adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/592bd021-fd44-4594-938f-915b950d210f.json

1525 lines
No EOL
61 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--592bd021-fd44-4594-938f-915b950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:53.000Z",
"modified": "2017-05-29T07:39:53.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "grouping",
"spec_version": "2.1",
"id": "grouping--592bd021-fd44-4594-938f-915b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:53.000Z",
"modified": "2017-05-29T07:39:53.000Z",
"name": "M2M - test",
"context": "suspicious-activity",
"object_refs": [
"indicator--592bd022-6ff0-4183-9fc9-7e4b950d210f",
"indicator--592bd023-4e8c-4554-b9d8-9168950d210f",
"indicator--592bd023-b790-435e-a8d4-7e48950d210f",
"indicator--592bd024-a310-412f-a544-9166950d210f",
"indicator--592bd025-8414-4c0c-b00b-9152950d210f",
"indicator--592bd026-4718-4196-9389-9001950d210f",
"observed-data--592bd027-0660-4735-a618-915f950d210f",
"network-traffic--592bd027-0660-4735-a618-915f950d210f",
"ipv4-addr--592bd027-0660-4735-a618-915f950d210f",
"indicator--592bd028-dd30-4910-8444-915b950d210f",
"indicator--592bd028-37e4-480e-86ec-9062950d210f",
"observed-data--592bd029-c7c8-455c-9bd1-9153950d210f",
"network-traffic--592bd029-c7c8-455c-9bd1-9153950d210f",
"ipv4-addr--592bd029-c7c8-455c-9bd1-9153950d210f",
"indicator--592bd02a-e2a4-472f-962e-7e4b950d210f",
"indicator--592bd02a-4b28-4355-93d6-9168950d210f",
"observed-data--592bd02b-cf20-4835-83f2-7e48950d210f",
"network-traffic--592bd02b-cf20-4835-83f2-7e48950d210f",
"ipv4-addr--592bd02b-cf20-4835-83f2-7e48950d210f",
"indicator--592bd02b-ba54-4da3-b671-9166950d210f",
"indicator--592bd02c-cee0-4443-a01a-7e43950d210f",
"observed-data--592bd02d-7288-4bd6-bdd8-9162950d210f",
"network-traffic--592bd02d-7288-4bd6-bdd8-9162950d210f",
"ipv4-addr--592bd02d-7288-4bd6-bdd8-9162950d210f",
"indicator--592bd02d-ebec-41e4-aa48-9165950d210f",
"indicator--592bd02e-4614-4c74-98f1-9152950d210f",
"observed-data--592bd02f-25f4-45af-9397-7e44950d210f",
"network-traffic--592bd02f-25f4-45af-9397-7e44950d210f",
"ipv4-addr--592bd02f-25f4-45af-9397-7e44950d210f",
"indicator--592bd02f-9714-4930-8d2e-915f950d210f",
"indicator--592bd030-e18c-4f98-b560-9153950d210f",
"observed-data--592bd031-891c-41a9-b3f2-9168950d210f",
"network-traffic--592bd031-891c-41a9-b3f2-9168950d210f",
"ipv4-addr--592bd031-891c-41a9-b3f2-9168950d210f",
"indicator--592bd031-a7e8-4e40-a772-7e43950d210f",
"indicator--592bd032-572c-42b0-9113-9165950d210f",
"observed-data--592bd033-897c-4ae0-9ba7-9152950d210f",
"network-traffic--592bd033-897c-4ae0-9ba7-9152950d210f",
"ipv4-addr--592bd033-897c-4ae0-9ba7-9152950d210f",
"indicator--592bd033-e168-4f14-936d-915b950d210f",
"indicator--592bd034-e258-4043-8cc1-915f950d210f",
"observed-data--592bd034-f1ec-4b58-8bcb-9001950d210f",
"network-traffic--592bd034-f1ec-4b58-8bcb-9001950d210f",
"ipv4-addr--592bd034-f1ec-4b58-8bcb-9001950d210f",
"indicator--592bd035-8b44-41de-8571-7e4b950d210f",
"indicator--592bd036-ae58-4a14-be4c-9153950d210f",
"observed-data--592bd036-4758-4970-a155-7e48950d210f",
"network-traffic--592bd036-4758-4970-a155-7e48950d210f",
"ipv4-addr--592bd036-4758-4970-a155-7e48950d210f",
"indicator--592bd037-f4b4-4c59-92e5-9168950d210f",
"indicator--592bd037-9040-45bd-8034-9166950d210f",
"observed-data--592bd038-36f8-4823-be5c-9162950d210f",
"network-traffic--592bd038-36f8-4823-be5c-9162950d210f",
"ipv4-addr--592bd038-36f8-4823-be5c-9162950d210f",
"indicator--592bd039-3cf4-4666-aa04-7e43950d210f",
"indicator--592bd03a-a600-4053-8555-915f950d210f",
"observed-data--592bd03a-59e8-4a69-abf4-9001950d210f",
"network-traffic--592bd03a-59e8-4a69-abf4-9001950d210f",
"ipv4-addr--592bd03a-59e8-4a69-abf4-9001950d210f",
"indicator--592bd03b-8690-4601-b39a-7e4b950d210f",
"indicator--592bd03c-e888-4f5a-a4b9-9153950d210f",
"observed-data--592bd03c-0308-42f5-9522-7e48950d210f",
"network-traffic--592bd03c-0308-42f5-9522-7e48950d210f",
"ipv4-addr--592bd03c-0308-42f5-9522-7e48950d210f",
"indicator--592bd03d-12e4-4618-852a-9168950d210f",
"indicator--592bd03e-ed90-42ee-ab41-9162950d210f",
"observed-data--592bd03e-3948-4acc-bc18-9062950d210f",
"network-traffic--592bd03e-3948-4acc-bc18-9062950d210f",
"ipv4-addr--592bd03e-3948-4acc-bc18-9062950d210f",
"indicator--592bd03f-87cc-4fec-8672-7e43950d210f",
"indicator--592bd03f-7714-4c19-b064-9155950d210f",
"indicator--592bd040-8950-4cbf-bd51-915f950d210f",
"indicator--592bd041-adf0-452d-894c-9001950d210f",
"observed-data--592bd041-fa88-4902-bc22-7e4b950d210f",
"network-traffic--592bd041-fa88-4902-bc22-7e4b950d210f",
"ipv4-addr--592bd041-fa88-4902-bc22-7e4b950d210f",
"observed-data--592bd042-3970-437d-aeb5-7e48950d210f",
"network-traffic--592bd042-3970-437d-aeb5-7e48950d210f",
"ipv4-addr--592bd042-3970-437d-aeb5-7e48950d210f",
"indicator--592bd042-ada8-40fd-9b86-9168950d210f",
"observed-data--592bd044-5534-4ade-8b27-9151950d210f",
"network-traffic--592bd044-5534-4ade-8b27-9151950d210f",
"ipv4-addr--592bd044-5534-4ade-8b27-9151950d210f",
"indicator--592bd047-6020-4d3d-a031-9165950d210f",
"indicator--592bd049-e008-43fb-b0ca-9151950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd022-6ff0-4183-9fc9-7e4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:14.000Z",
"modified": "2017-05-29T07:39:14.000Z",
"pattern": "[file:hashes.SHA1 = 'f79fbe26abff1e3a2b3f3a21480196afc09d13b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd023-4e8c-4554-b9d8-9168950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:15.000Z",
"modified": "2017-05-29T07:39:15.000Z",
"pattern": "[file:hashes.SHA1 = '39f5fb49ec3c0e011a5c6ad4b7ac60bcf49af05a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd023-b790-435e-a8d4-7e48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:15.000Z",
"modified": "2017-05-29T07:39:15.000Z",
"pattern": "[file:hashes.SHA1 = '02a76d86db0cbe79fcaf1a500630e24d961fa149']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd024-a310-412f-a544-9166950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:16.000Z",
"modified": "2017-05-29T07:39:16.000Z",
"pattern": "[file:hashes.SHA1 = '82bb44dd3b7f42b90494294b32f8413a39cb2030']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd025-8414-4c0c-b00b-9152950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:17.000Z",
"modified": "2017-05-29T07:39:17.000Z",
"pattern": "[url:value = 'http://download.asustor.com/download/docs/releasenotes/RN_ADM_2.7.3.RHQ3.pdf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd026-4718-4196-9389-9001950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:18.000Z",
"modified": "2017-05-29T07:39:18.000Z",
"pattern": "[domain-name:value = 'download.asustor.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd027-0660-4735-a618-915f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:19.000Z",
"modified": "2017-05-29T07:39:19.000Z",
"first_observed": "2017-05-29T07:39:19Z",
"last_observed": "2017-05-29T07:39:19Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd027-0660-4735-a618-915f950d210f",
"ipv4-addr--592bd027-0660-4735-a618-915f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd027-0660-4735-a618-915f950d210f",
"dst_ref": "ipv4-addr--592bd027-0660-4735-a618-915f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd027-0660-4735-a618-915f950d210f",
"value": "54.231.40.155"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd028-dd30-4910-8444-915b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:20.000Z",
"modified": "2017-05-29T07:39:20.000Z",
"pattern": "[url:value = 'https://security-tracker.debian.org/tracker/CVE-2017-7494']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd028-37e4-480e-86ec-9062950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:20.000Z",
"modified": "2017-05-29T07:39:20.000Z",
"pattern": "[domain-name:value = 'security-tracker.debian.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd029-c7c8-455c-9bd1-9153950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:21.000Z",
"modified": "2017-05-29T07:39:21.000Z",
"first_observed": "2017-05-29T07:39:21Z",
"last_observed": "2017-05-29T07:39:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd029-c7c8-455c-9bd1-9153950d210f",
"ipv4-addr--592bd029-c7c8-455c-9bd1-9153950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd029-c7c8-455c-9bd1-9153950d210f",
"dst_ref": "ipv4-addr--592bd029-c7c8-455c-9bd1-9153950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd029-c7c8-455c-9bd1-9153950d210f",
"value": "128.31.0.67"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd02a-e2a4-472f-962e-7e4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:22.000Z",
"modified": "2017-05-29T07:39:22.000Z",
"pattern": "[url:value = 'https://bugs.freenas.org/issues/24162']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd02a-4b28-4355-93d6-9168950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:22.000Z",
"modified": "2017-05-29T07:39:22.000Z",
"pattern": "[domain-name:value = 'bugs.freenas.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd02b-cf20-4835-83f2-7e48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:23.000Z",
"modified": "2017-05-29T07:39:23.000Z",
"first_observed": "2017-05-29T07:39:23Z",
"last_observed": "2017-05-29T07:39:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd02b-cf20-4835-83f2-7e48950d210f",
"ipv4-addr--592bd02b-cf20-4835-83f2-7e48950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd02b-cf20-4835-83f2-7e48950d210f",
"dst_ref": "ipv4-addr--592bd02b-cf20-4835-83f2-7e48950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd02b-cf20-4835-83f2-7e48950d210f",
"value": "64.62.136.47"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd02b-ba54-4da3-b671-9166950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:23.000Z",
"modified": "2017-05-29T07:39:23.000Z",
"pattern": "[url:value = 'https://kb.netgear.com/000038779/Security-Advisory-for-CVE-2017-7494-Samba-Remote-Code-Execution']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd02c-cee0-4443-a01a-7e43950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:24.000Z",
"modified": "2017-05-29T07:39:24.000Z",
"pattern": "[domain-name:value = 'kb.netgear.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd02d-7288-4bd6-bdd8-9162950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:25.000Z",
"modified": "2017-05-29T07:39:25.000Z",
"first_observed": "2017-05-29T07:39:25Z",
"last_observed": "2017-05-29T07:39:25Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd02d-7288-4bd6-bdd8-9162950d210f",
"ipv4-addr--592bd02d-7288-4bd6-bdd8-9162950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd02d-7288-4bd6-bdd8-9162950d210f",
"dst_ref": "ipv4-addr--592bd02d-7288-4bd6-bdd8-9162950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd02d-7288-4bd6-bdd8-9162950d210f",
"value": "136.146.13.27"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd02d-ebec-41e4-aa48-9165950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:25.000Z",
"modified": "2017-05-29T07:39:25.000Z",
"pattern": "[url:value = 'https://access.redhat.com/security/cve/CVE-2017-7494']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd02e-4614-4c74-98f1-9152950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:26.000Z",
"modified": "2017-05-29T07:39:26.000Z",
"pattern": "[domain-name:value = 'access.redhat.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd02f-25f4-45af-9397-7e44950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:27.000Z",
"modified": "2017-05-29T07:39:27.000Z",
"first_observed": "2017-05-29T07:39:27Z",
"last_observed": "2017-05-29T07:39:27Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd02f-25f4-45af-9397-7e44950d210f",
"ipv4-addr--592bd02f-25f4-45af-9397-7e44950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd02f-25f4-45af-9397-7e44950d210f",
"dst_ref": "ipv4-addr--592bd02f-25f4-45af-9397-7e44950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd02f-25f4-45af-9397-7e44950d210f",
"value": "184.25.247.203"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd02f-9714-4930-8d2e-915f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:27.000Z",
"modified": "2017-05-29T07:39:27.000Z",
"pattern": "[url:value = 'https://www.suse.com/security/cve/CVE-2017-7494/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd030-e18c-4f98-b560-9153950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:28.000Z",
"modified": "2017-05-29T07:39:28.000Z",
"pattern": "[domain-name:value = 'www.suse.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd031-891c-41a9-b3f2-9168950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:29.000Z",
"modified": "2017-05-29T07:39:29.000Z",
"first_observed": "2017-05-29T07:39:29Z",
"last_observed": "2017-05-29T07:39:29Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd031-891c-41a9-b3f2-9168950d210f",
"ipv4-addr--592bd031-891c-41a9-b3f2-9168950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd031-891c-41a9-b3f2-9168950d210f",
"dst_ref": "ipv4-addr--592bd031-891c-41a9-b3f2-9168950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd031-891c-41a9-b3f2-9168950d210f",
"value": "130.57.66.10"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd031-a7e8-4e40-a772-7e43950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:29.000Z",
"modified": "2017-05-29T07:39:29.000Z",
"pattern": "[url:value = 'https://www.synology.com/en-global/support/security/Important_Information_Regarding_Samba_Vulnerability_CVE_2017_7494']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd032-572c-42b0-9113-9165950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:30.000Z",
"modified": "2017-05-29T07:39:30.000Z",
"pattern": "[domain-name:value = 'www.synology.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd033-897c-4ae0-9ba7-9152950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:31.000Z",
"modified": "2017-05-29T07:39:31.000Z",
"first_observed": "2017-05-29T07:39:31Z",
"last_observed": "2017-05-29T07:39:31Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd033-897c-4ae0-9ba7-9152950d210f",
"ipv4-addr--592bd033-897c-4ae0-9ba7-9152950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd033-897c-4ae0-9ba7-9152950d210f",
"dst_ref": "ipv4-addr--592bd033-897c-4ae0-9ba7-9152950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd033-897c-4ae0-9ba7-9152950d210f",
"value": "52.222.231.55"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd033-e168-4f14-936d-915b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:31.000Z",
"modified": "2017-05-29T07:39:31.000Z",
"pattern": "[url:value = 'https://forum.qnap.com/viewtopic.php?f=5&t=132991']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd034-e258-4043-8cc1-915f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:32.000Z",
"modified": "2017-05-29T07:39:32.000Z",
"pattern": "[domain-name:value = 'forum.qnap.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd034-f1ec-4b58-8bcb-9001950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:32.000Z",
"modified": "2017-05-29T07:39:32.000Z",
"first_observed": "2017-05-29T07:39:32Z",
"last_observed": "2017-05-29T07:39:32Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd034-f1ec-4b58-8bcb-9001950d210f",
"ipv4-addr--592bd034-f1ec-4b58-8bcb-9001950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd034-f1ec-4b58-8bcb-9001950d210f",
"dst_ref": "ipv4-addr--592bd034-f1ec-4b58-8bcb-9001950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd034-f1ec-4b58-8bcb-9001950d210f",
"value": "211.21.125.36"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd035-8b44-41de-8571-7e4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:33.000Z",
"modified": "2017-05-29T07:39:33.000Z",
"pattern": "[url:value = 'https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7494.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd036-ae58-4a14-be4c-9153950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:34.000Z",
"modified": "2017-05-29T07:39:34.000Z",
"pattern": "[domain-name:value = 'people.canonical.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd036-4758-4970-a155-7e48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:34.000Z",
"modified": "2017-05-29T07:39:34.000Z",
"first_observed": "2017-05-29T07:39:34Z",
"last_observed": "2017-05-29T07:39:34Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd036-4758-4970-a155-7e48950d210f",
"ipv4-addr--592bd036-4758-4970-a155-7e48950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd036-4758-4970-a155-7e48950d210f",
"dst_ref": "ipv4-addr--592bd036-4758-4970-a155-7e48950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd036-4758-4970-a155-7e48950d210f",
"value": "91.189.89.62"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd037-f4b4-4c59-92e5-9168950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:35.000Z",
"modified": "2017-05-29T07:39:35.000Z",
"pattern": "[url:value = 'https://www.ubuntu.com/usn/usn-3296-2/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd037-9040-45bd-8034-9166950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:35.000Z",
"modified": "2017-05-29T07:39:35.000Z",
"pattern": "[domain-name:value = 'www.ubuntu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd038-36f8-4823-be5c-9162950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:36.000Z",
"modified": "2017-05-29T07:39:36.000Z",
"first_observed": "2017-05-29T07:39:36Z",
"last_observed": "2017-05-29T07:39:36Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd038-36f8-4823-be5c-9162950d210f",
"ipv4-addr--592bd038-36f8-4823-be5c-9162950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd038-36f8-4823-be5c-9162950d210f",
"dst_ref": "ipv4-addr--592bd038-36f8-4823-be5c-9162950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd038-36f8-4823-be5c-9162950d210f",
"value": "91.189.89.110"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd039-3cf4-4666-aa04-7e43950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:37.000Z",
"modified": "2017-05-29T07:39:37.000Z",
"pattern": "[url:value = 'https://git.samba.org/?p=samba.git;a=blobdiff;f=source3/rpc_server/srv_pipe.c;h=f79fbe26abff1e3a2b3f3a21480196afc09d13b1;hp=39f5fb49ec3c0e011a5c6ad4b7ac60bcf49af05a;hb=02a76d86db0cbe79fcaf1a500630e24d961fa149;hpb=82bb44dd3b7f42b90494294b32f8413a39cb2030']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd03a-a600-4053-8555-915f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:38.000Z",
"modified": "2017-05-29T07:39:38.000Z",
"pattern": "[domain-name:value = 'git.samba.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd03a-59e8-4a69-abf4-9001950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:38.000Z",
"modified": "2017-05-29T07:39:38.000Z",
"first_observed": "2017-05-29T07:39:38Z",
"last_observed": "2017-05-29T07:39:38Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd03a-59e8-4a69-abf4-9001950d210f",
"ipv4-addr--592bd03a-59e8-4a69-abf4-9001950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd03a-59e8-4a69-abf4-9001950d210f",
"dst_ref": "ipv4-addr--592bd03a-59e8-4a69-abf4-9001950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd03a-59e8-4a69-abf4-9001950d210f",
"value": "193.175.80.230"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd03b-8690-4601-b39a-7e4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:39.000Z",
"modified": "2017-05-29T07:39:39.000Z",
"pattern": "[url:value = 'http://nmap.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd03c-e888-4f5a-a4b9-9153950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:40.000Z",
"modified": "2017-05-29T07:39:40.000Z",
"pattern": "[domain-name:value = 'nmap.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd03c-0308-42f5-9522-7e48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:40.000Z",
"modified": "2017-05-29T07:39:40.000Z",
"first_observed": "2017-05-29T07:39:40Z",
"last_observed": "2017-05-29T07:39:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd03c-0308-42f5-9522-7e48950d210f",
"ipv4-addr--592bd03c-0308-42f5-9522-7e48950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd03c-0308-42f5-9522-7e48950d210f",
"dst_ref": "ipv4-addr--592bd03c-0308-42f5-9522-7e48950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd03c-0308-42f5-9522-7e48950d210f",
"value": "45.33.49.119"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd03d-12e4-4618-852a-9168950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:41.000Z",
"modified": "2017-05-29T07:39:41.000Z",
"pattern": "[url:value = 'samba.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd03e-ed90-42ee-ab41-9162950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:42.000Z",
"modified": "2017-05-29T07:39:42.000Z",
"pattern": "[domain-name:value = 'samba.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd03e-3948-4acc-bc18-9062950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:42.000Z",
"modified": "2017-05-29T07:39:42.000Z",
"first_observed": "2017-05-29T07:39:42Z",
"last_observed": "2017-05-29T07:39:42Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd03e-3948-4acc-bc18-9062950d210f",
"ipv4-addr--592bd03e-3948-4acc-bc18-9062950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd03e-3948-4acc-bc18-9062950d210f",
"dst_ref": "ipv4-addr--592bd03e-3948-4acc-bc18-9062950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd03e-3948-4acc-bc18-9062950d210f",
"value": "144.76.82.156"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd03f-87cc-4fec-8672-7e43950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:43.000Z",
"modified": "2017-05-29T07:39:43.000Z",
"pattern": "[url:value = 'https://www.samba.org/samba/security/CVE-2017-7494.html']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd03f-7714-4c19-b064-9155950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:43.000Z",
"modified": "2017-05-29T07:39:43.000Z",
"pattern": "[domain-name:value = 'www.samba.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd040-8950-4cbf-bd51-915f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:44.000Z",
"modified": "2017-05-29T07:39:44.000Z",
"pattern": "[url:value = 'https://github.com/rapid7/metasploit-framework/pull/8450']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd041-adf0-452d-894c-9001950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:45.000Z",
"modified": "2017-05-29T07:39:45.000Z",
"pattern": "[domain-name:value = 'github.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd041-fa88-4902-bc22-7e4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:45.000Z",
"modified": "2017-05-29T07:39:45.000Z",
"first_observed": "2017-05-29T07:39:45Z",
"last_observed": "2017-05-29T07:39:45Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd041-fa88-4902-bc22-7e4b950d210f",
"ipv4-addr--592bd041-fa88-4902-bc22-7e4b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd041-fa88-4902-bc22-7e4b950d210f",
"dst_ref": "ipv4-addr--592bd041-fa88-4902-bc22-7e4b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd041-fa88-4902-bc22-7e4b950d210f",
"value": "192.30.253.112"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd042-3970-437d-aeb5-7e48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:46.000Z",
"modified": "2017-05-29T07:39:46.000Z",
"first_observed": "2017-05-29T07:39:46Z",
"last_observed": "2017-05-29T07:39:46Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd042-3970-437d-aeb5-7e48950d210f",
"ipv4-addr--592bd042-3970-437d-aeb5-7e48950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd042-3970-437d-aeb5-7e48950d210f",
"dst_ref": "ipv4-addr--592bd042-3970-437d-aeb5-7e48950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd042-3970-437d-aeb5-7e48950d210f",
"value": "192.30.253.113"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd042-ada8-40fd-9b86-9168950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:46.000Z",
"modified": "2017-05-29T07:39:46.000Z",
"pattern": "[url:value = 'https://github.com/opsxcq/exploit-CVE-2017-7494']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--592bd044-5534-4ade-8b27-9151950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:48.000Z",
"modified": "2017-05-29T07:39:48.000Z",
"first_observed": "2017-05-29T07:39:48Z",
"last_observed": "2017-05-29T07:39:48Z",
"number_observed": 1,
"object_refs": [
"network-traffic--592bd044-5534-4ade-8b27-9151950d210f",
"ipv4-addr--592bd044-5534-4ade-8b27-9151950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--592bd044-5534-4ade-8b27-9151950d210f",
"dst_ref": "ipv4-addr--592bd044-5534-4ade-8b27-9151950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--592bd044-5534-4ade-8b27-9151950d210f",
"value": "54.231.98.96"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd047-6020-4d3d-a031-9165950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:51.000Z",
"modified": "2017-05-29T07:39:51.000Z",
"pattern": "[url:value = 'https://forum.qnap.com/viewtopic.php?f=5&t=132991']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--592bd049-e008-43fb-b0ca-9151950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-05-29T07:39:53.000Z",
"modified": "2017-05-29T07:39:53.000Z",
"pattern": "[url:value = 'http://samba.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-05-29T07:39:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink