961da8a3c00cc5a51171a92b7b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e6-5e0c-47c7-b168-443d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '2c71eb5c781daa43047fa6e3d85d51a061aa1dfa41feb338e0d4139a6dfd6910']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e6-be6c-454f-a5f8-4aff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '6605b27e95f5c3c8012e4a75d1861786fb749b9a712a5f4871adbad81addb59e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e6-f798-4d9e-a0a2-43ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'fadf362a52dcf884f0d41ce3df9eaa9bb30227afda50c0e0657c096baff501f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e7-59a8-4577-ad21-4148950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'e88f5bf4be37e0dc90ba1a06a2d47faaeea9047fec07c17c2a76f9f7ab98acf0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e7-1f98-4343-984c-49fd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'e6ecb146f469d243945ad8a5451ba1129c5b190f7d50c64580dbad4b8246f88e']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e7-3650-4c3b-b211-4ed1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '4521a74337a8b454f9b80c7d9e57b4c9580567f84e513d9a3ce763275c55e691']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e8-e2e4-439a-8de5-4d6c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'f251485a62e104dfd8629dc4d2dfd572ebd0ab554602d682a28682876a47e773']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e8-f79c-48a2-af57-421b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'b20ce00a6864225f05de6407fac80ddb83cd0aec00ada438c1e354cdd0d7d5df']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e9-cf44-4bd9-a55d-4f75950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '9a6692690c03ec33c758cb5648be1ed886ff039e6b72f1c43b23fbd9c342ce8c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e9-de48-4402-b680-4e15950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'cb0c8681a407a76f8c0fd2512197aafad8120aa62e5c871c29d1fd2a102bc628']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6e9-8c08-4099-a01b-4bb1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '45d804f35266b26bf63e3d616715fc593931e33aa07feba5ad6875609692efa2']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ea-cf94-4fde-b7c5-4c0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '19aa5019f3c00211182b2a80dd9675721dac7cfb31d174436d3b8ec9f97d898b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ea-83d8-405a-9daa-4ecb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '6392e0701a77ea25354b1f40f5b867a35c0142abde785a66b83c9c8d2c14c0c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6eb-44cc-450b-803a-42e8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '6c7e85e426999579dd6a540fcd827b644a79cda0ad50211d585a0be513571586']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6eb-b4d4-410d-9dc4-4b7f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'dcff19fc193f1ba63c5dc6f91f00070e6912dcec3868e889fed37102698b554b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6eb-c414-4aae-bd23-427a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '7eeaa97d346bc3f8090e5b742f42e8900127703420295279ac7e04d06ebe0a04']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ec-5d30-47b8-b9e8-4145950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'a6b6c66735e5e26002202b9d263bf8c97e278f6969c141853857000c8d242d24']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ec-6e44-4ccf-8bbb-4703950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '5412cddde0a2f2d78ec9de0f9a02ac2b22882543c9f15724ebe14b3a0bf8cbda']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ec-9b44-4a9a-bb6c-4bd9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '92dbbe0eff3fe0082c3485b99e6a949d9c3747afa493a0a1e336829a7c1faafb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ed-d910-4914-b444-4c2d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '5961861d2b9f50d05055814e6bfd1c6291b30719f8a4d02d4cf80c2e87753fa1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ed-b790-482f-bb86-429f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '316e89d866d5c710530c2103f183d86c31e9a90d55e2ebc2dda94f112f3bdb6d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ee-2a0c-430f-b912-4350950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'bc2f07066c624663b0a6f71cb965009d4d9b480213de51809cdc454ca55f1a91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ee-bf4c-41a0-be9b-4433950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'c21eaadf9ffc62ca4673e27e06c16447f103c0cf7acd8db6ac5c8bd17805e39d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ee-cf2c-4a47-85fe-4009950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '4cc0adf4baa1e3932d74282affb1a137b30820934ad4f80daceec712ba2bbe14']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ef-8d34-4938-9642-4e15950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '312dc69dd6ea16842d6e58cd7fd98ba4d28eefeb4fd4c4d198fac4eee76f93c3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6ef-5544-47d5-a381-442f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '76721d08b83aae945aa00fe69319f896b92c456def4df5b203357cf443074c03']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f0-2798-476c-acc3-47fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'c6b8ed157eed54958da73716f8db253ba5124a0e4b649f08de060c4aa6531afc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f0-66d4-48a9-9bbc-4f73950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'f1ca9998ca9078c27a6dab286dfe25fcdfb1ad734cc2af390bdcb97da1214563']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f0-7324-46e1-a25f-4941950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '9f01dd2b19a1032e848619428dd46bfeb6772be2e78b33723d2fa076f1320c57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f1-8254-41e6-962c-4d40950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'ca119725c2cef7baad0690d82b770c25ff64c7e7f1fc9e0e65c91d20151cd204']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f1-e1ac-41cc-8a05-4595950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '6bc2558eb8915edc19835d9e734023a2368f876971f5580478782c7444f9581c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f1-a318-4e20-94b4-4a71950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '02e702af02a6b9a8b31cd470c18e383093ef4ed404811b414d6d131df01f9acd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f2-8ed8-4b1e-9725-4812950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '79f61eda72c41b5ec526a3d5a1a91f86f0bc0eca470e07ab50d9626231143f11']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f2-0df8-4915-9598-484d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = '2e1f902de32b999642bb09e995082c37a024f320c683848edadaf2db8e322c3c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f3-5070-4483-b9c9-4cbc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'fb4e516e1e2a369d1cdfb208ee885cb4848bed707a0514367f464c8e7519cb50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f3-2a34-472a-844d-48f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'af9dde68c73d69ea535103e963f09587b6aa020081bbce06347de05fa469c257']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f3-c440-4eef-8f85-45c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'ff0b79ed5ca3a5e1a9dabf8e47b15366c1d0783d0396af2cbba8e253020dbb34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e6f4-11c0-48fd-b43c-4fbd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SHA256 = 'fcccc611730474775ff1cfd4c60481deef586f01191348b07d7a143d174a07b0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72c-a6c8-46e6-8bf6-496e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:UxSo8vomCcZsPvRqlWgY0VMD+S7VrlGgOSqvS1Wz+5CsoB5wV+JcrVgmzBsNuzMU:UCacZsYRZVS9d5Cg+4HBquzMCZfR']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72d-3fa4-4dd3-9f17-4535950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:3DQcggG8+EfcByY7oNPgaKxUuPiSCbEggvQ4+8DhqKPmCtI0mfBSXBKBlNuPiu77:3Eyi76PgadK3+8DwKPJm0mZ0BiJVm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72d-4558-40de-907c-4714950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:4vPHoYTlo34nioyhHYQgnzPNYfPqIcsAZCm7kCVjxkjJ7buRoHSXBKBlQ3JB2Ioh:8QYTG34ioygzPyXa5ZG97r0BiQjoh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72e-f614-4147-82e8-4dfb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:dU8Odn8h0mf8adYxVvMsZKQRpPiSCb/jgUkF525/xpLETTgOUQkwysz9oSXBKBlA:gE5Sx9MsZyTO52hxcJ3LzC0BiNVY']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72e-56d0-4b0a-8d78-498e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:MiPK+qCOhn+wJyh/FQgnzPNY+2JdkFn4T8BQVvi0yfYn+6uRoHSXBKBlQ3JQ2Iok:9PqCkn+wJyhzPUd24T8zcn+y0BiQqok']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72e-0edc-4912-a867-4045950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:H+kHzlkmztsXX23lt67TB0BtuXaA0BiNWn6k:H+kpztsXX2mCGKFrn6k']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72f-3774-4b50-ba68-43ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:3Kb43dClPyOuaAnvnj33Lsl62TYiGF0b2tzO37I42+KT4rhLSdtSXBKBlLqdb7kB:o4cVFuamvqy0w82+KQhLSdt0BiN239a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72f-5bf4-4a4b-af30-4b08950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:QX4y8bL7IpF2c1wbxZ/dXf0Bij0BiuJ39c:QX/8bc11wbxZ/B61jJ39c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e72f-2f2c-4c1d-b75b-4b38950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:Gv7GYbWMVUyBp7E7lsxJen0Bij0BiPxH+ku:G7GaWGp7E7GJJ1WH+/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e730-3314-41f9-9644-40f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:F74HhRcj0/EkRAMAY5nwxD1Ar0Bij0BiUXxA:F7sRcjsEY5nwxJT1PXxA']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e730-608c-4f5a-a095-4168950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:qs/2DuT8RveN3yES0Sg2XriusGgLD5tDwHF1pSXBKBlvxH+ka:J/2GK2rS0SR0DOfp0BivxH+ka']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e731-a9e8-48f1-a518-4be5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:so1xoijglqSBNBGaMgPsGkngxDVaUcTr0PWTFPLHF:hYz4SBNB8gLxYUcTr0PWZPLHF']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e731-4258-4235-87af-429d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:hY20AljuB28YZgqEPfS1fE1G5rJF6QLBLcTHyy7+xwga/fsB:hY20AljdZgBPfKfCQtLSH5+9a/kB']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e731-ee38-473a-8658-41b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:65JeDKbpqYklgI7r43sc25BMv+a0Bij0BipLm:65UsqdP7rsJ6106']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e732-0cd8-490f-8901-4d40950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '49152:Na175O/mZxrkaH1EN5/yxnxEil7F8vSZBWwj186KQGwi38KQrF+FO7p1FzohbJq:uO/mZxbHW7yxnxECF8vSZBW+Pbi38KQs']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e732-5ea8-406e-9eab-4f52950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '12288:0nlPVTFqOhmW+QjE2UnNsQwIXKosg4M3Ic1SqP02JXS0n69se:0nl/7mW+QjaNxbN4qIkila']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e733-675c-44ef-abe5-4e79950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:VmYFCN2tM+gfmkZxuMh2C30rzhDt7nLLzMCZf:VaAMFZxph2CkvhBLn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e733-7998-4754-9211-4afd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:UcJNysymEx13p8u533Xyn3kCzRGyAK/Zu39tF3uBw8oEU5a1SDzFLzMCnZf9IAaY:UciLXh3K9zZu39tQC8oEnIBzMCZfZaY']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e733-9b24-4f03-964e-4650950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:fNPaNYarzoyHOj+qPPkD+KFVSXpKt3TPsRtCywElqG:Vydbw+4kDH8XpKd4DxwI']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e734-ebec-402e-ba04-4202950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:fNPaNYarzoyHOj+qPPkD+KFVSXpKt3TPsRtCywElqG3:Vydbw+4kDH8XpKd4DxwIz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e734-9864-49dc-b70f-439b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:aK55Dxg5oMnR5kpTsYQQf0Lt5rHWl/U5HXLuC0oCE:H55y7nR57YLKnal/U5ato']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e735-f920-440f-ab1b-4002950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:ROCKoy/OA/y5wSjZEug2IVAQR7KOSp0BiO:E05ay/jZxNQdP7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e735-7770-4a6f-95be-4518950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:JfV5IBcpSVVUIr0Izm2nUzXAzUW0BiNoNn6R:JfVrSV6Ir0IVAXAIvFn6R']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e735-4848-47b8-91ef-4e6a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:Eif4klql7aOWKEgXn7IfLsl62sPG2kOqfR7CxP76k+ffaF+6E4SXBKBljSXBKBlE:l4hptWKpXiyDM6kv+6E40Bij0Biw39L']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e736-a9d4-42f5-b703-461a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:qs/2DuT8RveN3yES0Sg2XriusGgLD5tDwHF1pSXBKBlvxH+k9:J/2GK2rS0SR0DOfp0BivxH+k9']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e736-6588-49fc-aecf-4e25950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:I7JgxvGuoEMcJzEgTZmVibMq9x1JPvqbPjK0BigdCV:INgcEFZTZmVIMq9x1JPvqbPj78']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e736-9334-4693-a36e-4a02950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '3072:hi7HsQQXwwybPRzHQMlspVicPQMq9x1JPvqbPjUCtorSSXBKBlp4:hi7HQ6HZmVibMq9x1JPvqbPjR0Bi+']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e737-a5b4-46f6-8589-4b02950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:cmJ7yC3K9zZu39tQC8oE2QQzMCZf4zMCZf4zMCZfR:cmv3K9V43j9xqqp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e737-7988-4d47-8969-43c3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '768:Ga74qxW588yzTaq/nYkZIsKF/Ia5QaYuIzQchjtA5TykeovEDln7+qniYwP0:VSVyzffYkZi/IaDYljtAkkeN6kwP0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e738-59dc-4f5d-8a6f-4c59950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:W2bVESI/Gzfa0YrJkf41akMM0TWr1DAXnpld7aiAt:pCHtg48kqTE1DAXpld3A']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e738-69c8-4d49-bb75-4bd2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:a6Tl0vnG7PKavITBYAlCkkMUbWD904I/vRqNM6iAt:ZiaQdYA0kSb8904I/pqN+A']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e738-1a08-4e73-b52a-4caf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "File Hash Watchlist",
"pattern": "[file:hashes.SSDEEP = '6144:rqfg5tD+sZysueMjObWHJAbM0iKL1lttqPxvkv3:2fqlOjewOARCtMx83']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"ssdeep\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e826-7a30-4474-b7f1-4d96950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'abc.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e826-46dc-4b64-b736-46de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ad.getfond.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e827-f998-48e2-82ff-4310950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'additional.sexidude.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e827-4ff8-47b7-8381-4150950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'announcements.toythieves.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e828-ea24-4ce8-9c7b-4c58950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'apple.cmdnetview.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e828-8af8-4dde-8368-4ba6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'apple.ikwb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e828-ed7c-4a10-838c-485c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'appledownload.ourhobby.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e829-8e44-4ec5-af65-475b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'appleimages.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e829-9b20-471b-a774-4718950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'appleimages.longmusic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e829-e3e0-438e-b3ff-4b39950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'appleimages.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82a-4924-4b1e-93d7-4c89950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'applemirror.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82a-78bc-4232-b669-47ab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'applemirror.squirly.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82b-fccc-4e2a-95f3-42ce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'applemusic.isasecret.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82b-e4c8-4226-98dc-4772950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'applemusic.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82b-16b0-4cae-9372-4183950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'applemusic.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82c-80a0-4e98-8e13-404e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'applemusic.xxuz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82c-8d58-4e1b-9257-4c25950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'applemusic.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82d-7fd8-4b91-9463-4ab9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'appleupdate.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82d-ab5c-40f1-926b-43cd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'appleupdateurl.2waky.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82d-4e60-4729-a0c9-4faa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'asfzx.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82e-8114-410d-9581-4080950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'availab.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82e-4474-443b-8ea8-498c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'availability.justdied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82f-15a0-45ad-88cc-4527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'babymusicsitetr.mymom.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82f-1668-40d0-bf1d-4f9b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'back.jungleheart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e82f-eff0-459c-a864-498a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'back.mofa.dynamic-dns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e830-c4e4-4737-a3d1-4233950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'bak.ignorelist.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e830-49e0-424c-b0a3-40ad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'bak.un.dnsrd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e831-2640-4aaa-9f5f-4131950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'balance1.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e831-8638-4926-a59b-4991950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'barber.faqserv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e831-c54c-4608-bf66-4d52950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'bdoncloud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e832-b318-43ac-9442-4de5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'be.mrslove.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e832-c474-4cb2-974b-420f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'bexm.cleansite.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e833-f084-47bb-806a-47d5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'bezu.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e833-886c-477f-a444-4e94950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'billing.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e833-5bcc-46ab-a857-46ad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'blaaaaaaaaaaaa.windowsupdate.3-a.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e834-ac10-407e-92a2-4777950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'brand.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e834-8edc-47ee-ba23-4662950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'bulletproof.squirly.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e835-1c7c-4f21-ac18-4265950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'catholicmmb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e835-6558-4b6e-9d6e-4243950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ccfchrist.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e835-87a0-4bb1-ab4d-4c09950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'cdn.incloud-go.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e836-f2d4-45e1-9e67-4ee8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'center.shenajou.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e836-c07c-49df-b898-41dc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'cia.ezua.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e836-8858-471d-a4eb-45a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'civilwar123.authorizeddns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e837-4404-4029-8510-4281950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'civilwar520.onmypc.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e837-1bd8-46ac-956e-4a74950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'cloud-kingl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e838-ecdc-4792-989e-451e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'cloud-maste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e838-1310-4507-9347-43b7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'cnnews.mylftv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e838-3e64-4e0f-9be4-4361950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'commissioner.shenajou.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e839-b048-483e-80c9-42ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'commons.onedumb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e839-ea04-4059-a0bc-4727950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'contactus.myddns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e839-3bb0-4fe3-85ef-4a5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'contactus.onmypc.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83a-ea9c-433e-baa0-4d8f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'contract.4mydomain.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83a-ba34-4096-a64e-49a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'contractus.qpoe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83a-45a0-407c-99f3-4738950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'contractus.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83b-43bc-4884-b8e4-43cd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'cress.mynetav.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83b-3388-4583-9e99-417c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ctldl.microsoftupdate.qhigh.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83c-b898-4f08-91ff-42a8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ctldl.windowsupdate.authorizeddns.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83c-c42c-4666-ba00-40ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ctldl.windowsupdate.dnset.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83c-5924-42cc-8698-48dc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ctldl.windowsupdate.ezua.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83d-a964-4103-96ac-4496950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ctldl.windowsupdate.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83d-fb84-4595-a588-41cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ctldl.windowsupdate.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83d-5174-4578-a5f0-46ce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ctldl.windowsupdate.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83e-e260-4c75-b8ac-4b52950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'cvnx.zyns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83e-12d0-46fc-93ed-488a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'cwiinatonal.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83f-c018-4e5a-a1d5-4c75950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'dasonews.youdontcare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83f-0e14-42d6-a5ba-44a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'daughter.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e83f-ae44-4a2e-8935-4328950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'de.onmypc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e840-e554-4f67-adcd-4744950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'dec.seyesb.acmetoy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e840-b08c-49e4-8f20-4002950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'details.squirly.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e841-362c-46c0-b973-4c5c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'development.shenajou.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e841-9f04-4d8e-b763-45e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'dick.ccfchrist.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e841-19dc-4a74-9322-49d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'digsby.ourhobby.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e842-ae68-4e34-b1dd-48b3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'disruptive.https443.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e842-3ee4-4d03-a914-4676950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'document.shenajou.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e843-ddf0-42f1-b116-4729950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'download.windowsupdate.dedgesuite.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e843-0cb0-4917-ab31-46ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'download.windowsupdate.dnset.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e843-9314-4684-8cc9-43b4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'download.windowsupdate.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e844-f308-4ee4-8fe8-49ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'download.windowsupdate.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e844-e2a0-4e6b-bb65-4a38950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ea.onmypc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e845-512c-413c-8b10-45ce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'edgar.ccfchrist.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e845-1894-443d-a6f0-427a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ehshiroshima.mylftv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e845-3784-4b29-b5cf-4d00950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'eric-averyanov.wha.la']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e846-c9fc-4e4b-ba5a-46a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'eu.acmetoy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e846-7fa8-4827-9a1e-4f3e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'eu.wha.la']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e847-4ca4-47ea-84ec-430e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ewe.toshste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e847-4b04-439e-8b72-4274950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[file:name = 'extraordinary.dynamic']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e847-6cec-4d24-adc0-4972950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'fabian.ccfchrist.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e848-b340-42a5-953e-4387950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'fbi.sexxxy.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e848-4854-4702-9609-4754950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'feed.jungleheart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e849-5a80-4f5d-9a81-405e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'file.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e849-de2c-42f0-b29d-4ff7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'film.everydayfilmlink.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e849-e9c4-4bf4-aa16-4fc6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'findme.epac.to']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84a-202c-4e93-9204-40a9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'fire.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84a-0a24-4a0f-b5ff-47bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'firstnews.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84b-9930-40df-9413-41af950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'flea.poulsenv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84b-3a00-478e-8b80-4f15950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'foal.wchildress.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84b-7b48-4fa9-9cfa-4f11950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'fr.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84c-1170-41d0-a34e-46d1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'freegamecenter.onedumb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84c-12bc-4e22-b358-41fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.2014.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84d-885c-4c8c-94f6-4d68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.additional.sexidude.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84d-7f80-4d06-b407-414d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.announcements.toythieves.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84e-0024-481d-b95d-4c93950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.appledownload.ourhobby.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84e-8dd0-4c2c-b328-4bb3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.appleimages.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84f-99d4-461d-a163-44c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.appleimages.longmusic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84f-69b0-4d38-a81e-430a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.appleimages.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e84f-efd4-434f-a28b-4041950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.applemirror.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e850-3f58-43ac-a601-4caa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.applemirror.squirly.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e850-81c4-4ee0-8782-4e7f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.applemusic.isasecret.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e851-9d04-4eaa-bcf9-499a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.applemusic.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e851-23ec-428f-a891-4a64950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.applemusic.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e852-92ac-4470-a6a8-404c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.applemusic.xxuz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e852-80b0-416d-a036-459b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.applemusic.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e853-1df4-4bca-bda0-4c4c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.appleupdate.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e853-a878-4bab-b12d-40d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.asfzx.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e853-cf44-4212-82dc-46c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.availab.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e854-74a0-4fbf-96dc-49b4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.availability.justdied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e854-d408-465c-bb4b-4bb0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.back.jungleheart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e855-31d4-4e9c-a0bf-4bd9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.balance1.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e855-04c0-4ec4-9cc4-426a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.be.mrslove.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e856-1b54-46c6-9ac8-4ed4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.brand.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e856-9d28-44f9-a195-48cf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.bulletproof.squirly.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e857-46bc-4a06-9694-467f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.civilwar123.authorizeddns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e857-6600-461e-a025-44c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.civilwar520.onmypc.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e858-eee0-4627-913f-4471950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.cnnews.mylftv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e858-dd7c-47d1-ac9d-4130950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.commons.onedumb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e858-1e44-45c5-a6f9-4ba2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.contractus.qpoe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e859-e608-4698-bd8a-4650950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.de.onmypc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e859-dbd0-4268-a237-4eba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.details.squirly.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85a-b7a4-4b74-8810-4625950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.disruptive.https443.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85a-efd4-4d36-871b-4475950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.ea.onmypc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85b-5c5c-494f-be40-43c1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.ehshiroshima.mylftv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85b-1200-47aa-aa56-4e0a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.eric-averyanov.wha.la']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85c-b5d4-480e-8668-46c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.eu.acmetoy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85c-e1d8-446e-b84b-4fbf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.eu.wha.la']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85c-ebe0-484a-9200-4b80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.fire.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85d-551c-44ee-891f-4b76950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.fr.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85d-75f8-40ab-904f-41a2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.fuck.ikwb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85e-0ba8-4002-bd77-4749950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.generat.almostmy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85e-1524-44a9-89a2-4beb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.hii.qhigh.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85f-2768-4226-92e8-42e8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.innocent-isayev.sexidude.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e85f-7a18-4fa9-98e9-4e01950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.invoices.sexxxy.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e860-9e70-46a4-b3fb-4908950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itlans.isasecret.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e860-c19c-4089-9f24-4098950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesdownload.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e860-5228-4b48-bac2-4f3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesdownload.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e861-cabc-4ec5-9a52-4d6c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesimages.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e861-bd54-410d-97cb-49f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesimages.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e862-6598-4a14-9615-48f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesimages.qpoe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e862-cec4-462b-aafd-4bf6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesmirror.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e863-9ed8-4325-a2b0-4e99950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesmirror.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e863-ddf8-45a3-b8e3-4e00950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesmusic.ikwb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e864-5128-4834-ba0a-4797950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesmusic.jetos.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e864-66f0-420a-a729-4507950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesmusic.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e864-a180-4574-b6dd-419d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesmusic.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e865-5498-4880-a0bf-493f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesupdate.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e865-1460-45b0-86b6-47a1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.itunesupdates.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e866-f4b8-4432-bb48-4d4f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.jimin.mymom.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e866-19ac-4fd0-8e75-4985950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.key.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e867-9c4c-44f9-b49a-4f58950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.knowledge.sellclassics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e867-e260-4a9a-8d40-45a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.lan.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e868-01e4-4c94-9b75-4bda950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.latestnews.epac.to']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e868-9b9c-4d2d-b669-4f75950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.latestnews.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e868-eef0-4659-85ab-476b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.macfee.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e869-ffe0-448a-9855-4c0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.maffc.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e869-4dd0-475e-a229-437b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.malware.dsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86a-55ac-4c99-8c61-42d2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.mason.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86a-ed98-487a-9ba9-4086950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.mediapath.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86b-b434-44e1-a7fc-4bdf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.microsoft.got-game.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86b-732c-4c4f-84ce-48dd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.microsoft.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86b-5fec-488f-bdeb-45d8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.microsoftimages.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86c-64f4-49de-b80c-4044950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.microsoftmusic.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86c-4634-4c99-8a1e-43bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.microsoftqckmanager.pcanywhere.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86c-310c-4ff7-8658-435c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.microsoftupdate.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86d-cc0c-4487-88bc-4324950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.microsoftupdate.qhigh.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86d-f950-47d3-bcaa-456a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.mmy.ddns.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86e-1d18-4401-883c-494e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.mod.jetos.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86e-a41c-40d8-a9d4-4171950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.mofa.dynamic-dns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86e-4800-461e-8bc5-4018950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.mofa.ns01.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86f-c35c-4da7-9794-44a9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.moscowdic.trickip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86f-9c3c-4a11-b03b-497a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.musicfile.ikwb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e86f-c1f8-4989-b6fb-40b2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.na.americanunfinished.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e870-af6c-47a9-80bb-48f0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.newsdata.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e870-224c-431a-b2b7-47ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.no.authorizeddns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e871-e740-446b-a1dd-4f0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.nt.mynumber.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e871-ea28-4cc3-af3e-43dc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.nz.compress.to']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e871-eb4c-427d-82a7-4e90950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.ol.almostmy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e872-cbfc-4f39-a7ee-4e9d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.oracleupdate.dns04.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e872-bbd4-458e-8e91-4086950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.portal.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e873-6bb8-4b9b-965e-4fc5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.portal.sendsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e873-108c-4b32-8f66-44be950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.portalser.dynamic-dns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e873-1e90-423e-ac20-4de7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.praskovya-matveyeva.mefound.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e874-7b74-4d1f-a5bb-4345950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.praskovya-ulyanova.dumb1.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e874-5540-49e1-ac6b-4528950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.products.almostmy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e875-664c-4660-bbff-4963950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.products.cleansite.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e875-d0d4-4099-84d3-4cb1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.products.serveuser.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e876-c720-4a64-9552-447c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.purchase.lflinkup.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e876-a0f0-4834-9064-4f76950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.recent.dns-stuff.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e877-7284-417f-b0ee-4322950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.recent.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e877-90f4-41a2-808d-4946950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.referred.gr8domain.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e877-918c-4284-b45d-4ad2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.referred.yourtrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e878-13a4-45b4-bc5b-46db950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.register.ourhobby.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e878-2a50-43f4-b635-4d73950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.registration2.instanthq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e879-6470-4bf2-aa60-446d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.registrations.4pu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e879-0904-4655-be1d-402c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.registrations.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87a-c76c-46b4-b525-43f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.remeberdata.iownyour.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87a-1888-48b0-8620-4ae5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.reserveds.onedumb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87b-7728-4737-b03e-4524950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.rethem.almostmy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87b-451c-4e14-beb9-439b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.sdmsg.onmypc.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87b-12f4-4f32-9fd1-49c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.se.toythieves.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87c-1b9c-4c96-ae05-42e9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.senseye.ikwb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87c-8300-4e01-89f9-4db4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.septdlluckysystem.jungleheart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87d-fd70-452d-b105-40b3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.seraphim-yurieva.justdied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87d-6658-4475-89e6-4cdd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.serv.justdied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87d-b864-40e3-a77c-4866950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.server1.proxydns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87e-60f0-4c80-9098-4081950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.seyesb.acmetoy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87e-4dac-47d1-a651-4504950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.shugiin.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87f-e5c0-41bc-a26b-434a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.sstday.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e87f-51ec-4a62-abf3-4ed8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.support1.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e880-f5dc-4e19-8dbf-45ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.svc.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e880-f020-4056-8d72-4e12950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.synssl.dnset.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e880-fe5c-4d41-b3cf-4124950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.tamraj.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e881-4430-4413-87a3-4c55950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.ticket.instanthq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e881-be38-43c0-a4b9-4f8c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.tophost.dynamicdns.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e882-eeb0-470b-9815-4927950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.transfer.lflinkup.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e882-0c74-4ad3-92f6-4f0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.transfer.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e883-8794-4344-a880-498d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.ugreen.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e883-6034-4cd9-afb3-45c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.uk.dynamicdns.org.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e884-ec6c-4fc4-b639-4947950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.un.ddns.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e884-7dec-4cd5-b2a9-4580950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.un.dnsrd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e885-ae38-4ccd-b4c6-4c39950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.usa.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e885-c7b4-4cb1-9511-4eef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.well.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e885-a45c-4a9f-8513-4c42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowfile.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e886-a034-459d-9b94-4838950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsimages.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e886-45fc-4dcd-b2cb-4e5f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsmirrors.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e887-7860-48c8-8805-40f6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.2waky.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e887-0018-4d66-ad66-4157950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.3-a.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e888-99d8-43a0-abcd-4eb2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.authorizeddns.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e888-6f44-491c-8160-4a5e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.dns05.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e889-38a0-4217-afa8-46f6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.esmtp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e889-d8e8-4009-9a39-4dea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.ezua.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e889-fa28-4c69-ba83-4291950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88a-9264-4143-a8c7-4a65950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.gettrials.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88a-ba74-4732-9733-43ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.instanthq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88b-b044-4f3f-98b7-430a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.jungleheart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88b-cd60-4052-ac2e-42cf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.lflink.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88c-ac44-491f-b834-4d1b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88c-0d20-4527-a26a-463a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.mylftv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88d-393c-413e-bcca-4c22950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.rebatesrule.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88d-4ebc-421c-90cc-46f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.sellclassics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88d-1258-474a-ac60-450c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.windowsupdate.serveusers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88e-5ec0-499c-a58f-4d21950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ftp.yandexr.sellclassics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88e-0894-4a36-8cc7-4283950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'fukuoka.cloud-maste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88f-a12c-496e-8027-497b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'gavin.ccfchrist.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e88f-40f8-447d-98eb-46e4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'generat.almostmy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e890-9370-4f31-90e4-4d5a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'gifuonlineshopping.mynumber.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e891-c74c-4fe4-9204-4008950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'glicense.shenajou.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e891-e514-46ee-96a6-4e01950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'globalnews.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e892-8a10-4e18-9c06-4b37950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'grammar.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e892-e2bc-427b-929e-4b5d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'helpus.ddns.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e893-91bc-4790-b72d-454a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'hii.qhigh.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e893-39f4-4244-984d-48f7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'home.trickip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e894-72b0-4914-94ce-4b45950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'hukuoka.cloud-maste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e894-d0f0-4441-96ab-416b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ibmmsg.strangled.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e894-940c-49ec-a446-4d98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'imitate.faqserv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e895-078c-4b58-bf6b-407f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'incloud-go.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e895-6c64-46f2-90d0-4b90950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'incloud-obert.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e896-2c44-40ee-83f1-4546950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'innocent-isayev.sexidude.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e896-6e20-4a79-b0c7-43bc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'innov-tec.com.ua']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e897-f180-452f-b5cf-4880950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'interpreter.shenajou.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e897-d3a8-4c59-84fa-462e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'invoices.sexxxy.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e897-3bcc-47f2-a8bf-4703950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'iphone.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e898-d834-4108-8b87-4302950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ipv4.microsoftupdate.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e898-8fac-46e6-9dfb-4722950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ipv4.windowsupdate.3-a.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e899-3890-4cc7-856b-4e1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ipv4.windowsupdate.dnset.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e899-15d4-4c1e-8292-48eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ipv4.windowsupdate.ezua.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89a-01a8-4589-9dec-47c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ipv4.windowsupdate.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89a-db30-460b-b28a-4404950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ipv4.windowsupdate.lflink.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89b-ce8c-4f67-9134-4c73950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ipv4.windowsupdate.mylftv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89b-eaec-4f66-92a7-47eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ipv4.windowsupdate.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89c-2154-4097-b025-46b2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itlans.isasecret.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89c-cde0-4f87-91cc-453d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesdownload.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89d-b734-487c-922d-4f91950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesdownload.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89d-1eac-4335-b391-43fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesdownload.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89d-1eb0-44d7-bc45-4eb3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesimages.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89e-4f10-4821-92d1-4dcf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesimages.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89e-f6f4-4fe0-88de-4218950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesimages.qpoe.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89f-3f04-4748-bd97-4798950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesmirror.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e89f-9b14-48c0-8903-42f2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesmirror.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a0-49b0-436b-8799-4408950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesmusic.ikwb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a0-28a8-45eb-a8bb-4277950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesmusic.jetos.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a1-4654-48e4-9a64-4f87950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesmusic.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a1-13ec-4390-800a-4112950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesmusic.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a2-c674-4ad3-b6c4-4a75950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesupdate.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a2-8690-445f-babb-494e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'itunesupdates.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a3-4670-4e29-9c47-4248950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'james.tffghelth.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a3-96b8-4ee5-94f2-4c14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'jcie.mofa.ns01.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a4-99fc-4ac7-9893-4b8c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'jica-go-jp.bike']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a4-b070-436d-8d12-4f06950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'jica-go-jp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a4-2a70-43d3-86c9-4d70950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'jimin.mymom.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a5-8198-423d-81f4-42be950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'jimin-jp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a5-2140-4b3f-a1f2-400c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'jpnewslogs.sendsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a6-3238-4f52-a480-4f20950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'jp.rakutenmusic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a6-e6f4-4d8f-9d7e-4cc1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'jpstarmarket.serveusers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a7-7e6c-4cc1-ac26-45dd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'kawasaki.unhamj.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a7-4d80-49ff-9031-480e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'kennedy.tffghelth.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a8-746c-4777-9dee-47fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'key.zzux.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a8-7560-4f46-971d-431c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'kikimusic.sellclassics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a9-fe68-40ba-87d4-419c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'kmd.crabdance.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a9-ad94-408a-89da-407c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'knowledge.sellclassics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8a9-bf5c-433a-8343-4b14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'kxsbwappupdate.dhcp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8aa-39e4-4dc6-aee7-48f2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'kztmusiclnk.dnsrd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8aa-0b8c-4882-8518-4d57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'lan.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ab-2b68-411b-a035-483d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'latestnews.epac.to']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ab-e9cc-4a29-9928-41a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'latestnews.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ac-8b70-49aa-9688-4210950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'lennon.fftpoor.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ac-5804-410c-bcd4-448a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'license.shenajou.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ac-45d0-4690-ad17-4b83950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'lion.wchildress.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ad-4c50-4020-8c40-461d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'lizard.poulsenv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ad-4078-4535-89b3-4a4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'macfee.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ae-3778-42c1-926f-46f3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'machine.ddns.ms']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ae-1e88-45e7-9915-4a8e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'maffc.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8af-7cf4-487d-9fca-4b8d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mailowl.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8af-fb3c-4025-a443-446d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'malcolm.fftpoor.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b0-ae20-4569-9f4b-48e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'malware.dsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b0-a984-4161-9afc-4579950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mason.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b1-07fc-4dc9-b4f2-431f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mediapath.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b1-0704-4dea-b07f-467f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'meiji-ac-jp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b2-0e24-4f64-84d9-49c0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microhome.wikaba.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b2-3904-4e7a-9f9d-4f4d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoft.got']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b3-7d0c-410e-8cfc-40fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoft.got-game.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b3-7c60-42a5-aa08-4552950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoft.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b4-86b4-4514-aa0c-4f54950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftempowering.sendsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b4-248c-42fb-b261-4a86950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftgetstarted.sexidude.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b5-ded4-48a4-aacf-49e1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftimages.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b5-6020-476f-bc7e-4282950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftmirror.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b5-3c1c-45cc-a7b6-4342950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftmusic.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b6-fc28-4928-932d-4c31950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftmusic.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b6-f97c-4590-8f07-4237950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftqckmanager.pcanywhere.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b7-486c-4b22-b3f7-4e11950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftstores.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b7-747c-41ac-b55b-429f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftupdate.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b8-3d30-4681-b6e4-4802950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'microsoftupdate.qhigh.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b8-b680-4ef5-b97e-41cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'micrsoftware.dsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b9-48b0-4fc1-9293-4436950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mmy.ddns.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8b9-3eac-4231-95ef-4963950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mobile.2waky.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ba-e5a0-46d2-9d76-47e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mod.jetos.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ba-0d64-4bd5-b462-4d20950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mofa.dynamic-dns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8bb-4dc8-41db-bcd8-4dbc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mofa.ns01.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8bb-4a8c-40e7-83de-4200950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mofa-go-jp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8bc-0ab8-4516-9ec2-41a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'moonnightthse.zyns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8bc-93d8-4c85-83b7-43d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'moscowdic.trickip.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8bd-1204-4a71-95a7-4007950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'moscowstdsupdate.toythieves.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8bd-6630-4907-b564-4888950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mrsloveaqx.mrslove.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8be-dd98-4ab9-9ec0-45e3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ms.ecc.u-tokyo-ac-jp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8be-bcd0-4059-bb6f-4aca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mseupdate.ourhobby.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8bf-3c58-4413-8654-4e13950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'msg.ezua.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8bf-3974-4f49-87f5-494c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'msn.incloud-go.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c0-edf0-4113-9aeb-4855950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'music.cleansite.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c0-42c4-4fcf-88b0-493b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'musicfile.ikwb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c0-1aa0-43ca-9162-43b2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'musiclinker.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c1-71fc-4983-aa2d-493c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mx.yetrula.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c1-6320-4591-a1fb-4201950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'mytwhomeinst.sendsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c2-bfc0-4b6f-b496-475c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'na.americanunfinished.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c2-6b34-4a14-8546-4a69950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'networkjpnzee.mynetav.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c3-398c-4458-a096-416c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'newcityoforward.rebatesrule.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c3-95a8-4f30-bada-452f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'newsdata.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c4-3dec-46f5-8044-4ad1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'newsfile.toythieves.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c4-744c-46a8-ae58-4824950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'newsreport.justdied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c5-9034-4b13-a67d-4735950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'newtime.ezua.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c5-96c8-4890-99f3-4143950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'nezwq.ezua.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c6-f398-42ce-bbc5-4ade950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'nmrx.mrbonus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c6-99e0-4f22-9c63-47e0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'no.authorizeddns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c7-ed4c-4179-b63e-43fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'nsa.mefound.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c7-abe8-445b-afc9-4730950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'nt.mynumber.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c8-7b40-4b70-be57-45c3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'nttdata.otzo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c8-a1c4-41d5-8f86-4eb8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'nuisance.serveusers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c9-2040-4c5a-9f78-4c9f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'nz.compress.to']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8c9-33dc-43be-9bf5-48a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ol.almostmy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ca-a65c-4cba-ad79-484a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'onlinednsserver.sendsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ca-4e80-4f4a-ad2b-4233950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'oracleupdate.dns04.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cb-42f0-464d-b98e-4da3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'outlook.sindeali.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cb-797c-40e1-a685-44df950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'owlmedia.mefound.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cc-9890-457e-97ad-48de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'peopleinfodata.3-a.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cc-15e8-43c4-a821-4fc1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'pepper.sexxxy.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cd-bc6c-4558-ae7b-4b2d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'portal.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cd-edc0-4616-a05b-44cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'portal.sendsmtp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cd-3254-4af8-9eb3-4d97950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'portalser.dynamic-dns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ce-5080-4453-9293-4330950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'praskovya-matveyeva.mefound.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ce-3678-45bc-b8d1-4a6b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'praskovya-ulyanova.dumb1.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cf-0d34-4516-a810-4bee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'products.almostmy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8cf-24d8-42dd-8e4a-4212950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'products.cleansite.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d0-a450-45b7-b7b8-4909950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'products.serveuser.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d0-73fc-4dd3-bf97-4bf0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'program.acmetoy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d1-da6c-4942-a096-4413950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'purchase.lflinkup.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d1-f8b8-4f96-af70-41f8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'rain.orctldl.windowsupdate.authorizeddns.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d2-70e0-4692-b6e8-43ca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'read.xxuz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d2-16e4-4d94-9b59-4bef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'recent.dns-stuff.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d3-cb00-4cf9-b5e9-435d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'recent.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d3-74b4-427e-bc82-4ff6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'redflower.isasecret.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d4-ef0c-46cd-87bc-4808950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'referred.gr8domain.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d4-9980-4dd8-94ac-415a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'referred.yourtrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d5-153c-4cc1-aa33-446b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'register.ourhobby.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d5-9780-485f-9a0e-4095950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'registration2.instanthq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d6-8728-42bd-bcaa-4f9d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'registrations.4pu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d6-8130-42fa-9f73-4979950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'registrations.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d7-ad4c-4dd9-9d65-483c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'remeberdata.iownyour.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d7-888c-4436-8130-4a75950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'reserveds.onedumb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d8-118c-4937-9c9c-4375950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'rethem.almostmy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d8-a4f8-4f62-a912-4759950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'sakai.unhamj.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d9-bed0-4804-95ea-4ea7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'salvaiona.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8d9-1f18-48ee-9c2e-4bfb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'sappore.cloud-maste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8da-cb18-4ed8-b403-40d8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'sc.weboot.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8da-ba24-4c0c-87ba-4a8b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'scorpion.poulsenv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8da-de30-4eed-88bb-467c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'sdmsg.onmypc.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8db-9240-42e1-bc65-440a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'se.toythieves.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8db-5a1c-478f-bb06-483f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'secertnews.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8dc-073c-4b47-a509-4d10950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'send.mofa.ns01.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8dc-44e0-45c1-9b8b-4c75950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'sendmsg.jumpingcrab.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8dd-990c-42c8-9bf6-4857950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'senseye.ikwb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8dd-16b4-4797-8074-4f7f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'septdlluckysystem.jungleheart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8de-36b8-4fd9-a7e3-4cef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'seraphim-yurieva.justdied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8de-db1c-4482-b6de-4ef2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'serv.justdied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8df-2948-49bd-96d3-4126950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'server1.proxydns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8df-8a44-4f1e-9fe6-40bf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'seyesb.acmetoy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e0-a1bc-46e0-9c1a-4dac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'shrimp.bdoncloud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e0-914c-497a-ab94-4a10950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'shugiin.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e1-289c-4e54-8ee7-4399950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'sindeali.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e1-70e4-4e0a-a4b7-47e2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'singed.otzo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e2-7970-4efb-b9db-4c3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'sojourner.mypicture.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e2-6a64-4ee8-b83a-4c06950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'sstday.jkub.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e3-9864-4f85-a3b3-45e7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'stone.jumpingcrab.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e3-a1e0-41bf-ae45-4591950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'style.u-tokyo-ac-jp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e4-3ff8-4567-bd6d-459b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'support1.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e4-1ff8-4d72-9cce-421f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'svc.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e5-5e0c-4fed-8611-4e90950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'synssl.dnset.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e5-82fc-43b8-acb3-46fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'taipeifoodsite.ocry.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e6-f220-4c5c-9452-45c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'tamraj.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e6-e550-4743-88d3-49b1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'tfa.longmusic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e6-e284-4893-a8c0-4a35950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ticket.instanthq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e7-6878-44cc-b820-4798950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'tophost.dynamicdns.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e7-edc4-4d3a-8a94-42cd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'transfer.lflinkup.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e8-49bc-4d96-80f2-4214950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'transfer.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e8-b888-493e-ac08-47ba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'travelyokogawafz.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e9-aa8c-4c19-8a4f-467c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'trout.belowto.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8e9-e8b0-4a5e-b94e-44e3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'twmusic.proxydns.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ea-28e4-40af-9b25-4cf8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'twpeoplemusicsite.my03.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ea-2b84-4be2-baf5-49fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'twsslpopservupro.dynssl.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8eb-3f48-45c5-b5d7-4d73950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'twtravelinfomation.toythieves.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8eb-b140-4a94-9cd3-4048950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'twx.mynumber.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ec-2988-4d37-847f-4d5a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ugreen.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ec-1a48-49e8-b767-4916950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'uk.dynamicdns.org.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ed-815c-4fe1-a091-4a28950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ukuoka.cloud-maste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ed-a998-433c-b29f-4da5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ultimedia.vmmini.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ee-a584-4828-adc2-46f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'un.ddns.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ee-5fa0-49d1-99a1-400e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'un.dnsrd.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ef-26c8-442a-b035-483d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'unhamj.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ef-5fac-47fb-8522-4ddf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'updates.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f0-fa30-493f-ad8f-49e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'usa.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f0-cfd0-455e-a2b2-496c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'usiness.vmmini.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f1-7cf8-409e-ae1c-4233950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'usliveupdateonline.ygto.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f1-8c3c-4b01-a51e-417b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'ut-portal-u-tokyo-ac-jp.tyoto-go-jp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f2-c45c-44b1-90cc-4511950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'v4.microsoftupdate.mrbasic.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f2-c124-43f9-ae40-469f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'v4.windowsupdate.dedgesuite.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f3-1af0-493e-873d-4882950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'v4.windowsupdate.dnset.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f3-e860-4324-86c4-4afc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'v4.windowsupdate.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f4-7000-4660-999c-4605950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'v4.windowsupdate.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f4-f3c8-464a-a581-482f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'vmmini.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f5-2a4c-4867-abe2-4755950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "REDLEAVES Network Signatures",
"pattern": "[alert tcp any any -> any any (msg: \"REDLEAVES Implant\"; content: \"|00 00 7a 8d 9b dc|\"; offset: 2; depth: 6; content: \"|00 00|\"; offset: 10; depth: 2; sid: 314;)]",
"pattern_type": "snort",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"snort\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f5-18e4-441c-b4ef-4f36950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'wchildress.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f6-db0c-4868-8c0b-4bc5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'wcxh.mynetav.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f6-256c-4ea5-9a66-4a68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'well.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f7-a9d8-4529-a43c-4578950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'whale.toshste.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f7-24e8-4428-857e-4dce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowfile.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f8-7b44-4149-b9e4-40c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsimages.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f8-9658-421c-9458-4aa8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsmirrors.vizvaz.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f8-266c-40ba-9e9a-4c39950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.2waky.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8f9-6718-447b-8dd5-4caa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.3-a.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fa-0884-4246-9608-453c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.acmetoy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fa-6910-4754-b8ab-4077950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.authorizeddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fb-97f4-49a6-be82-4e04950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.authorizeddns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fb-c8b8-4a1d-a2e9-4247950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.authorizeddns.us']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fb-7af4-4f71-9f47-4983950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.dedgesuite.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fc-51fc-415d-aadd-4572950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.dns05.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fc-0f2c-47d1-bef4-4dd0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.dnset.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fd-caa0-4c54-a06c-4a1a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.esmtp.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fd-9dc0-41f9-b0c3-40bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.ezua.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fe-c830-4f59-8a79-4dce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.fartit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8fe-d5bc-4846-b722-4e46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.gettrials.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ff-6fc8-4a5a-a5f4-4cd0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdates.itemdb.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e8ff-b600-4480-8276-4681950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.instanthq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e900-9830-4766-9ddd-4a3d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.itsaol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e900-b28c-42f3-b995-408f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.jungleheart.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e901-ce3c-4b87-b867-4590950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.lflink.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e901-6d14-4ee7-a3e6-4f6b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.mrface.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e902-c2c0-41ca-81d2-4a2a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.mylftv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e902-46c4-4155-b0f9-4bb4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.organiccrap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e903-2b3c-4de5-89fa-4035950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.rebatesrule.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e903-0f54-4ed5-a762-409a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.sellclassics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e904-a624-4493-bfdb-4e07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.serveusers.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e904-18f0-4c90-b7c1-4879950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.wcwname.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e905-9378-42bb-974f-4e06950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'windowsupdate.x24hr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e905-1654-4403-8f7c-4eab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'yahoo.incloud-go.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e906-9324-4041-aaa1-4c14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'yandexr.sellclassics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e906-1000-4be6-adfe-42ad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'yfrfyhf.youdontcare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e907-ca3c-40ed-9435-49a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'yokohamajpinstaz.mrbonus.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e907-fd9c-490d-934c-4afb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'zebra.bdoncloud.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e908-7b14-4ca2-b28b-452d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'zebra.incloud-go.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e908-45d8-4805-8a33-4d98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Domain Watchlist",
"pattern": "[domain-name:value = 'zero.pcanywhere.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e949-4fe4-4e6a-bc1c-417e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "REDLEAVES Network Signatures",
"pattern": "[alert tcp any -> any any (msg:\u00e2\u20ac\u009dSuspicious PLUGX URI String\u00e2\u20ac\u009d; content:\u00e2\u20ac\u009dPOST\u00e2\u20ac\u009d; http_method; content:\u00e2\u20ac\u009d/update?id=\u00e2\u20ac\u009d; http_uri; fast_pattern:only; pcre:\u00e2\u20ac\u009d/update\\?id=[a-fA-F0-9]{8} HTTP/\u00e2\u20ac\u009d; sid:101;)]",
"pattern_type": "snort",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"snort\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e985-e854-4e6e-9269-4bb4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "REDLEAVES YARA Signatures",
"pattern": "[rule Dropper_DeploysMalwareViaSideLoading {\r\n meta:\r\n description = \"Detect a dropper used to deploy an implant via side loading. This dropper has specifically been observed deploying REDLEAVES & PlugX\"\r\n author = \"USG\"\r\n true_positive = \"5262cb9791df50fafcb2fbd5f93226050b51efe400c2924eecba97b7ce437481: drops REDLEAVES. 6392e0701a77ea25354b1f40f5b867a35c0142abde785a66b83c9c8d2c14c0c3: drops plugx. \"\r\n strings: \r\n $UniqueString = {2e 6c 6e 6b [0-14] 61 76 70 75 69 2e 65 78 65} // \".lnk\" near \"avpui.exe\"\r\n $PsuedoRandomStringGenerator = {b9 1a [0-6] f7 f9 46 80 c2 41 88 54 35 8b 83 fe 64} // Unique function that generates a 100 character pseudo random string.\r\n condition:\r\n any of them\r\n}]",
"pattern_type": "yara",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"yara\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e9ad-d554-4234-b809-49c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "REDLEAVES YARA Signatures",
"pattern": "[rule REDLEAVES_DroppedFile_ImplantLoader_Starburn {\r\n meta:\r\n description = \"Detect the DLL responsible for loading and deobfuscating the DAT file containing shellcode and core REDLEAVES RAT\"\r\n author = \"USG\"\r\n true_positive = \"7f8a867a8302fe58039a6db254d335ae\" // StarBurn.dll\r\n strings:\r\n $XOR_Loop = {32 0c 3a 83 c2 02 88 0e 83 fa 08 [4-14] 32 0c 3a 83 c2 02 88 0e 83 fa 10} // Deobfuscation loop\r\n condition:\r\n any of them\r\n}]",
"pattern_type": "yara",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"yara\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902e9d9-9ea0-451f-9c1f-4bf9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "REDLEAVES YARA Signatures",
"pattern": "[rule REDLEAVES_DroppedFile_ObfuscatedShellcodeAndRAT_handkerchief {\r\n meta:\r\n description = \"Detect obfuscated .dat file containing shellcode and core REDLEAVES RAT\"\r\n author = \"USG\"\r\n true_positive = \"fb0c714cd2ebdcc6f33817abe7813c36\" // handkerchief.dat\r\n strings:\r\n $RedleavesStringObfu = {73 64 65 5e 60 74 75 74 6c 6f 60 6d 5e 6d 64 60 77 64 72 5e 65 6d 6d 6c 60 68 6f 2f 65 6d 6d} // This is 'red_autumnal_leaves_dllmain.dll' XOR'd with 0x01\r\n condition:\r\n any of them\r\n}]",
"pattern_type": "yara",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"yara\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ea4d-393c-4163-9e84-46f6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "REDLEAVES YARA Signatures",
"pattern": "[rule REDLEAVES_CoreImplant_UniqueStrings {\r\n meta:\r\n description = \"Strings identifying the core REDLEAVES RAT in its deobfuscated state\"\r\n author = \"USG\"\r\n strings:\r\n $unique2 = \"RedLeavesSCMDSimulatorMutex\" nocase wide ascii\r\n $unique4 = \"red_autumnal_leaves_dllmain.dll\" wide ascii\r\n $unique7 = \"\\\\NamePipe_MoreWindows\" wide ascii\r\n condition:\r\n any of them\r\n}]",
"pattern_type": "yara",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"yara\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ea6c-5304-4c4c-9663-49f7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "PLUGX Network Signature",
"pattern": "[alert tcp any any -> any any (msg:\"Non-Std TCP Client Traffic contains 'HX1|3a|' 'HX2|3a|' 'HX3|3a|' 'HX4|3a|' (PLUGX Variant)\"; sid:XX; rev:1; flow:established,to_server; content:\"Accept|3a 20 2a 2f 2a|\"; nocase; content:\"HX1|3a|\"; distance:0; within:6; fast_pattern; content:\"HX2|3a|\"; nocase; distance:0; content:\"HX3|3a|\"; nocase; distance:0; content:\"HX4|3a|\"; nocase; distance:0; classtype:nonstd-tcp; priority:X;)]",
"pattern_type": "snort",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"snort\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ea82-f8f0-423b-8dcc-4001950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "PLUGX Network Signature",
"pattern": "[alert tcp any any -> any any (msg:\"Non-Std TCP Client Traffic contains 'X-Session|3a|''X-Status|3a|''X-Size|3a|''X-Sn|3a|'(PLUGX)\"; sid:XX; rev:1; flow:established,to_server; content:\"X-Session|3a|\"; nocase; fast_pattern; content:\"X-Status|3a|\"; nocase; distance:0; content:\"X-Size|3a|\"; nocase; distance:0; content:\"X-Sn|3a|\"; nocase; distance:0; classtype:nonstd-tcp; priority:X;)]",
"pattern_type": "snort",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"snort\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902eabd-52d0-4ecd-ba61-46bf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "PLUGX Network Signature",
"pattern": "[alert tcp any any -> any any (msg:\"Non-Std TCP Client Traffic contains 'MJ1X|3a|' 'MJ2X|3a|' 'MJ3X|3a|' 'MJ4X|3a|' (PLUGX Variant)\"; sid:XX; rev:1; flow:established,to_server; content:\"MJ1X|3a|\"; nocase; fast_pattern; content:\"MJ2X|3a|\"; nocase; distance:0; content:\"MJ3X|3a|\"; nocase; distance:0; content:\"MJ4X|3a|\"; nocase; distance:0; classtype:nonstd-tcp; priority:X;)]",
"pattern_type": "snort",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"snort\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ead9-a210-4fa4-856c-4f86950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "PLUGX Network Signature",
"pattern": "[alert tcp any any -> any any (msg:\"Non-Std TCP Client Traffic contains 'Cookies|3a|' 'Sym1|2e|' '|2c|Sym2|2e|' '|2c|Sym3|2e|' '|2c|Sym4|2e|' (Chches Variant)\"; sid:XX; rev:1; flow:established,to_server; content:\"Cookies|3a|\"; nocase; content:\"Sym1|2e|0|3a|\"; nocase; distance:0; fast_pattern; content:\"|2c|Sym2|2e|\"; nocase; distance:0; content:\"|2c|Sym3|2e|\"; nocase; distance:0; content:\"|2c|Sym4|2e|\"; nocase; distance:0; classtype:nonstd-tcp; priority:X;)]",
"pattern_type": "snort",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"snort\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902eb18-5250-4d6e-8395-47af950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "PLUGX and REDLEAVES YARA Signature",
"pattern": "[rule PLUGX_RedLeaves\r\n{\r\nmeta:\r\nauthor = \"US-CERT Code Analysis Team\"\r\ndate = \"03042017\r\nincident = \"10118538\"\r\ndate = \"2017/04/03\"\r\nMD5_1 = \"598FF82EA4FB52717ACAFB227C83D474\"\r\nMD5_2 = \"7D10708A518B26CC8C3CBFBAA224E032\"\r\nMD5_3 = \"AF406D35C77B1E0DF17F839E36BCE630\"\r\nMD5_4 = \"6EB9E889B091A5647F6095DCD4DE7C83\"\r\nMD5_5 = \"566291B277534B63EAFC938CDAAB8A399E41AF7D\"\r\ninfo = \"Detects specific RedLeaves and PlugX binaries\"\r\nstrings:\r\n$s0 = { 80343057403D2FD0010072F433C08BFF80343024403D2FD0010072F4 }\r\n$s1 = \"C:\\\\Users\\\\user\\\\Desktop\\\\my_OK_2014\\\\bit9\\\\runsna\\\\Release\\\\runsna.pdb\"\r\n$s2 = \"d:\\\\work\\\\plug4.0(shellcode)\"\r\n$s3 = \"\\\\shellcode\\\\shellcode\\\\XSetting.h\"\r\n$s4 = { 42AFF4276A45AA58474D4C4BE03D5B395566BEBCBDEDE9972872C5C4C5498228 }\r\n$s5 = { 8AD32AD002D180C23830140E413BCB7CEF6A006A006A00566A006A00 }\r\n$s6 = { EB055F8BC7EB05E8F6FFFFFF558BEC81ECC8040000535657 }\r\n$s7 = { 8A043233C932043983C10288043283F90A7CF242890D18AA00103BD37CE2891514AA00106A006A006A0056 }\r\n$s8 = { 293537675A402A333557B05E04D09CB05EB3ADA4A4A40ED0B7DAB7935F5B5B08 }\r\n$s9 = \"RedLeavesCMDSimulatorMutex\"\r\ncondition:\r\n$s0 or $s1 or $s2 and $s3 or $s4 or $s5 or $s6 or $s7 or $s8 or $s9\r\n}]",
"pattern_type": "yara",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"yara\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902eba4-4ed4-4b59-8aa5-4843950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Stolen Hacking Team Signing Certificate",
"pattern": "[x509-certificate:hashes.SHA1 = 'b366dbe8b3e81915ca5c5170c65dcad8348b11f0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"x509-fingerprint-sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5902ebd1-5d2c-4506-81cf-4edd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"Antivirus detection\""
],
"x_misp_category": "Antivirus detection",
"x_misp_type": "text",
"x_misp_value": "Backdoor.APT.Kaba"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ec84-cc5c-488b-8847-44b5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"pattern": "[file:name = '\\\\\\\\.\\\\pipe\\\\1[12345678]']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ec85-d764-49a1-bd2d-4bb2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"pattern": "[file:name = '\\\\\\\\.\\\\pipe\\\\2[12345678]']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5902ecc1-0bac-4a9d-92eb-40ed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"labels": [
"misp:type=\"windows-service-name\"",
"misp:category=\"Artifacts dropped\""
],
"x_misp_category": "Artifacts dropped",
"x_misp_type": "windows-service-name",
"x_misp_value": "BUGREPOR"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ecf9-bbe8-4cb7-83b4-42ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"pattern": "[file:name = '\\\\%TEMP\\\\%\\\\BUGREPORTERBUGREPOR']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ed18-75d8-455d-943f-4b0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Malware Path Used",
"pattern": "[file:name = '\\\\%AppData\\\\%\\\\Reader.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ed18-a7ec-40f8-b6ac-40d9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Malware Path Used",
"pattern": "[file:name = '\\\\%AppData\\\\%\\\\Notron.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ed19-87b4-4725-9ef8-4671950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "Malware Path Used",
"pattern": "[file:name = '\\\\%AppData\\\\%\\\\SCSI_Initiarot.exe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ed89-5744-4b2b-9c03-45ab950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "PlugX Registry key (HKEY_CURRENT_USER)",
"pattern": "[windows-registry-key:key = 'HKEY_LOCAL_MACHINE\\\\SOFTWARE\\\\Classes\\\\MJ']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"regkey\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ed8a-8424-4f45-b500-4ab5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:23:24.000Z",
"modified": "2017-04-28T07:23:24.000Z",
"description": "PlugX Registry key (HKEY_CURRENT_USER)",
"pattern": "[windows-registry-key:key = 'HKEY_LOCAL_MACHINE\\\\SOFTWARE\\\\Classes\\\\MJ\\\\PROXY']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:23:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"regkey\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ef1a-a9a4-47a3-bd35-4fc402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:26.000Z",
"modified": "2017-04-28T07:28:26.000Z",
"description": "File Hash Watchlist - Xchecked via VT: fcccc611730474775ff1cfd4c60481deef586f01191348b07d7a143d174a07b0",
"pattern": "[file:hashes.SHA1 = '4413a7f864255767a6d84c3e8362b9873a7e224b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:28:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ef1a-c0a4-49cd-adf9-4b8802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:26.000Z",
"modified": "2017-04-28T07:28:26.000Z",
"description": "File Hash Watchlist - Xchecked via VT: fcccc611730474775ff1cfd4c60481deef586f01191348b07d7a143d174a07b0",
"pattern": "[file:hashes.MD5 = '01468a69ca8676b51a357676e0856c88']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:28:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1a-76e8-4178-8743-4a7102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:26.000Z",
"modified": "2017-04-28T07:28:26.000Z",
"first_observed": "2017-04-28T07:28:26Z",
"last_observed": "2017-04-28T07:28:26Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1a-76e8-4178-8743-4a7102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1a-76e8-4178-8743-4a7102de0b81",
"value": "https://www.virustotal.com/file/fcccc611730474775ff1cfd4c60481deef586f01191348b07d7a143d174a07b0/analysis/1492598668/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1b-0578-4462-abf1-4d8d02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:27.000Z",
"modified": "2017-04-28T07:28:27.000Z",
"first_observed": "2017-04-28T07:28:27Z",
"last_observed": "2017-04-28T07:28:27Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1b-0578-4462-abf1-4d8d02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1b-0578-4462-abf1-4d8d02de0b81",
"value": "https://www.virustotal.com/file/ff0b79ed5ca3a5e1a9dabf8e47b15366c1d0783d0396af2cbba8e253020dbb34/analysis/1492636333/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1b-4548-4adc-b1e2-4fc302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:27.000Z",
"modified": "2017-04-28T07:28:27.000Z",
"first_observed": "2017-04-28T07:28:27Z",
"last_observed": "2017-04-28T07:28:27Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1b-4548-4adc-b1e2-4fc302de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1b-4548-4adc-b1e2-4fc302de0b81",
"value": "https://www.virustotal.com/file/af9dde68c73d69ea535103e963f09587b6aa020081bbce06347de05fa469c257/analysis/1492636330/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1c-9334-4241-8c5c-45d102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:28.000Z",
"modified": "2017-04-28T07:28:28.000Z",
"first_observed": "2017-04-28T07:28:28Z",
"last_observed": "2017-04-28T07:28:28Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1c-9334-4241-8c5c-45d102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1c-9334-4241-8c5c-45d102de0b81",
"value": "https://www.virustotal.com/file/2e1f902de32b999642bb09e995082c37a024f320c683848edadaf2db8e322c3c/analysis/1491842309/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1c-989c-47c0-a5dd-454102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:28.000Z",
"modified": "2017-04-28T07:28:28.000Z",
"first_observed": "2017-04-28T07:28:28Z",
"last_observed": "2017-04-28T07:28:28Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1c-989c-47c0-a5dd-454102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1c-989c-47c0-a5dd-454102de0b81",
"value": "https://www.virustotal.com/file/6bc2558eb8915edc19835d9e734023a2368f876971f5580478782c7444f9581c/analysis/1492531222/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1d-3f50-451c-9807-4e9802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:29.000Z",
"modified": "2017-04-28T07:28:29.000Z",
"first_observed": "2017-04-28T07:28:29Z",
"last_observed": "2017-04-28T07:28:29Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1d-3f50-451c-9807-4e9802de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1d-3f50-451c-9807-4e9802de0b81",
"value": "https://www.virustotal.com/file/76721d08b83aae945aa00fe69319f896b92c456def4df5b203357cf443074c03/analysis/1493326609/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1d-4894-4168-8606-446902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:29.000Z",
"modified": "2017-04-28T07:28:29.000Z",
"first_observed": "2017-04-28T07:28:29Z",
"last_observed": "2017-04-28T07:28:29Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1d-4894-4168-8606-446902de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1d-4894-4168-8606-446902de0b81",
"value": "https://www.virustotal.com/file/312dc69dd6ea16842d6e58cd7fd98ba4d28eefeb4fd4c4d198fac4eee76f93c3/analysis/1490936185/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1e-7d3c-4f53-beee-46a002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:30.000Z",
"modified": "2017-04-28T07:28:30.000Z",
"first_observed": "2017-04-28T07:28:30Z",
"last_observed": "2017-04-28T07:28:30Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1e-7d3c-4f53-beee-46a002de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1e-7d3c-4f53-beee-46a002de0b81",
"value": "https://www.virustotal.com/file/4cc0adf4baa1e3932d74282affb1a137b30820934ad4f80daceec712ba2bbe14/analysis/1492484591/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1e-116c-4b52-874b-41a202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:30.000Z",
"modified": "2017-04-28T07:28:30.000Z",
"first_observed": "2017-04-28T07:28:30Z",
"last_observed": "2017-04-28T07:28:30Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1e-116c-4b52-874b-41a202de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1e-116c-4b52-874b-41a202de0b81",
"value": "https://www.virustotal.com/file/c21eaadf9ffc62ca4673e27e06c16447f103c0cf7acd8db6ac5c8bd17805e39d/analysis/1487365285/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1e-25d8-495a-9ac1-445e02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:30.000Z",
"modified": "2017-04-28T07:28:30.000Z",
"first_observed": "2017-04-28T07:28:30Z",
"last_observed": "2017-04-28T07:28:30Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1e-25d8-495a-9ac1-445e02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1e-25d8-495a-9ac1-445e02de0b81",
"value": "https://www.virustotal.com/file/bc2f07066c624663b0a6f71cb965009d4d9b480213de51809cdc454ca55f1a91/analysis/1493327440/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1f-a37c-40ca-8646-482802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:31.000Z",
"modified": "2017-04-28T07:28:31.000Z",
"first_observed": "2017-04-28T07:28:31Z",
"last_observed": "2017-04-28T07:28:31Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1f-a37c-40ca-8646-482802de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1f-a37c-40ca-8646-482802de0b81",
"value": "https://www.virustotal.com/file/316e89d866d5c710530c2103f183d86c31e9a90d55e2ebc2dda94f112f3bdb6d/analysis/1493326527/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef1f-1a74-4d29-9645-4e2d02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:31.000Z",
"modified": "2017-04-28T07:28:31.000Z",
"first_observed": "2017-04-28T07:28:31Z",
"last_observed": "2017-04-28T07:28:31Z",
"number_observed": 1,
"object_refs": [
"url--5902ef1f-1a74-4d29-9645-4e2d02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef1f-1a74-4d29-9645-4e2d02de0b81",
"value": "https://www.virustotal.com/file/5961861d2b9f50d05055814e6bfd1c6291b30719f8a4d02d4cf80c2e87753fa1/analysis/1493326793/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef20-eae8-4e7a-9e84-498202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:32.000Z",
"modified": "2017-04-28T07:28:32.000Z",
"first_observed": "2017-04-28T07:28:32Z",
"last_observed": "2017-04-28T07:28:32Z",
"number_observed": 1,
"object_refs": [
"url--5902ef20-eae8-4e7a-9e84-498202de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef20-eae8-4e7a-9e84-498202de0b81",
"value": "https://www.virustotal.com/file/92dbbe0eff3fe0082c3485b99e6a949d9c3747afa493a0a1e336829a7c1faafb/analysis/1493327142/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef20-f394-48e1-b2ab-4b4702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:32.000Z",
"modified": "2017-04-28T07:28:32.000Z",
"first_observed": "2017-04-28T07:28:32Z",
"last_observed": "2017-04-28T07:28:32Z",
"number_observed": 1,
"object_refs": [
"url--5902ef20-f394-48e1-b2ab-4b4702de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef20-f394-48e1-b2ab-4b4702de0b81",
"value": "https://www.virustotal.com/file/5412cddde0a2f2d78ec9de0f9a02ac2b22882543c9f15724ebe14b3a0bf8cbda/analysis/1493327143/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef20-7bd4-4e55-8a82-425102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:32.000Z",
"modified": "2017-04-28T07:28:32.000Z",
"first_observed": "2017-04-28T07:28:32Z",
"last_observed": "2017-04-28T07:28:32Z",
"number_observed": 1,
"object_refs": [
"url--5902ef20-7bd4-4e55-8a82-425102de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef20-7bd4-4e55-8a82-425102de0b81",
"value": "https://www.virustotal.com/file/a6b6c66735e5e26002202b9d263bf8c97e278f6969c141853857000c8d242d24/analysis/1493326867/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef21-795c-4804-a586-463402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:33.000Z",
"modified": "2017-04-28T07:28:33.000Z",
"first_observed": "2017-04-28T07:28:33Z",
"last_observed": "2017-04-28T07:28:33Z",
"number_observed": 1,
"object_refs": [
"url--5902ef21-795c-4804-a586-463402de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef21-795c-4804-a586-463402de0b81",
"value": "https://www.virustotal.com/file/7eeaa97d346bc3f8090e5b742f42e8900127703420295279ac7e04d06ebe0a04/analysis/1493326995/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef21-55a4-4ad0-ac9d-47b202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:33.000Z",
"modified": "2017-04-28T07:28:33.000Z",
"first_observed": "2017-04-28T07:28:33Z",
"last_observed": "2017-04-28T07:28:33Z",
"number_observed": 1,
"object_refs": [
"url--5902ef21-55a4-4ad0-ac9d-47b202de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef21-55a4-4ad0-ac9d-47b202de0b81",
"value": "https://www.virustotal.com/file/dcff19fc193f1ba63c5dc6f91f00070e6912dcec3868e889fed37102698b554b/analysis/1493327607/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef22-2b0c-469b-98ab-4ab002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:34.000Z",
"modified": "2017-04-28T07:28:34.000Z",
"first_observed": "2017-04-28T07:28:34Z",
"last_observed": "2017-04-28T07:28:34Z",
"number_observed": 1,
"object_refs": [
"url--5902ef22-2b0c-469b-98ab-4ab002de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef22-2b0c-469b-98ab-4ab002de0b81",
"value": "https://www.virustotal.com/file/6c7e85e426999579dd6a540fcd827b644a79cda0ad50211d585a0be513571586/analysis/1493327532/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef22-6b3c-4349-8b48-41cc02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:34.000Z",
"modified": "2017-04-28T07:28:34.000Z",
"first_observed": "2017-04-28T07:28:34Z",
"last_observed": "2017-04-28T07:28:34Z",
"number_observed": 1,
"object_refs": [
"url--5902ef22-6b3c-4349-8b48-41cc02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef22-6b3c-4349-8b48-41cc02de0b81",
"value": "https://www.virustotal.com/file/6392e0701a77ea25354b1f40f5b867a35c0142abde785a66b83c9c8d2c14c0c3/analysis/1493326569/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef23-dedc-4679-b5a2-4cbd02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:35.000Z",
"modified": "2017-04-28T07:28:35.000Z",
"first_observed": "2017-04-28T07:28:35Z",
"last_observed": "2017-04-28T07:28:35Z",
"number_observed": 1,
"object_refs": [
"url--5902ef23-dedc-4679-b5a2-4cbd02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef23-dedc-4679-b5a2-4cbd02de0b81",
"value": "https://www.virustotal.com/file/19aa5019f3c00211182b2a80dd9675721dac7cfb31d174436d3b8ec9f97d898b/analysis/1492484322/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef23-d0b4-41e9-a956-45ad02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:35.000Z",
"modified": "2017-04-28T07:28:35.000Z",
"first_observed": "2017-04-28T07:28:35Z",
"last_observed": "2017-04-28T07:28:35Z",
"number_observed": 1,
"object_refs": [
"url--5902ef23-d0b4-41e9-a956-45ad02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef23-d0b4-41e9-a956-45ad02de0b81",
"value": "https://www.virustotal.com/file/45d804f35266b26bf63e3d616715fc593931e33aa07feba5ad6875609692efa2/analysis/1491800341/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef23-553c-467c-b8c0-42f302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:35.000Z",
"modified": "2017-04-28T07:28:35.000Z",
"first_observed": "2017-04-28T07:28:35Z",
"last_observed": "2017-04-28T07:28:35Z",
"number_observed": 1,
"object_refs": [
"url--5902ef23-553c-467c-b8c0-42f302de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef23-553c-467c-b8c0-42f302de0b81",
"value": "https://www.virustotal.com/file/cb0c8681a407a76f8c0fd2512197aafad8120aa62e5c871c29d1fd2a102bc628/analysis/1487321767/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef24-0dc0-47cb-8908-475902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:36.000Z",
"modified": "2017-04-28T07:28:36.000Z",
"first_observed": "2017-04-28T07:28:36Z",
"last_observed": "2017-04-28T07:28:36Z",
"number_observed": 1,
"object_refs": [
"url--5902ef24-0dc0-47cb-8908-475902de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef24-0dc0-47cb-8908-475902de0b81",
"value": "https://www.virustotal.com/file/9a6692690c03ec33c758cb5648be1ed886ff039e6b72f1c43b23fbd9c342ce8c/analysis/1493326575/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef24-256c-4632-bd53-4c3c02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:36.000Z",
"modified": "2017-04-28T07:28:36.000Z",
"first_observed": "2017-04-28T07:28:36Z",
"last_observed": "2017-04-28T07:28:36Z",
"number_observed": 1,
"object_refs": [
"url--5902ef24-256c-4632-bd53-4c3c02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef24-256c-4632-bd53-4c3c02de0b81",
"value": "https://www.virustotal.com/file/b20ce00a6864225f05de6407fac80ddb83cd0aec00ada438c1e354cdd0d7d5df/analysis/1493327105/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef25-8e48-4669-9677-4d3202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:37.000Z",
"modified": "2017-04-28T07:28:37.000Z",
"first_observed": "2017-04-28T07:28:37Z",
"last_observed": "2017-04-28T07:28:37Z",
"number_observed": 1,
"object_refs": [
"url--5902ef25-8e48-4669-9677-4d3202de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef25-8e48-4669-9677-4d3202de0b81",
"value": "https://www.virustotal.com/file/f251485a62e104dfd8629dc4d2dfd572ebd0ab554602d682a28682876a47e773/analysis/1493241485/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef25-ecd4-4df3-8e9d-4aab02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:37.000Z",
"modified": "2017-04-28T07:28:37.000Z",
"first_observed": "2017-04-28T07:28:37Z",
"last_observed": "2017-04-28T07:28:37Z",
"number_observed": 1,
"object_refs": [
"url--5902ef25-ecd4-4df3-8e9d-4aab02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef25-ecd4-4df3-8e9d-4aab02de0b81",
"value": "https://www.virustotal.com/file/4521a74337a8b454f9b80c7d9e57b4c9580567f84e513d9a3ce763275c55e691/analysis/1493326555/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef26-d108-471e-8f01-4bef02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:38.000Z",
"modified": "2017-04-28T07:28:38.000Z",
"first_observed": "2017-04-28T07:28:38Z",
"last_observed": "2017-04-28T07:28:38Z",
"number_observed": 1,
"object_refs": [
"url--5902ef26-d108-471e-8f01-4bef02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef26-d108-471e-8f01-4bef02de0b81",
"value": "https://www.virustotal.com/file/e6ecb146f469d243945ad8a5451ba1129c5b190f7d50c64580dbad4b8246f88e/analysis/1493326836/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef26-21f8-4823-ad14-45fa02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:38.000Z",
"modified": "2017-04-28T07:28:38.000Z",
"first_observed": "2017-04-28T07:28:38Z",
"last_observed": "2017-04-28T07:28:38Z",
"number_observed": 1,
"object_refs": [
"url--5902ef26-21f8-4823-ad14-45fa02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef26-21f8-4823-ad14-45fa02de0b81",
"value": "https://www.virustotal.com/file/e88f5bf4be37e0dc90ba1a06a2d47faaeea9047fec07c17c2a76f9f7ab98acf0/analysis/1493326638/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef27-3e48-4829-8156-4df502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:39.000Z",
"modified": "2017-04-28T07:28:39.000Z",
"first_observed": "2017-04-28T07:28:39Z",
"last_observed": "2017-04-28T07:28:39Z",
"number_observed": 1,
"object_refs": [
"url--5902ef27-3e48-4829-8156-4df502de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef27-3e48-4829-8156-4df502de0b81",
"value": "https://www.virustotal.com/file/fadf362a52dcf884f0d41ce3df9eaa9bb30227afda50c0e0657c096baff501f0/analysis/1493327643/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef27-43b8-42fa-8ae3-4eda02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:39.000Z",
"modified": "2017-04-28T07:28:39.000Z",
"first_observed": "2017-04-28T07:28:39Z",
"last_observed": "2017-04-28T07:28:39Z",
"number_observed": 1,
"object_refs": [
"url--5902ef27-43b8-42fa-8ae3-4eda02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef27-43b8-42fa-8ae3-4eda02de0b81",
"value": "https://www.virustotal.com/file/6605b27e95f5c3c8012e4a75d1861786fb749b9a712a5f4871adbad81addb59e/analysis/1493327385/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef28-12b0-4047-b145-435002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:40.000Z",
"modified": "2017-04-28T07:28:40.000Z",
"first_observed": "2017-04-28T07:28:40Z",
"last_observed": "2017-04-28T07:28:40Z",
"number_observed": 1,
"object_refs": [
"url--5902ef28-12b0-4047-b145-435002de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef28-12b0-4047-b145-435002de0b81",
"value": "https://www.virustotal.com/file/2c71eb5c781daa43047fa6e3d85d51a061aa1dfa41feb338e0d4139a6dfd6910/analysis/1493327477/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef28-4520-45c5-9c3e-475b02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:40.000Z",
"modified": "2017-04-28T07:28:40.000Z",
"first_observed": "2017-04-28T07:28:40Z",
"last_observed": "2017-04-28T07:28:40Z",
"number_observed": 1,
"object_refs": [
"url--5902ef28-4520-45c5-9c3e-475b02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef28-4520-45c5-9c3e-475b02de0b81",
"value": "https://www.virustotal.com/file/fd6a956a7708708cddff78c8505c7db73d7c4e961da8a3c00cc5a51171a92b7b/analysis/1490935402/"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef28-59c4-4895-b28e-4b7702de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:40.000Z",
"modified": "2017-04-28T07:28:40.000Z",
"first_observed": "2017-04-28T07:28:40Z",
"last_observed": "2017-04-28T07:28:40Z",
"number_observed": 1,
"object_refs": [
"url--5902ef28-59c4-4895-b28e-4b7702de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef28-59c4-4895-b28e-4b7702de0b81",
"value": "https://www.virustotal.com/file/ae6b45a92384f6e43672e617c53a44225e2944d66c1ffb074694526386074145/analysis/1493327091/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ef29-9f54-46f4-86d6-49d502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:41.000Z",
"modified": "2017-04-28T07:28:41.000Z",
"description": "File Hash Watchlist - Xchecked via VT: a82a59fd073c3c868be93f52d09203e93e87d79a",
"pattern": "[file:hashes.SHA256 = '037469bf87f3a8d8c55ce5437d6a15dd2bfaf69df8698544567e96d00a70ff96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:28:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef29-75a8-48f5-9561-44e002de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:41.000Z",
"modified": "2017-04-28T07:28:41.000Z",
"first_observed": "2017-04-28T07:28:41Z",
"last_observed": "2017-04-28T07:28:41Z",
"number_observed": 1,
"object_refs": [
"url--5902ef29-75a8-48f5-9561-44e002de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef29-75a8-48f5-9561-44e002de0b81",
"value": "https://www.virustotal.com/file/037469bf87f3a8d8c55ce5437d6a15dd2bfaf69df8698544567e96d00a70ff96/analysis/1492636331/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ef29-00c4-4f0d-ab33-4bcd02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:41.000Z",
"modified": "2017-04-28T07:28:41.000Z",
"description": "File Hash Watchlist - Xchecked via VT: 3cfb1bf0063ea9d893f9e95c11e223cc06299337",
"pattern": "[file:hashes.SHA256 = 'a95fc1833a0d359da8f8dfe0104ea197cc2d4fd20db6c85e4e6d0fa22f126d0c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:28:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef2a-e1ec-4eb5-a551-466602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:42.000Z",
"modified": "2017-04-28T07:28:42.000Z",
"first_observed": "2017-04-28T07:28:42Z",
"last_observed": "2017-04-28T07:28:42Z",
"number_observed": 1,
"object_refs": [
"url--5902ef2a-e1ec-4eb5-a551-466602de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef2a-e1ec-4eb5-a551-466602de0b81",
"value": "https://www.virustotal.com/file/a95fc1833a0d359da8f8dfe0104ea197cc2d4fd20db6c85e4e6d0fa22f126d0c/analysis/1493358860/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ef2a-1c00-402b-ac99-4c1302de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:42.000Z",
"modified": "2017-04-28T07:28:42.000Z",
"description": "File Hash Watchlist - Xchecked via VT: 2a07420c768fa49c05327741e0709c3ac5a71a06",
"pattern": "[file:hashes.SHA256 = 'f4ea0a25d0861be969ca49f09e5581e29a8d314d8d4ebd4991540f1d03140055']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:28:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef2b-8630-4a46-8665-456a02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:43.000Z",
"modified": "2017-04-28T07:28:43.000Z",
"first_observed": "2017-04-28T07:28:43Z",
"last_observed": "2017-04-28T07:28:43Z",
"number_observed": 1,
"object_refs": [
"url--5902ef2b-8630-4a46-8665-456a02de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef2b-8630-4a46-8665-456a02de0b81",
"value": "https://www.virustotal.com/file/f4ea0a25d0861be969ca49f09e5581e29a8d314d8d4ebd4991540f1d03140055/analysis/1492636332/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5902ef2b-28b4-47d7-802d-4f2202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:43.000Z",
"modified": "2017-04-28T07:28:43.000Z",
"description": "File Hash Watchlist - Xchecked via VT: da3cb3ade7f129838ff3c816b223859d91d377b6",
"pattern": "[file:hashes.SHA256 = '210d10cd90413d5d41d801e3f6b145f61542585bd996f5435a5664145105c994']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-04-28T07:28:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5902ef2c-0eec-424d-9879-418502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-04-28T07:28:44.000Z",
"modified": "2017-04-28T07:28:44.000Z",
"first_observed": "2017-04-28T07:28:44Z",
"last_observed": "2017-04-28T07:28:44Z",
"number_observed": 1,
"object_refs": [
"url--5902ef2c-0eec-424d-9879-418502de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5902ef2c-0eec-424d-9879-418502de0b81",
"value": "https://www.virustotal.com/file/210d10cd90413d5d41d801e3f6b145f61542585bd996f5435a5664145105c994/analysis/1492636332/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink