misp-circl-feed/feeds/circl/stix-2.1/593a7cae-4748-4556-b20e-4644950d210f.json

3581 lines
No EOL
142 KiB
JSON

{
"type": "bundle",
"id": "bundle--593a7cae-4748-4556-b20e-4644950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:56:13.000Z",
"modified": "2017-06-09T10:56:13.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--593a7cae-4748-4556-b20e-4644950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:56:13.000Z",
"modified": "2017-06-09T10:56:13.000Z",
"name": "M2M - Trickbot 2017-06-09 : mac1 : \"Facture AA-123-RR\" / \"Copy Credit Note\" - \"1234567.zip\"",
"published": "2017-06-09T10:56:30Z",
"object_refs": [
"indicator--593a7cae-daf8-4fe8-8ebf-472a950d210f",
"indicator--593a7caf-fc64-4ddd-91ed-4e6a950d210f",
"indicator--593a7caf-8c10-43ed-b96c-4d3a950d210f",
"indicator--593a7cb0-a738-4dc1-9dcb-4c0e950d210f",
"observed-data--593a7cb0-8a80-4467-8516-452b950d210f",
"network-traffic--593a7cb0-8a80-4467-8516-452b950d210f",
"ipv4-addr--593a7cb0-8a80-4467-8516-452b950d210f",
"observed-data--593a7cb1-ae40-47bb-8702-4bfe950d210f",
"network-traffic--593a7cb1-ae40-47bb-8702-4bfe950d210f",
"ipv4-addr--593a7cb1-ae40-47bb-8702-4bfe950d210f",
"indicator--593a7cb2-c764-4599-8e32-3089950d210f",
"indicator--593a7cb2-6f30-47d3-8c0e-4cba950d210f",
"observed-data--593a7cb3-7794-4007-817e-4c33950d210f",
"network-traffic--593a7cb3-7794-4007-817e-4c33950d210f",
"ipv4-addr--593a7cb3-7794-4007-817e-4c33950d210f",
"indicator--593a7cb4-ee90-4e12-9d5d-438e950d210f",
"indicator--593a7cb5-9644-4bd0-88b7-467c950d210f",
"observed-data--593a7cb5-ef2c-44cb-9244-4bfe950d210f",
"network-traffic--593a7cb5-ef2c-44cb-9244-4bfe950d210f",
"ipv4-addr--593a7cb5-ef2c-44cb-9244-4bfe950d210f",
"indicator--593a7cb6-34c4-4b81-9e88-444d950d210f",
"indicator--593a7cb7-2ce0-45f1-9f3b-4e60950d210f",
"observed-data--593a7cb7-a45c-4e1c-b47b-4a02950d210f",
"network-traffic--593a7cb7-a45c-4e1c-b47b-4a02950d210f",
"ipv4-addr--593a7cb7-a45c-4e1c-b47b-4a02950d210f",
"indicator--593a7cb8-8258-467b-84bd-4f1d950d210f",
"indicator--593a7cb8-48e8-4b31-b285-4ac9950d210f",
"observed-data--593a7cb9-50ac-47e4-83b7-4d44950d210f",
"network-traffic--593a7cb9-50ac-47e4-83b7-4d44950d210f",
"ipv4-addr--593a7cb9-50ac-47e4-83b7-4d44950d210f",
"indicator--593a7cb9-aa2c-4b3d-b43f-47a3950d210f",
"indicator--593a7cba-218c-442e-9e22-7db6950d210f",
"observed-data--593a7cbb-9cb0-4992-a31f-482f950d210f",
"network-traffic--593a7cbb-9cb0-4992-a31f-482f950d210f",
"ipv4-addr--593a7cbb-9cb0-4992-a31f-482f950d210f",
"indicator--593a7cbc-2b60-40d6-b62c-485d950d210f",
"indicator--593a7cbc-1800-4223-acc2-46fe950d210f",
"observed-data--593a7cbd-6c5c-45e8-9b33-4b68950d210f",
"network-traffic--593a7cbd-6c5c-45e8-9b33-4b68950d210f",
"ipv4-addr--593a7cbd-6c5c-45e8-9b33-4b68950d210f",
"indicator--593a7cbd-537c-443a-90de-41a6950d210f",
"indicator--593a7cbe-9020-43b5-9146-440c950d210f",
"observed-data--593a7cbf-1530-458f-815d-404b950d210f",
"network-traffic--593a7cbf-1530-458f-815d-404b950d210f",
"ipv4-addr--593a7cbf-1530-458f-815d-404b950d210f",
"indicator--593a7cc0-6138-4a42-9763-4ca5950d210f",
"indicator--593a7cc0-6cf8-4202-881b-4abd950d210f",
"observed-data--593a7cc1-cf04-4dbc-aa53-4b68950d210f",
"network-traffic--593a7cc1-cf04-4dbc-aa53-4b68950d210f",
"ipv4-addr--593a7cc1-cf04-4dbc-aa53-4b68950d210f",
"indicator--593a7cc1-a43c-4166-b59e-7db6950d210f",
"indicator--593a7cc2-f4fc-411f-9d23-4bb3950d210f",
"observed-data--593a7cc4-51ec-4176-b3f7-4b85950d210f",
"network-traffic--593a7cc4-51ec-4176-b3f7-4b85950d210f",
"ipv4-addr--593a7cc4-51ec-4176-b3f7-4b85950d210f",
"indicator--593a7cc5-3d88-4a4f-8b9c-4558950d210f",
"indicator--593a7cc5-99a0-4606-a12d-4173950d210f",
"observed-data--593a7cc6-66c8-41e5-b2d4-4d62950d210f",
"network-traffic--593a7cc6-66c8-41e5-b2d4-4d62950d210f",
"ipv4-addr--593a7cc6-66c8-41e5-b2d4-4d62950d210f",
"indicator--593a7cc6-dde4-4e1c-a31e-4b1a950d210f",
"indicator--593a7cc7-04f0-478d-a331-4c43950d210f",
"observed-data--593a7cc9-5150-41ea-b1a9-4d14950d210f",
"network-traffic--593a7cc9-5150-41ea-b1a9-4d14950d210f",
"ipv4-addr--593a7cc9-5150-41ea-b1a9-4d14950d210f",
"indicator--593a7cc9-6c68-45a8-b2da-4fa5950d210f",
"indicator--593a7cca-054c-4c08-885b-44ce950d210f",
"observed-data--593a7cca-9070-4f6a-becb-450d950d210f",
"network-traffic--593a7cca-9070-4f6a-becb-450d950d210f",
"ipv4-addr--593a7cca-9070-4f6a-becb-450d950d210f",
"indicator--593a7ccb-5c00-43f7-a05b-4770950d210f",
"indicator--593a7ccb-b0d4-4cbe-94d1-4c1b950d210f",
"observed-data--593a7ccc-7f48-48a5-8de8-4d1f950d210f",
"network-traffic--593a7ccc-7f48-48a5-8de8-4d1f950d210f",
"ipv4-addr--593a7ccc-7f48-48a5-8de8-4d1f950d210f",
"indicator--593a7ccd-acb4-4a44-8aaf-4bfe950d210f",
"indicator--593a7ccd-1350-4acc-a98d-4ee2950d210f",
"observed-data--593a7cce-500c-4622-9130-4b68950d210f",
"network-traffic--593a7cce-500c-4622-9130-4b68950d210f",
"ipv4-addr--593a7cce-500c-4622-9130-4b68950d210f",
"indicator--593a7cce-2ecc-49db-aca3-44f4950d210f",
"indicator--593a7ccf-dd84-4e61-a340-3089950d210f",
"observed-data--593a7ccf-e104-404a-926b-4c6a950d210f",
"network-traffic--593a7ccf-e104-404a-926b-4c6a950d210f",
"ipv4-addr--593a7ccf-e104-404a-926b-4c6a950d210f",
"indicator--593a7cd0-0500-4414-b12d-4616950d210f",
"indicator--593a7cd1-3dfc-4541-9835-487e950d210f",
"observed-data--593a7cd2-9bd0-4f5d-bb19-4b68950d210f",
"network-traffic--593a7cd2-9bd0-4f5d-bb19-4b68950d210f",
"ipv4-addr--593a7cd2-9bd0-4f5d-bb19-4b68950d210f",
"indicator--593a7cd2-0450-411e-bce2-4639950d210f",
"indicator--593a7cd3-4f98-4393-85f4-3089950d210f",
"observed-data--593a7cd4-5040-479e-8ec9-4760950d210f",
"network-traffic--593a7cd4-5040-479e-8ec9-4760950d210f",
"ipv4-addr--593a7cd4-5040-479e-8ec9-4760950d210f",
"indicator--593a7cd4-b764-45b6-9ad4-44a0950d210f",
"indicator--593a7cd5-c464-4c78-8111-4b71950d210f",
"observed-data--593a7cd5-8974-4ce0-81f0-4430950d210f",
"network-traffic--593a7cd5-8974-4ce0-81f0-4430950d210f",
"ipv4-addr--593a7cd5-8974-4ce0-81f0-4430950d210f",
"indicator--593a7cd6-fed4-4a1a-9c6e-4ad9950d210f",
"indicator--593a7cd7-db18-4e39-9876-4e5e950d210f",
"observed-data--593a7cd7-cddc-4acf-90aa-3089950d210f",
"network-traffic--593a7cd7-cddc-4acf-90aa-3089950d210f",
"ipv4-addr--593a7cd7-cddc-4acf-90aa-3089950d210f",
"indicator--593a7cd8-c59c-4bf2-83eb-4071950d210f",
"indicator--593a7cd8-6f1c-4c09-8831-4f8d950d210f",
"observed-data--593a7cd9-c5e4-424e-859b-42cc950d210f",
"network-traffic--593a7cd9-c5e4-424e-859b-42cc950d210f",
"ipv4-addr--593a7cd9-c5e4-424e-859b-42cc950d210f",
"indicator--593a7cd9-6cc4-47cc-be48-4d23950d210f",
"indicator--593a7cda-a5e0-47e2-8538-4b68950d210f",
"observed-data--593a7cdb-5b7c-4081-a812-3089950d210f",
"network-traffic--593a7cdb-5b7c-4081-a812-3089950d210f",
"ipv4-addr--593a7cdb-5b7c-4081-a812-3089950d210f",
"indicator--593a7cdc-9440-452d-85a0-47df950d210f",
"indicator--593a7cdd-e888-4840-9fee-4bfe950d210f",
"observed-data--593a7cdd-9e80-4398-959a-4e3e950d210f",
"network-traffic--593a7cdd-9e80-4398-959a-4e3e950d210f",
"ipv4-addr--593a7cdd-9e80-4398-959a-4e3e950d210f",
"indicator--593a7cde-9fb0-43de-a878-4c69950d210f",
"indicator--593a7cdf-8fc4-43f7-9d94-4519950d210f",
"observed-data--593a7ce0-2530-41d4-a734-44e3950d210f",
"network-traffic--593a7ce0-2530-41d4-a734-44e3950d210f",
"ipv4-addr--593a7ce0-2530-41d4-a734-44e3950d210f",
"indicator--593a7ce0-db58-41eb-8425-4950950d210f",
"indicator--593a7ce1-ac2c-4329-8d10-4bfe950d210f",
"observed-data--593a7ce7-7ff4-4bcb-868f-7db6950d210f",
"network-traffic--593a7ce7-7ff4-4bcb-868f-7db6950d210f",
"ipv4-addr--593a7ce7-7ff4-4bcb-868f-7db6950d210f",
"indicator--593a7ce8-b46c-401e-9384-4355950d210f",
"indicator--593a7ce8-b48c-4232-ade0-4ee1950d210f",
"observed-data--593a7ce9-af80-43d5-8868-4742950d210f",
"network-traffic--593a7ce9-af80-43d5-8868-4742950d210f",
"ipv4-addr--593a7ce9-af80-43d5-8868-4742950d210f",
"indicator--593a7cea-d9f4-4886-96f2-4b80950d210f",
"indicator--593a7cea-9cc4-40d2-a6ea-474b950d210f",
"observed-data--593a7ced-a090-4f25-a6a0-4ef0950d210f",
"network-traffic--593a7ced-a090-4f25-a6a0-4ef0950d210f",
"ipv4-addr--593a7ced-a090-4f25-a6a0-4ef0950d210f",
"indicator--593a7cee-8938-40cb-af7c-3089950d210f",
"indicator--593a7cef-a4f8-49fb-a532-4f1f950d210f",
"observed-data--593a7cef-fffc-4879-8cd8-4ce2950d210f",
"network-traffic--593a7cef-fffc-4879-8cd8-4ce2950d210f",
"ipv4-addr--593a7cef-fffc-4879-8cd8-4ce2950d210f",
"observed-data--593a7cf0-8ec4-4042-b48b-463b950d210f",
"url--593a7cf0-8ec4-4042-b48b-463b950d210f",
"observed-data--593a7cf1-7034-4cca-9a18-4cd1950d210f",
"network-traffic--593a7cf1-7034-4cca-9a18-4cd1950d210f",
"ipv4-addr--593a7cf1-7034-4cca-9a18-4cd1950d210f",
"observed-data--593a7cf2-07d8-4aab-aa08-45c9950d210f",
"url--593a7cf2-07d8-4aab-aa08-45c9950d210f",
"observed-data--593a7cf2-91d8-409a-bcc5-427f950d210f",
"network-traffic--593a7cf2-91d8-409a-bcc5-427f950d210f",
"ipv4-addr--593a7cf2-91d8-409a-bcc5-427f950d210f",
"observed-data--593a7cf3-a9a0-4a66-ad5e-4ee0950d210f",
"url--593a7cf3-a9a0-4a66-ad5e-4ee0950d210f",
"observed-data--593a7cf3-8208-4de4-9ae1-44ec950d210f",
"network-traffic--593a7cf3-8208-4de4-9ae1-44ec950d210f",
"ipv4-addr--593a7cf3-8208-4de4-9ae1-44ec950d210f",
"observed-data--593a7cf4-c39c-4c6b-a09c-45c9950d210f",
"url--593a7cf4-c39c-4c6b-a09c-45c9950d210f",
"observed-data--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f",
"network-traffic--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f",
"ipv4-addr--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f",
"observed-data--593a7cf5-b1d8-4507-b673-40c1950d210f",
"url--593a7cf5-b1d8-4507-b673-40c1950d210f",
"observed-data--593a7cf6-c02c-41db-8f82-4840950d210f",
"network-traffic--593a7cf6-c02c-41db-8f82-4840950d210f",
"ipv4-addr--593a7cf6-c02c-41db-8f82-4840950d210f",
"observed-data--593a7cf7-17c8-4414-9342-4eea950d210f",
"url--593a7cf7-17c8-4414-9342-4eea950d210f",
"observed-data--593a7cf7-2af4-43ed-8ac0-4c03950d210f",
"network-traffic--593a7cf7-2af4-43ed-8ac0-4c03950d210f",
"ipv4-addr--593a7cf7-2af4-43ed-8ac0-4c03950d210f",
"observed-data--593a7cf8-42b8-4910-b597-4105950d210f",
"url--593a7cf8-42b8-4910-b597-4105950d210f",
"observed-data--593a7cf8-adf8-49ae-89f2-4b8f950d210f",
"network-traffic--593a7cf8-adf8-49ae-89f2-4b8f950d210f",
"ipv4-addr--593a7cf8-adf8-49ae-89f2-4b8f950d210f",
"observed-data--593a7cf9-3854-4347-b63f-43b1950d210f",
"url--593a7cf9-3854-4347-b63f-43b1950d210f",
"observed-data--593a7cfa-4cd8-456a-a9ff-4045950d210f",
"network-traffic--593a7cfa-4cd8-456a-a9ff-4045950d210f",
"ipv4-addr--593a7cfa-4cd8-456a-a9ff-4045950d210f",
"observed-data--593a7cfb-464c-4594-aea8-4cd8950d210f",
"url--593a7cfb-464c-4594-aea8-4cd8950d210f",
"observed-data--593a7cfb-2800-47e7-8973-4d0b950d210f",
"network-traffic--593a7cfb-2800-47e7-8973-4d0b950d210f",
"ipv4-addr--593a7cfb-2800-47e7-8973-4d0b950d210f",
"observed-data--593a7cfc-ca1c-4fab-9fab-4526950d210f",
"url--593a7cfc-ca1c-4fab-9fab-4526950d210f",
"observed-data--593a7cfd-ba5c-4751-b552-4538950d210f",
"network-traffic--593a7cfd-ba5c-4751-b552-4538950d210f",
"ipv4-addr--593a7cfd-ba5c-4751-b552-4538950d210f",
"observed-data--593a7cfd-5dd8-40e3-9f0e-469b950d210f",
"url--593a7cfd-5dd8-40e3-9f0e-469b950d210f",
"observed-data--593a7cfe-cfcc-4495-bccf-4765950d210f",
"network-traffic--593a7cfe-cfcc-4495-bccf-4765950d210f",
"ipv4-addr--593a7cfe-cfcc-4495-bccf-4765950d210f",
"observed-data--593a7cff-3758-4f65-928f-3089950d210f",
"url--593a7cff-3758-4f65-928f-3089950d210f",
"observed-data--593a7cff-48d4-4d91-a632-4e48950d210f",
"network-traffic--593a7cff-48d4-4d91-a632-4e48950d210f",
"ipv4-addr--593a7cff-48d4-4d91-a632-4e48950d210f",
"observed-data--593a7d00-07c0-42bb-836d-4bfe950d210f",
"url--593a7d00-07c0-42bb-836d-4bfe950d210f",
"observed-data--593a7d00-f76c-44bc-a4b9-4dca950d210f",
"network-traffic--593a7d00-f76c-44bc-a4b9-4dca950d210f",
"ipv4-addr--593a7d00-f76c-44bc-a4b9-4dca950d210f",
"observed-data--593a7d01-c0dc-4f30-b33e-454b950d210f",
"url--593a7d01-c0dc-4f30-b33e-454b950d210f",
"observed-data--593a7d02-1134-4666-bfbd-4e2a950d210f",
"network-traffic--593a7d02-1134-4666-bfbd-4e2a950d210f",
"ipv4-addr--593a7d02-1134-4666-bfbd-4e2a950d210f",
"observed-data--593a7d02-4b50-48ba-a958-4425950d210f",
"url--593a7d02-4b50-48ba-a958-4425950d210f",
"observed-data--593a7d03-96cc-4a9c-83e8-44f2950d210f",
"network-traffic--593a7d03-96cc-4a9c-83e8-44f2950d210f",
"ipv4-addr--593a7d03-96cc-4a9c-83e8-44f2950d210f",
"observed-data--593a7d04-51fc-4b4b-a045-4bfe950d210f",
"url--593a7d04-51fc-4b4b-a045-4bfe950d210f",
"observed-data--593a7d05-6080-498a-a8e1-4f9a950d210f",
"network-traffic--593a7d05-6080-498a-a8e1-4f9a950d210f",
"ipv4-addr--593a7d05-6080-498a-a8e1-4f9a950d210f",
"observed-data--593a7d05-afdc-421f-b65b-47f1950d210f",
"url--593a7d05-afdc-421f-b65b-47f1950d210f",
"observed-data--593a7d06-4b18-4ea9-9c69-44f6950d210f",
"network-traffic--593a7d06-4b18-4ea9-9c69-44f6950d210f",
"ipv4-addr--593a7d06-4b18-4ea9-9c69-44f6950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cae-daf8-4fe8-8ebf-472a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:10.000Z",
"modified": "2017-06-09T10:47:10.000Z",
"pattern": "[file:hashes.MD5 = '53a6c25425e5689d880f4c66a4074485']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7caf-fc64-4ddd-91ed-4e6a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:11.000Z",
"modified": "2017-06-09T10:47:11.000Z",
"pattern": "[file:hashes.MD5 = '402d735e59d191b2bde2f5f094688de5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7caf-8c10-43ed-b96c-4d3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:11.000Z",
"modified": "2017-06-09T10:47:11.000Z",
"pattern": "[url:value = 'http://11-2-11.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb0-a738-4dc1-9dcb-4c0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:12.000Z",
"modified": "2017-06-09T10:47:12.000Z",
"pattern": "[domain-name:value = '11-2-11.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cb0-8a80-4467-8516-452b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:12.000Z",
"modified": "2017-06-09T10:47:12.000Z",
"first_observed": "2017-06-09T10:47:12Z",
"last_observed": "2017-06-09T10:47:12Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cb0-8a80-4467-8516-452b950d210f",
"ipv4-addr--593a7cb0-8a80-4467-8516-452b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cb0-8a80-4467-8516-452b950d210f",
"dst_ref": "ipv4-addr--593a7cb0-8a80-4467-8516-452b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cb0-8a80-4467-8516-452b950d210f",
"value": "104.27.169.155"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cb1-ae40-47bb-8702-4bfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:13.000Z",
"modified": "2017-06-09T10:47:13.000Z",
"first_observed": "2017-06-09T10:47:13Z",
"last_observed": "2017-06-09T10:47:13Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cb1-ae40-47bb-8702-4bfe950d210f",
"ipv4-addr--593a7cb1-ae40-47bb-8702-4bfe950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cb1-ae40-47bb-8702-4bfe950d210f",
"dst_ref": "ipv4-addr--593a7cb1-ae40-47bb-8702-4bfe950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cb1-ae40-47bb-8702-4bfe950d210f",
"value": "104.27.168.155"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb2-c764-4599-8e32-3089950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:14.000Z",
"modified": "2017-06-09T10:47:14.000Z",
"pattern": "[url:value = 'http://123good.cn/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb2-6f30-47d3-8c0e-4cba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:14.000Z",
"modified": "2017-06-09T10:47:14.000Z",
"pattern": "[domain-name:value = '123good.cn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cb3-7794-4007-817e-4c33950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:15.000Z",
"modified": "2017-06-09T10:47:15.000Z",
"first_observed": "2017-06-09T10:47:15Z",
"last_observed": "2017-06-09T10:47:15Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cb3-7794-4007-817e-4c33950d210f",
"ipv4-addr--593a7cb3-7794-4007-817e-4c33950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cb3-7794-4007-817e-4c33950d210f",
"dst_ref": "ipv4-addr--593a7cb3-7794-4007-817e-4c33950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cb3-7794-4007-817e-4c33950d210f",
"value": "123.56.230.115"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb4-ee90-4e12-9d5d-438e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:16.000Z",
"modified": "2017-06-09T10:47:16.000Z",
"pattern": "[url:value = 'http://26milkwood.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb5-9644-4bd0-88b7-467c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:17.000Z",
"modified": "2017-06-09T10:47:17.000Z",
"pattern": "[domain-name:value = '26milkwood.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cb5-ef2c-44cb-9244-4bfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:17.000Z",
"modified": "2017-06-09T10:47:17.000Z",
"first_observed": "2017-06-09T10:47:17Z",
"last_observed": "2017-06-09T10:47:17Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cb5-ef2c-44cb-9244-4bfe950d210f",
"ipv4-addr--593a7cb5-ef2c-44cb-9244-4bfe950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cb5-ef2c-44cb-9244-4bfe950d210f",
"dst_ref": "ipv4-addr--593a7cb5-ef2c-44cb-9244-4bfe950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cb5-ef2c-44cb-9244-4bfe950d210f",
"value": "81.169.145.164"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb6-34c4-4b81-9e88-444d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:18.000Z",
"modified": "2017-06-09T10:47:18.000Z",
"pattern": "[url:value = 'http://angermeir.de/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb7-2ce0-45f1-9f3b-4e60950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:19.000Z",
"modified": "2017-06-09T10:47:19.000Z",
"pattern": "[domain-name:value = 'angermeir.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cb7-a45c-4e1c-b47b-4a02950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:19.000Z",
"modified": "2017-06-09T10:47:19.000Z",
"first_observed": "2017-06-09T10:47:19Z",
"last_observed": "2017-06-09T10:47:19Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cb7-a45c-4e1c-b47b-4a02950d210f",
"ipv4-addr--593a7cb7-a45c-4e1c-b47b-4a02950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cb7-a45c-4e1c-b47b-4a02950d210f",
"dst_ref": "ipv4-addr--593a7cb7-a45c-4e1c-b47b-4a02950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cb7-a45c-4e1c-b47b-4a02950d210f",
"value": "85.214.146.249"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb8-8258-467b-84bd-4f1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:20.000Z",
"modified": "2017-06-09T10:47:20.000Z",
"pattern": "[url:value = 'http://autom.ca/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb8-48e8-4b31-b285-4ac9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:20.000Z",
"modified": "2017-06-09T10:47:20.000Z",
"pattern": "[domain-name:value = 'autom.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cb9-50ac-47e4-83b7-4d44950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:21.000Z",
"modified": "2017-06-09T10:47:21.000Z",
"first_observed": "2017-06-09T10:47:21Z",
"last_observed": "2017-06-09T10:47:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cb9-50ac-47e4-83b7-4d44950d210f",
"ipv4-addr--593a7cb9-50ac-47e4-83b7-4d44950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cb9-50ac-47e4-83b7-4d44950d210f",
"dst_ref": "ipv4-addr--593a7cb9-50ac-47e4-83b7-4d44950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cb9-50ac-47e4-83b7-4d44950d210f",
"value": "76.74.235.220"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cb9-aa2c-4b3d-b43f-47a3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:21.000Z",
"modified": "2017-06-09T10:47:21.000Z",
"pattern": "[url:value = 'http://canadawatt.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cba-218c-442e-9e22-7db6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:22.000Z",
"modified": "2017-06-09T10:47:22.000Z",
"pattern": "[domain-name:value = 'canadawatt.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cbb-9cb0-4992-a31f-482f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:23.000Z",
"modified": "2017-06-09T10:47:23.000Z",
"first_observed": "2017-06-09T10:47:23Z",
"last_observed": "2017-06-09T10:47:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cbb-9cb0-4992-a31f-482f950d210f",
"ipv4-addr--593a7cbb-9cb0-4992-a31f-482f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cbb-9cb0-4992-a31f-482f950d210f",
"dst_ref": "ipv4-addr--593a7cbb-9cb0-4992-a31f-482f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cbb-9cb0-4992-a31f-482f950d210f",
"value": "183.90.246.7"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cbc-2b60-40d6-b62c-485d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:24.000Z",
"modified": "2017-06-09T10:47:24.000Z",
"pattern": "[url:value = 'http://cgarsltd.co.uk/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cbc-1800-4223-acc2-46fe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:24.000Z",
"modified": "2017-06-09T10:47:24.000Z",
"pattern": "[domain-name:value = 'cgarsltd.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cbd-6c5c-45e8-9b33-4b68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:25.000Z",
"modified": "2017-06-09T10:47:25.000Z",
"first_observed": "2017-06-09T10:47:25Z",
"last_observed": "2017-06-09T10:47:25Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cbd-6c5c-45e8-9b33-4b68950d210f",
"ipv4-addr--593a7cbd-6c5c-45e8-9b33-4b68950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cbd-6c5c-45e8-9b33-4b68950d210f",
"dst_ref": "ipv4-addr--593a7cbd-6c5c-45e8-9b33-4b68950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cbd-6c5c-45e8-9b33-4b68950d210f",
"value": "185.24.96.18"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cbd-537c-443a-90de-41a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:25.000Z",
"modified": "2017-06-09T10:47:25.000Z",
"pattern": "[url:value = 'http://code3grafx.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cbe-9020-43b5-9146-440c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:26.000Z",
"modified": "2017-06-09T10:47:26.000Z",
"pattern": "[domain-name:value = 'code3grafx.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cbf-1530-458f-815d-404b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:27.000Z",
"modified": "2017-06-09T10:47:27.000Z",
"first_observed": "2017-06-09T10:47:27Z",
"last_observed": "2017-06-09T10:47:27Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cbf-1530-458f-815d-404b950d210f",
"ipv4-addr--593a7cbf-1530-458f-815d-404b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cbf-1530-458f-815d-404b950d210f",
"dst_ref": "ipv4-addr--593a7cbf-1530-458f-815d-404b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cbf-1530-458f-815d-404b950d210f",
"value": "69.175.4.154"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc0-6138-4a42-9763-4ca5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:28.000Z",
"modified": "2017-06-09T10:47:28.000Z",
"pattern": "[url:value = 'http://crazybitchapparel.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc0-6cf8-4202-881b-4abd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:28.000Z",
"modified": "2017-06-09T10:47:28.000Z",
"pattern": "[domain-name:value = 'crazybitchapparel.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cc1-cf04-4dbc-aa53-4b68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:29.000Z",
"modified": "2017-06-09T10:47:29.000Z",
"first_observed": "2017-06-09T10:47:29Z",
"last_observed": "2017-06-09T10:47:29Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cc1-cf04-4dbc-aa53-4b68950d210f",
"ipv4-addr--593a7cc1-cf04-4dbc-aa53-4b68950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cc1-cf04-4dbc-aa53-4b68950d210f",
"dst_ref": "ipv4-addr--593a7cc1-cf04-4dbc-aa53-4b68950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cc1-cf04-4dbc-aa53-4b68950d210f",
"value": "66.117.0.108"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc1-a43c-4166-b59e-7db6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:29.000Z",
"modified": "2017-06-09T10:47:29.000Z",
"pattern": "[url:value = 'http://cv85.cn/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc2-f4fc-411f-9d23-4bb3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:30.000Z",
"modified": "2017-06-09T10:47:30.000Z",
"pattern": "[domain-name:value = 'cv85.cn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cc4-51ec-4176-b3f7-4b85950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:32.000Z",
"modified": "2017-06-09T10:47:32.000Z",
"first_observed": "2017-06-09T10:47:32Z",
"last_observed": "2017-06-09T10:47:32Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cc4-51ec-4176-b3f7-4b85950d210f",
"ipv4-addr--593a7cc4-51ec-4176-b3f7-4b85950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cc4-51ec-4176-b3f7-4b85950d210f",
"dst_ref": "ipv4-addr--593a7cc4-51ec-4176-b3f7-4b85950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cc4-51ec-4176-b3f7-4b85950d210f",
"value": "123.184.18.142"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc5-3d88-4a4f-8b9c-4558950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:33.000Z",
"modified": "2017-06-09T10:47:33.000Z",
"pattern": "[url:value = 'http://cztaxes.cz/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc5-99a0-4606-a12d-4173950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:33.000Z",
"modified": "2017-06-09T10:47:33.000Z",
"pattern": "[domain-name:value = 'cztaxes.cz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cc6-66c8-41e5-b2d4-4d62950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:34.000Z",
"modified": "2017-06-09T10:47:34.000Z",
"first_observed": "2017-06-09T10:47:34Z",
"last_observed": "2017-06-09T10:47:34Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cc6-66c8-41e5-b2d4-4d62950d210f",
"ipv4-addr--593a7cc6-66c8-41e5-b2d4-4d62950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cc6-66c8-41e5-b2d4-4d62950d210f",
"dst_ref": "ipv4-addr--593a7cc6-66c8-41e5-b2d4-4d62950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cc6-66c8-41e5-b2d4-4d62950d210f",
"value": "88.208.118.146"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc6-dde4-4e1c-a31e-4b1a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:34.000Z",
"modified": "2017-06-09T10:47:34.000Z",
"pattern": "[url:value = 'http://e67tfgc4uybfbnfmd.org/af/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc7-04f0-478d-a331-4c43950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:35.000Z",
"modified": "2017-06-09T10:47:35.000Z",
"pattern": "[domain-name:value = 'e67tfgc4uybfbnfmd.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cc9-5150-41ea-b1a9-4d14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:37.000Z",
"modified": "2017-06-09T10:47:37.000Z",
"first_observed": "2017-06-09T10:47:37Z",
"last_observed": "2017-06-09T10:47:37Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cc9-5150-41ea-b1a9-4d14950d210f",
"ipv4-addr--593a7cc9-5150-41ea-b1a9-4d14950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cc9-5150-41ea-b1a9-4d14950d210f",
"dst_ref": "ipv4-addr--593a7cc9-5150-41ea-b1a9-4d14950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cc9-5150-41ea-b1a9-4d14950d210f",
"value": "119.28.85.128"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cc9-6c68-45a8-b2da-4fa5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:37.000Z",
"modified": "2017-06-09T10:47:37.000Z",
"pattern": "[url:value = 'http://kitapportal.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cca-054c-4c08-885b-44ce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:38.000Z",
"modified": "2017-06-09T10:47:38.000Z",
"pattern": "[domain-name:value = 'kitapportal.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cca-9070-4f6a-becb-450d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:38.000Z",
"modified": "2017-06-09T10:47:38.000Z",
"first_observed": "2017-06-09T10:47:38Z",
"last_observed": "2017-06-09T10:47:38Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cca-9070-4f6a-becb-450d950d210f",
"ipv4-addr--593a7cca-9070-4f6a-becb-450d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cca-9070-4f6a-becb-450d950d210f",
"dst_ref": "ipv4-addr--593a7cca-9070-4f6a-becb-450d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cca-9070-4f6a-becb-450d950d210f",
"value": "5.2.81.171"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ccb-5c00-43f7-a05b-4770950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:39.000Z",
"modified": "2017-06-09T10:47:39.000Z",
"pattern": "[url:value = 'http://lavalve.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ccb-b0d4-4cbe-94d1-4c1b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:39.000Z",
"modified": "2017-06-09T10:47:39.000Z",
"pattern": "[domain-name:value = 'lavalve.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7ccc-7f48-48a5-8de8-4d1f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:40.000Z",
"modified": "2017-06-09T10:47:40.000Z",
"first_observed": "2017-06-09T10:47:40Z",
"last_observed": "2017-06-09T10:47:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7ccc-7f48-48a5-8de8-4d1f950d210f",
"ipv4-addr--593a7ccc-7f48-48a5-8de8-4d1f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7ccc-7f48-48a5-8de8-4d1f950d210f",
"dst_ref": "ipv4-addr--593a7ccc-7f48-48a5-8de8-4d1f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7ccc-7f48-48a5-8de8-4d1f950d210f",
"value": "108.174.155.34"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ccd-acb4-4a44-8aaf-4bfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:41.000Z",
"modified": "2017-06-09T10:47:41.000Z",
"pattern": "[url:value = 'http://lernwiki.de/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ccd-1350-4acc-a98d-4ee2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:41.000Z",
"modified": "2017-06-09T10:47:41.000Z",
"pattern": "[domain-name:value = 'lernwiki.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cce-500c-4622-9130-4b68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:42.000Z",
"modified": "2017-06-09T10:47:42.000Z",
"first_observed": "2017-06-09T10:47:42Z",
"last_observed": "2017-06-09T10:47:42Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cce-500c-4622-9130-4b68950d210f",
"ipv4-addr--593a7cce-500c-4622-9130-4b68950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cce-500c-4622-9130-4b68950d210f",
"dst_ref": "ipv4-addr--593a7cce-500c-4622-9130-4b68950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cce-500c-4622-9130-4b68950d210f",
"value": "185.170.112.17"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cce-2ecc-49db-aca3-44f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:42.000Z",
"modified": "2017-06-09T10:47:42.000Z",
"pattern": "[url:value = 'http://magrinho.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ccf-dd84-4e61-a340-3089950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:43.000Z",
"modified": "2017-06-09T10:47:43.000Z",
"pattern": "[domain-name:value = 'magrinho.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7ccf-e104-404a-926b-4c6a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:43.000Z",
"modified": "2017-06-09T10:47:43.000Z",
"first_observed": "2017-06-09T10:47:43Z",
"last_observed": "2017-06-09T10:47:43Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7ccf-e104-404a-926b-4c6a950d210f",
"ipv4-addr--593a7ccf-e104-404a-926b-4c6a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7ccf-e104-404a-926b-4c6a950d210f",
"dst_ref": "ipv4-addr--593a7ccf-e104-404a-926b-4c6a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7ccf-e104-404a-926b-4c6a950d210f",
"value": "213.186.33.24"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd0-0500-4414-b12d-4616950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:44.000Z",
"modified": "2017-06-09T10:47:44.000Z",
"pattern": "[url:value = 'http://mca.pt/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd1-3dfc-4541-9835-487e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:45.000Z",
"modified": "2017-06-09T10:47:45.000Z",
"pattern": "[domain-name:value = 'mca.pt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cd2-9bd0-4f5d-bb19-4b68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:46.000Z",
"modified": "2017-06-09T10:47:46.000Z",
"first_observed": "2017-06-09T10:47:46Z",
"last_observed": "2017-06-09T10:47:46Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cd2-9bd0-4f5d-bb19-4b68950d210f",
"ipv4-addr--593a7cd2-9bd0-4f5d-bb19-4b68950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cd2-9bd0-4f5d-bb19-4b68950d210f",
"dst_ref": "ipv4-addr--593a7cd2-9bd0-4f5d-bb19-4b68950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cd2-9bd0-4f5d-bb19-4b68950d210f",
"value": "89.26.241.1"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd2-0450-411e-bce2-4639950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:46.000Z",
"modified": "2017-06-09T10:47:46.000Z",
"pattern": "[url:value = 'http://motionvista.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd3-4f98-4393-85f4-3089950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:47.000Z",
"modified": "2017-06-09T10:47:47.000Z",
"pattern": "[domain-name:value = 'motionvista.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cd4-5040-479e-8ec9-4760950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:48.000Z",
"modified": "2017-06-09T10:47:48.000Z",
"first_observed": "2017-06-09T10:47:48Z",
"last_observed": "2017-06-09T10:47:48Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cd4-5040-479e-8ec9-4760950d210f",
"ipv4-addr--593a7cd4-5040-479e-8ec9-4760950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cd4-5040-479e-8ec9-4760950d210f",
"dst_ref": "ipv4-addr--593a7cd4-5040-479e-8ec9-4760950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cd4-5040-479e-8ec9-4760950d210f",
"value": "207.174.212.246"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd4-b764-45b6-9ad4-44a0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:48.000Z",
"modified": "2017-06-09T10:47:48.000Z",
"pattern": "[url:value = 'http://qomgraphic.ir/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd5-c464-4c78-8111-4b71950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:49.000Z",
"modified": "2017-06-09T10:47:49.000Z",
"pattern": "[domain-name:value = 'qomgraphic.ir']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cd5-8974-4ce0-81f0-4430950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:49.000Z",
"modified": "2017-06-09T10:47:49.000Z",
"first_observed": "2017-06-09T10:47:49Z",
"last_observed": "2017-06-09T10:47:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cd5-8974-4ce0-81f0-4430950d210f",
"ipv4-addr--593a7cd5-8974-4ce0-81f0-4430950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cd5-8974-4ce0-81f0-4430950d210f",
"dst_ref": "ipv4-addr--593a7cd5-8974-4ce0-81f0-4430950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cd5-8974-4ce0-81f0-4430950d210f",
"value": "88.99.73.189"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd6-fed4-4a1a-9c6e-4ad9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:50.000Z",
"modified": "2017-06-09T10:47:50.000Z",
"pattern": "[url:value = 'http://sanlitop.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd7-db18-4e39-9876-4e5e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:51.000Z",
"modified": "2017-06-09T10:47:51.000Z",
"pattern": "[domain-name:value = 'sanlitop.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cd7-cddc-4acf-90aa-3089950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:51.000Z",
"modified": "2017-06-09T10:47:51.000Z",
"first_observed": "2017-06-09T10:47:51Z",
"last_observed": "2017-06-09T10:47:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cd7-cddc-4acf-90aa-3089950d210f",
"ipv4-addr--593a7cd7-cddc-4acf-90aa-3089950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cd7-cddc-4acf-90aa-3089950d210f",
"dst_ref": "ipv4-addr--593a7cd7-cddc-4acf-90aa-3089950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cd7-cddc-4acf-90aa-3089950d210f",
"value": "185.8.128.46"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd8-c59c-4bf2-83eb-4071950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:52.000Z",
"modified": "2017-06-09T10:47:52.000Z",
"pattern": "[url:value = 'http://sellitni.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd8-6f1c-4c09-8831-4f8d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:52.000Z",
"modified": "2017-06-09T10:47:52.000Z",
"pattern": "[domain-name:value = 'sellitni.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cd9-c5e4-424e-859b-42cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:53.000Z",
"modified": "2017-06-09T10:47:53.000Z",
"first_observed": "2017-06-09T10:47:53Z",
"last_observed": "2017-06-09T10:47:53Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cd9-c5e4-424e-859b-42cc950d210f",
"ipv4-addr--593a7cd9-c5e4-424e-859b-42cc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cd9-c5e4-424e-859b-42cc950d210f",
"dst_ref": "ipv4-addr--593a7cd9-c5e4-424e-859b-42cc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cd9-c5e4-424e-859b-42cc950d210f",
"value": "188.165.220.204"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cd9-6cc4-47cc-be48-4d23950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:53.000Z",
"modified": "2017-06-09T10:47:53.000Z",
"pattern": "[url:value = 'http://seoworld.vn/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cda-a5e0-47e2-8538-4b68950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:54.000Z",
"modified": "2017-06-09T10:47:54.000Z",
"pattern": "[domain-name:value = 'seoworld.vn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cdb-5b7c-4081-a812-3089950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:55.000Z",
"modified": "2017-06-09T10:47:55.000Z",
"first_observed": "2017-06-09T10:47:55Z",
"last_observed": "2017-06-09T10:47:55Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cdb-5b7c-4081-a812-3089950d210f",
"ipv4-addr--593a7cdb-5b7c-4081-a812-3089950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cdb-5b7c-4081-a812-3089950d210f",
"dst_ref": "ipv4-addr--593a7cdb-5b7c-4081-a812-3089950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cdb-5b7c-4081-a812-3089950d210f",
"value": "103.255.236.34"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cdc-9440-452d-85a0-47df950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:56.000Z",
"modified": "2017-06-09T10:47:56.000Z",
"pattern": "[url:value = 'http://sermo.cl/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cdd-e888-4840-9fee-4bfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:57.000Z",
"modified": "2017-06-09T10:47:57.000Z",
"pattern": "[domain-name:value = 'sermo.cl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cdd-9e80-4398-959a-4e3e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:57.000Z",
"modified": "2017-06-09T10:47:57.000Z",
"first_observed": "2017-06-09T10:47:57Z",
"last_observed": "2017-06-09T10:47:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cdd-9e80-4398-959a-4e3e950d210f",
"ipv4-addr--593a7cdd-9e80-4398-959a-4e3e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cdd-9e80-4398-959a-4e3e950d210f",
"dst_ref": "ipv4-addr--593a7cdd-9e80-4398-959a-4e3e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cdd-9e80-4398-959a-4e3e950d210f",
"value": "23.89.193.16"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cde-9fb0-43de-a878-4c69950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:58.000Z",
"modified": "2017-06-09T10:47:58.000Z",
"pattern": "[url:value = 'http://shfangxun.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cdf-8fc4-43f7-9d94-4519950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:47:59.000Z",
"modified": "2017-06-09T10:47:59.000Z",
"pattern": "[domain-name:value = 'shfangxun.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:47:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7ce0-2530-41d4-a734-44e3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:00.000Z",
"modified": "2017-06-09T10:48:00.000Z",
"first_observed": "2017-06-09T10:48:00Z",
"last_observed": "2017-06-09T10:48:00Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7ce0-2530-41d4-a734-44e3950d210f",
"ipv4-addr--593a7ce0-2530-41d4-a734-44e3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7ce0-2530-41d4-a734-44e3950d210f",
"dst_ref": "ipv4-addr--593a7ce0-2530-41d4-a734-44e3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7ce0-2530-41d4-a734-44e3950d210f",
"value": "219.235.0.51"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ce0-db58-41eb-8425-4950950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:00.000Z",
"modified": "2017-06-09T10:48:00.000Z",
"pattern": "[url:value = 'http://sourcedoc.co.za/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:48:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ce1-ac2c-4329-8d10-4bfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:01.000Z",
"modified": "2017-06-09T10:48:01.000Z",
"pattern": "[domain-name:value = 'sourcedoc.co.za']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:48:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7ce7-7ff4-4bcb-868f-7db6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:07.000Z",
"modified": "2017-06-09T10:48:07.000Z",
"first_observed": "2017-06-09T10:48:07Z",
"last_observed": "2017-06-09T10:48:07Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7ce7-7ff4-4bcb-868f-7db6950d210f",
"ipv4-addr--593a7ce7-7ff4-4bcb-868f-7db6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7ce7-7ff4-4bcb-868f-7db6950d210f",
"dst_ref": "ipv4-addr--593a7ce7-7ff4-4bcb-868f-7db6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7ce7-7ff4-4bcb-868f-7db6950d210f",
"value": "41.185.8.210"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ce8-b46c-401e-9384-4355950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:08.000Z",
"modified": "2017-06-09T10:48:08.000Z",
"pattern": "[url:value = 'http://steeldios.com/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:48:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7ce8-b48c-4232-ade0-4ee1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:08.000Z",
"modified": "2017-06-09T10:48:08.000Z",
"pattern": "[domain-name:value = 'steeldios.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:48:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7ce9-af80-43d5-8868-4742950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:09.000Z",
"modified": "2017-06-09T10:48:09.000Z",
"first_observed": "2017-06-09T10:48:09Z",
"last_observed": "2017-06-09T10:48:09Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7ce9-af80-43d5-8868-4742950d210f",
"ipv4-addr--593a7ce9-af80-43d5-8868-4742950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7ce9-af80-43d5-8868-4742950d210f",
"dst_ref": "ipv4-addr--593a7ce9-af80-43d5-8868-4742950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7ce9-af80-43d5-8868-4742950d210f",
"value": "202.55.86.29"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cea-d9f4-4886-96f2-4b80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:10.000Z",
"modified": "2017-06-09T10:48:10.000Z",
"pattern": "[url:value = 'http://xishigroup.cn/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:48:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cea-9cc4-40d2-a6ea-474b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:10.000Z",
"modified": "2017-06-09T10:48:10.000Z",
"pattern": "[domain-name:value = 'xishigroup.cn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:48:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7ced-a090-4f25-a6a0-4ef0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:13.000Z",
"modified": "2017-06-09T10:48:13.000Z",
"first_observed": "2017-06-09T10:48:13Z",
"last_observed": "2017-06-09T10:48:13Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7ced-a090-4f25-a6a0-4ef0950d210f",
"ipv4-addr--593a7ced-a090-4f25-a6a0-4ef0950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7ced-a090-4f25-a6a0-4ef0950d210f",
"dst_ref": "ipv4-addr--593a7ced-a090-4f25-a6a0-4ef0950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7ced-a090-4f25-a6a0-4ef0950d210f",
"value": "59.57.84.163"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cee-8938-40cb-af7c-3089950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:14.000Z",
"modified": "2017-06-09T10:48:14.000Z",
"pattern": "[url:value = 'http://zakelijkwebsitegemak.nl/hjgf677']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:48:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a7cef-a4f8-49fb-a532-4f1f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:15.000Z",
"modified": "2017-06-09T10:48:15.000Z",
"pattern": "[domain-name:value = 'zakelijkwebsitegemak.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T10:48:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cef-fffc-4879-8cd8-4ce2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:15.000Z",
"modified": "2017-06-09T10:48:15.000Z",
"first_observed": "2017-06-09T10:48:15Z",
"last_observed": "2017-06-09T10:48:15Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cef-fffc-4879-8cd8-4ce2950d210f",
"ipv4-addr--593a7cef-fffc-4879-8cd8-4ce2950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cef-fffc-4879-8cd8-4ce2950d210f",
"dst_ref": "ipv4-addr--593a7cef-fffc-4879-8cd8-4ce2950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cef-fffc-4879-8cd8-4ce2950d210f",
"value": "83.143.187.65"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf0-8ec4-4042-b48b-463b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:16.000Z",
"modified": "2017-06-09T10:48:16.000Z",
"first_observed": "2017-06-09T10:48:16Z",
"last_observed": "2017-06-09T10:48:16Z",
"number_observed": 1,
"object_refs": [
"url--593a7cf0-8ec4-4042-b48b-463b950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cf0-8ec4-4042-b48b-463b950d210f",
"value": "212.24.110.51"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf1-7034-4cca-9a18-4cd1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:17.000Z",
"modified": "2017-06-09T10:48:17.000Z",
"first_observed": "2017-06-09T10:48:17Z",
"last_observed": "2017-06-09T10:48:17Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cf1-7034-4cca-9a18-4cd1950d210f",
"ipv4-addr--593a7cf1-7034-4cca-9a18-4cd1950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cf1-7034-4cca-9a18-4cd1950d210f",
"dst_ref": "ipv4-addr--593a7cf1-7034-4cca-9a18-4cd1950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cf1-7034-4cca-9a18-4cd1950d210f",
"value": "212.24.110.51"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf2-07d8-4aab-aa08-45c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:18.000Z",
"modified": "2017-06-09T10:48:18.000Z",
"first_observed": "2017-06-09T10:48:18Z",
"last_observed": "2017-06-09T10:48:18Z",
"number_observed": 1,
"object_refs": [
"url--593a7cf2-07d8-4aab-aa08-45c9950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cf2-07d8-4aab-aa08-45c9950d210f",
"value": "212.24.110.38"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf2-91d8-409a-bcc5-427f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:18.000Z",
"modified": "2017-06-09T10:48:18.000Z",
"first_observed": "2017-06-09T10:48:18Z",
"last_observed": "2017-06-09T10:48:18Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cf2-91d8-409a-bcc5-427f950d210f",
"ipv4-addr--593a7cf2-91d8-409a-bcc5-427f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cf2-91d8-409a-bcc5-427f950d210f",
"dst_ref": "ipv4-addr--593a7cf2-91d8-409a-bcc5-427f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cf2-91d8-409a-bcc5-427f950d210f",
"value": "212.24.110.38"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf3-a9a0-4a66-ad5e-4ee0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:19.000Z",
"modified": "2017-06-09T10:48:19.000Z",
"first_observed": "2017-06-09T10:48:19Z",
"last_observed": "2017-06-09T10:48:19Z",
"number_observed": 1,
"object_refs": [
"url--593a7cf3-a9a0-4a66-ad5e-4ee0950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cf3-a9a0-4a66-ad5e-4ee0950d210f",
"value": "212.24.110.35"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf3-8208-4de4-9ae1-44ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:19.000Z",
"modified": "2017-06-09T10:48:19.000Z",
"first_observed": "2017-06-09T10:48:19Z",
"last_observed": "2017-06-09T10:48:19Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cf3-8208-4de4-9ae1-44ec950d210f",
"ipv4-addr--593a7cf3-8208-4de4-9ae1-44ec950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cf3-8208-4de4-9ae1-44ec950d210f",
"dst_ref": "ipv4-addr--593a7cf3-8208-4de4-9ae1-44ec950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cf3-8208-4de4-9ae1-44ec950d210f",
"value": "212.24.110.35"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf4-c39c-4c6b-a09c-45c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:20.000Z",
"modified": "2017-06-09T10:48:20.000Z",
"first_observed": "2017-06-09T10:48:20Z",
"last_observed": "2017-06-09T10:48:20Z",
"number_observed": 1,
"object_refs": [
"url--593a7cf4-c39c-4c6b-a09c-45c9950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cf4-c39c-4c6b-a09c-45c9950d210f",
"value": "212.24.110.1"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:21.000Z",
"modified": "2017-06-09T10:48:21.000Z",
"first_observed": "2017-06-09T10:48:21Z",
"last_observed": "2017-06-09T10:48:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f",
"ipv4-addr--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f",
"dst_ref": "ipv4-addr--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cf5-f5c8-4ba7-ae6e-7db6950d210f",
"value": "212.24.110.1"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf5-b1d8-4507-b673-40c1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:21.000Z",
"modified": "2017-06-09T10:48:21.000Z",
"first_observed": "2017-06-09T10:48:21Z",
"last_observed": "2017-06-09T10:48:21Z",
"number_observed": 1,
"object_refs": [
"url--593a7cf5-b1d8-4507-b673-40c1950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cf5-b1d8-4507-b673-40c1950d210f",
"value": "212.24.109.218"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf6-c02c-41db-8f82-4840950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:22.000Z",
"modified": "2017-06-09T10:48:22.000Z",
"first_observed": "2017-06-09T10:48:22Z",
"last_observed": "2017-06-09T10:48:22Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cf6-c02c-41db-8f82-4840950d210f",
"ipv4-addr--593a7cf6-c02c-41db-8f82-4840950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cf6-c02c-41db-8f82-4840950d210f",
"dst_ref": "ipv4-addr--593a7cf6-c02c-41db-8f82-4840950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cf6-c02c-41db-8f82-4840950d210f",
"value": "212.24.109.218"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf7-17c8-4414-9342-4eea950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:23.000Z",
"modified": "2017-06-09T10:48:23.000Z",
"first_observed": "2017-06-09T10:48:23Z",
"last_observed": "2017-06-09T10:48:23Z",
"number_observed": 1,
"object_refs": [
"url--593a7cf7-17c8-4414-9342-4eea950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cf7-17c8-4414-9342-4eea950d210f",
"value": "212.24.109.200"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf7-2af4-43ed-8ac0-4c03950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:23.000Z",
"modified": "2017-06-09T10:48:23.000Z",
"first_observed": "2017-06-09T10:48:23Z",
"last_observed": "2017-06-09T10:48:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cf7-2af4-43ed-8ac0-4c03950d210f",
"ipv4-addr--593a7cf7-2af4-43ed-8ac0-4c03950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cf7-2af4-43ed-8ac0-4c03950d210f",
"dst_ref": "ipv4-addr--593a7cf7-2af4-43ed-8ac0-4c03950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cf7-2af4-43ed-8ac0-4c03950d210f",
"value": "212.24.109.200"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf8-42b8-4910-b597-4105950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:24.000Z",
"modified": "2017-06-09T10:48:24.000Z",
"first_observed": "2017-06-09T10:48:24Z",
"last_observed": "2017-06-09T10:48:24Z",
"number_observed": 1,
"object_refs": [
"url--593a7cf8-42b8-4910-b597-4105950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cf8-42b8-4910-b597-4105950d210f",
"value": "212.24.109.100"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf8-adf8-49ae-89f2-4b8f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:24.000Z",
"modified": "2017-06-09T10:48:24.000Z",
"first_observed": "2017-06-09T10:48:24Z",
"last_observed": "2017-06-09T10:48:24Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cf8-adf8-49ae-89f2-4b8f950d210f",
"ipv4-addr--593a7cf8-adf8-49ae-89f2-4b8f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cf8-adf8-49ae-89f2-4b8f950d210f",
"dst_ref": "ipv4-addr--593a7cf8-adf8-49ae-89f2-4b8f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cf8-adf8-49ae-89f2-4b8f950d210f",
"value": "212.24.109.100"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cf9-3854-4347-b63f-43b1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:25.000Z",
"modified": "2017-06-09T10:48:25.000Z",
"first_observed": "2017-06-09T10:48:25Z",
"last_observed": "2017-06-09T10:48:25Z",
"number_observed": 1,
"object_refs": [
"url--593a7cf9-3854-4347-b63f-43b1950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cf9-3854-4347-b63f-43b1950d210f",
"value": "195.2.252.152"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cfa-4cd8-456a-a9ff-4045950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:26.000Z",
"modified": "2017-06-09T10:48:26.000Z",
"first_observed": "2017-06-09T10:48:26Z",
"last_observed": "2017-06-09T10:48:26Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cfa-4cd8-456a-a9ff-4045950d210f",
"ipv4-addr--593a7cfa-4cd8-456a-a9ff-4045950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cfa-4cd8-456a-a9ff-4045950d210f",
"dst_ref": "ipv4-addr--593a7cfa-4cd8-456a-a9ff-4045950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cfa-4cd8-456a-a9ff-4045950d210f",
"value": "195.2.252.152"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cfb-464c-4594-aea8-4cd8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:27.000Z",
"modified": "2017-06-09T10:48:27.000Z",
"first_observed": "2017-06-09T10:48:27Z",
"last_observed": "2017-06-09T10:48:27Z",
"number_observed": 1,
"object_refs": [
"url--593a7cfb-464c-4594-aea8-4cd8950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cfb-464c-4594-aea8-4cd8950d210f",
"value": "37.59.158.241"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cfb-2800-47e7-8973-4d0b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:27.000Z",
"modified": "2017-06-09T10:48:27.000Z",
"first_observed": "2017-06-09T10:48:27Z",
"last_observed": "2017-06-09T10:48:27Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cfb-2800-47e7-8973-4d0b950d210f",
"ipv4-addr--593a7cfb-2800-47e7-8973-4d0b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cfb-2800-47e7-8973-4d0b950d210f",
"dst_ref": "ipv4-addr--593a7cfb-2800-47e7-8973-4d0b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cfb-2800-47e7-8973-4d0b950d210f",
"value": "37.59.158.241"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cfc-ca1c-4fab-9fab-4526950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:28.000Z",
"modified": "2017-06-09T10:48:28.000Z",
"first_observed": "2017-06-09T10:48:28Z",
"last_observed": "2017-06-09T10:48:28Z",
"number_observed": 1,
"object_refs": [
"url--593a7cfc-ca1c-4fab-9fab-4526950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cfc-ca1c-4fab-9fab-4526950d210f",
"value": "147.135.144.28"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cfd-ba5c-4751-b552-4538950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:29.000Z",
"modified": "2017-06-09T10:48:29.000Z",
"first_observed": "2017-06-09T10:48:29Z",
"last_observed": "2017-06-09T10:48:29Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cfd-ba5c-4751-b552-4538950d210f",
"ipv4-addr--593a7cfd-ba5c-4751-b552-4538950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cfd-ba5c-4751-b552-4538950d210f",
"dst_ref": "ipv4-addr--593a7cfd-ba5c-4751-b552-4538950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cfd-ba5c-4751-b552-4538950d210f",
"value": "147.135.144.28"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cfd-5dd8-40e3-9f0e-469b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:29.000Z",
"modified": "2017-06-09T10:48:29.000Z",
"first_observed": "2017-06-09T10:48:29Z",
"last_observed": "2017-06-09T10:48:29Z",
"number_observed": 1,
"object_refs": [
"url--593a7cfd-5dd8-40e3-9f0e-469b950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cfd-5dd8-40e3-9f0e-469b950d210f",
"value": "212.24.110.190"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cfe-cfcc-4495-bccf-4765950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:30.000Z",
"modified": "2017-06-09T10:48:30.000Z",
"first_observed": "2017-06-09T10:48:30Z",
"last_observed": "2017-06-09T10:48:30Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cfe-cfcc-4495-bccf-4765950d210f",
"ipv4-addr--593a7cfe-cfcc-4495-bccf-4765950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cfe-cfcc-4495-bccf-4765950d210f",
"dst_ref": "ipv4-addr--593a7cfe-cfcc-4495-bccf-4765950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cfe-cfcc-4495-bccf-4765950d210f",
"value": "212.24.110.190"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cff-3758-4f65-928f-3089950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:31.000Z",
"modified": "2017-06-09T10:48:31.000Z",
"first_observed": "2017-06-09T10:48:31Z",
"last_observed": "2017-06-09T10:48:31Z",
"number_observed": 1,
"object_refs": [
"url--593a7cff-3758-4f65-928f-3089950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7cff-3758-4f65-928f-3089950d210f",
"value": "212.24.110.154"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7cff-48d4-4d91-a632-4e48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:31.000Z",
"modified": "2017-06-09T10:48:31.000Z",
"first_observed": "2017-06-09T10:48:31Z",
"last_observed": "2017-06-09T10:48:31Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7cff-48d4-4d91-a632-4e48950d210f",
"ipv4-addr--593a7cff-48d4-4d91-a632-4e48950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7cff-48d4-4d91-a632-4e48950d210f",
"dst_ref": "ipv4-addr--593a7cff-48d4-4d91-a632-4e48950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7cff-48d4-4d91-a632-4e48950d210f",
"value": "212.24.110.154"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d00-07c0-42bb-836d-4bfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:32.000Z",
"modified": "2017-06-09T10:48:32.000Z",
"first_observed": "2017-06-09T10:48:32Z",
"last_observed": "2017-06-09T10:48:32Z",
"number_observed": 1,
"object_refs": [
"url--593a7d00-07c0-42bb-836d-4bfe950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7d00-07c0-42bb-836d-4bfe950d210f",
"value": "76.8.104.213"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d00-f76c-44bc-a4b9-4dca950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:32.000Z",
"modified": "2017-06-09T10:48:32.000Z",
"first_observed": "2017-06-09T10:48:32Z",
"last_observed": "2017-06-09T10:48:32Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7d00-f76c-44bc-a4b9-4dca950d210f",
"ipv4-addr--593a7d00-f76c-44bc-a4b9-4dca950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7d00-f76c-44bc-a4b9-4dca950d210f",
"dst_ref": "ipv4-addr--593a7d00-f76c-44bc-a4b9-4dca950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7d00-f76c-44bc-a4b9-4dca950d210f",
"value": "76.8.104.213"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d01-c0dc-4f30-b33e-454b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:33.000Z",
"modified": "2017-06-09T10:48:33.000Z",
"first_observed": "2017-06-09T10:48:33Z",
"last_observed": "2017-06-09T10:48:33Z",
"number_observed": 1,
"object_refs": [
"url--593a7d01-c0dc-4f30-b33e-454b950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7d01-c0dc-4f30-b33e-454b950d210f",
"value": "193.0.140.177"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d02-1134-4666-bfbd-4e2a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:34.000Z",
"modified": "2017-06-09T10:48:34.000Z",
"first_observed": "2017-06-09T10:48:34Z",
"last_observed": "2017-06-09T10:48:34Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7d02-1134-4666-bfbd-4e2a950d210f",
"ipv4-addr--593a7d02-1134-4666-bfbd-4e2a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7d02-1134-4666-bfbd-4e2a950d210f",
"dst_ref": "ipv4-addr--593a7d02-1134-4666-bfbd-4e2a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7d02-1134-4666-bfbd-4e2a950d210f",
"value": "193.0.140.177"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d02-4b50-48ba-a958-4425950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:34.000Z",
"modified": "2017-06-09T10:48:34.000Z",
"first_observed": "2017-06-09T10:48:34Z",
"last_observed": "2017-06-09T10:48:34Z",
"number_observed": 1,
"object_refs": [
"url--593a7d02-4b50-48ba-a958-4425950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7d02-4b50-48ba-a958-4425950d210f",
"value": "89.231.13.18"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d03-96cc-4a9c-83e8-44f2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:35.000Z",
"modified": "2017-06-09T10:48:35.000Z",
"first_observed": "2017-06-09T10:48:35Z",
"last_observed": "2017-06-09T10:48:35Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7d03-96cc-4a9c-83e8-44f2950d210f",
"ipv4-addr--593a7d03-96cc-4a9c-83e8-44f2950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7d03-96cc-4a9c-83e8-44f2950d210f",
"dst_ref": "ipv4-addr--593a7d03-96cc-4a9c-83e8-44f2950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7d03-96cc-4a9c-83e8-44f2950d210f",
"value": "89.231.13.18"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d04-51fc-4b4b-a045-4bfe950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:36.000Z",
"modified": "2017-06-09T10:48:36.000Z",
"first_observed": "2017-06-09T10:48:36Z",
"last_observed": "2017-06-09T10:48:36Z",
"number_observed": 1,
"object_refs": [
"url--593a7d04-51fc-4b4b-a045-4bfe950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7d04-51fc-4b4b-a045-4bfe950d210f",
"value": "89.231.13.27"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d05-6080-498a-a8e1-4f9a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:37.000Z",
"modified": "2017-06-09T10:48:37.000Z",
"first_observed": "2017-06-09T10:48:37Z",
"last_observed": "2017-06-09T10:48:37Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7d05-6080-498a-a8e1-4f9a950d210f",
"ipv4-addr--593a7d05-6080-498a-a8e1-4f9a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7d05-6080-498a-a8e1-4f9a950d210f",
"dst_ref": "ipv4-addr--593a7d05-6080-498a-a8e1-4f9a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7d05-6080-498a-a8e1-4f9a950d210f",
"value": "89.231.13.27"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d05-afdc-421f-b65b-47f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:37.000Z",
"modified": "2017-06-09T10:48:37.000Z",
"first_observed": "2017-06-09T10:48:37Z",
"last_observed": "2017-06-09T10:48:37Z",
"number_observed": 1,
"object_refs": [
"url--593a7d05-afdc-421f-b65b-47f1950d210f"
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--593a7d05-afdc-421f-b65b-47f1950d210f",
"value": "89.231.13.33"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a7d06-4b18-4ea9-9c69-44f6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T10:48:38.000Z",
"modified": "2017-06-09T10:48:38.000Z",
"first_observed": "2017-06-09T10:48:38Z",
"last_observed": "2017-06-09T10:48:38Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a7d06-4b18-4ea9-9c69-44f6950d210f",
"ipv4-addr--593a7d06-4b18-4ea9-9c69-44f6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a7d06-4b18-4ea9-9c69-44f6950d210f",
"dst_ref": "ipv4-addr--593a7d06-4b18-4ea9-9c69-44f6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a7d06-4b18-4ea9-9c69-44f6950d210f",
"value": "89.231.13.33"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}