adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/59de12ce-625c-4b9a-95fb-fc5b950d210f.json

3714 lines
No EOL
148 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--59de12ce-625c-4b9a-95fb-fc5b950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:26.000Z",
"modified": "2017-10-12T17:42:26.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--59de12ce-625c-4b9a-95fb-fc5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:42:26.000Z",
"modified": "2017-10-12T17:42:26.000Z",
"name": "M2M - Locky Affid=3, \".asasin\"/Trickbot \"mac1\" 2017-10-11 : \"Supplement payment 1234567890\" - \"F1234567890_11102017.7z\"",
"published": "2017-10-12T17:42:32Z",
"object_refs": [
"indicator--59de12cf-2490-4184-92a6-fbb6950d210f",
"indicator--59de12cf-78d4-4a70-bbbd-44fd950d210f",
"indicator--59de12cf-3efc-46e9-a078-4bb9950d210f",
"indicator--59de12d0-c714-4833-81a0-ac3b950d210f",
"observed-data--59de12d0-6840-4eeb-88c9-4194950d210f",
"network-traffic--59de12d0-6840-4eeb-88c9-4194950d210f",
"ipv4-addr--59de12d0-6840-4eeb-88c9-4194950d210f",
"indicator--59de12d0-e244-49fe-9840-4188950d210f",
"indicator--59de12d0-51a4-447d-95df-fc5b950d210f",
"observed-data--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f",
"network-traffic--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f",
"ipv4-addr--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f",
"indicator--59de12d1-06d0-4051-ae42-4142950d210f",
"indicator--59de12d1-7390-45e9-9f08-4e60950d210f",
"observed-data--59de12d2-54b8-4142-8a2f-fc1d950d210f",
"network-traffic--59de12d2-54b8-4142-8a2f-fc1d950d210f",
"ipv4-addr--59de12d2-54b8-4142-8a2f-fc1d950d210f",
"indicator--59de12d2-243c-4f7d-9d4f-ade0950d210f",
"indicator--59de12d3-cf60-41cf-8241-ae14950d210f",
"observed-data--59de12d3-5b54-4359-9caf-ac3b950d210f",
"network-traffic--59de12d3-5b54-4359-9caf-ac3b950d210f",
"ipv4-addr--59de12d3-5b54-4359-9caf-ac3b950d210f",
"indicator--59de12d3-48e8-410d-adcc-4194950d210f",
"indicator--59de12d3-ca90-4afd-b630-47cd950d210f",
"observed-data--59de12d4-3e54-4cd3-8b8d-fc5b950d210f",
"network-traffic--59de12d4-3e54-4cd3-8b8d-fc5b950d210f",
"ipv4-addr--59de12d4-3e54-4cd3-8b8d-fc5b950d210f",
"indicator--59de12d4-a624-4d4d-a073-ad5d950d210f",
"indicator--59de12d4-19f8-4528-929a-4652950d210f",
"observed-data--59de12d4-3324-40a0-9285-4e28950d210f",
"network-traffic--59de12d4-3324-40a0-9285-4e28950d210f",
"ipv4-addr--59de12d4-3324-40a0-9285-4e28950d210f",
"indicator--59de12d5-5120-499c-a513-4f82950d210f",
"indicator--59de12d5-6814-4d97-bbca-fbb6950d210f",
"observed-data--59de12d5-50d0-4d07-a2b5-ade0950d210f",
"network-traffic--59de12d5-50d0-4d07-a2b5-ade0950d210f",
"ipv4-addr--59de12d5-50d0-4d07-a2b5-ade0950d210f",
"indicator--59de12d5-7780-4b44-be12-ae14950d210f",
"indicator--59de12d6-a99c-4a4c-80dc-45eb950d210f",
"observed-data--59de12d7-6b9c-4f69-b65b-4188950d210f",
"network-traffic--59de12d7-6b9c-4f69-b65b-4188950d210f",
"ipv4-addr--59de12d7-6b9c-4f69-b65b-4188950d210f",
"indicator--59de12d7-5934-4b0e-b941-443a950d210f",
"indicator--59de12d7-b708-45eb-8d91-fbb6950d210f",
"observed-data--59de12d8-ad80-4bba-8613-4592950d210f",
"network-traffic--59de12d8-ad80-4bba-8613-4592950d210f",
"ipv4-addr--59de12d8-ad80-4bba-8613-4592950d210f",
"indicator--59de12d8-9fd8-489b-bc66-fc5b950d210f",
"indicator--59de12d9-6acc-4d10-a3f8-4f3b950d210f",
"observed-data--59de12d9-f9a4-4c98-843b-3f0e950d210f",
"network-traffic--59de12d9-f9a4-4c98-843b-3f0e950d210f",
"ipv4-addr--59de12d9-f9a4-4c98-843b-3f0e950d210f",
"indicator--59de12d9-1784-47b9-ac3d-4142950d210f",
"indicator--59de12d9-d9ac-4d9f-9c7a-4a3e950d210f",
"observed-data--59de12da-5f50-4530-a218-491b950d210f",
"network-traffic--59de12da-5f50-4530-a218-491b950d210f",
"ipv4-addr--59de12da-5f50-4530-a218-491b950d210f",
"indicator--59de12da-f510-4f97-bdd9-ade0950d210f",
"indicator--59de12db-4a3c-44e7-b391-ae14950d210f",
"indicator--59de12f9-8228-4fee-a870-ae14950d210f",
"indicator--59de12f9-3fd8-487e-8da4-4b00950d210f",
"observed-data--59de12f9-3d48-4a92-91fe-449f950d210f",
"network-traffic--59de12f9-3d48-4a92-91fe-449f950d210f",
"ipv4-addr--59de12f9-3d48-4a92-91fe-449f950d210f",
"indicator--59de12fa-38e8-466b-b5d6-443b950d210f",
"indicator--59de12fa-4218-4da1-a1d9-4194950d210f",
"observed-data--59de12fa-6b60-4fde-aa13-ad5d950d210f",
"network-traffic--59de12fa-6b60-4fde-aa13-ad5d950d210f",
"ipv4-addr--59de12fa-6b60-4fde-aa13-ad5d950d210f",
"indicator--59de12fa-1560-4f42-bcbf-49a4950d210f",
"indicator--59de12fa-1824-46ee-b827-4142950d210f",
"observed-data--59de12fb-b4a8-44d2-b5a8-4aee950d210f",
"network-traffic--59de12fb-b4a8-44d2-b5a8-4aee950d210f",
"ipv4-addr--59de12fb-b4a8-44d2-b5a8-4aee950d210f",
"indicator--59de12fb-1b78-488a-8a8a-3f0e950d210f",
"indicator--59de12fb-9e48-4750-a840-435f950d210f",
"observed-data--59de12fc-3058-4e4d-b8bc-ae14950d210f",
"network-traffic--59de12fc-3058-4e4d-b8bc-ae14950d210f",
"ipv4-addr--59de12fc-3058-4e4d-b8bc-ae14950d210f",
"indicator--59de12fc-c1b8-4135-8181-48ad950d210f",
"indicator--59de12fc-7e2c-4647-8461-430c950d210f",
"observed-data--59de12fd-ded0-4413-b45c-4759950d210f",
"network-traffic--59de12fd-ded0-4413-b45c-4759950d210f",
"ipv4-addr--59de12fd-ded0-4413-b45c-4759950d210f",
"indicator--59de12fd-cbc4-41c0-b92d-4194950d210f",
"indicator--59de12fd-ba3c-4336-8813-ad5d950d210f",
"observed-data--59de12fe-2cc4-4d03-b513-4c8c950d210f",
"network-traffic--59de12fe-2cc4-4d03-b513-4c8c950d210f",
"ipv4-addr--59de12fe-2cc4-4d03-b513-4c8c950d210f",
"indicator--59de12ff-8ba4-4da5-985f-4e03950d210f",
"indicator--59de12ff-f8a0-4f71-90e0-445f950d210f",
"observed-data--59de12ff-116c-445d-8cda-fc1d950d210f",
"network-traffic--59de12ff-116c-445d-8cda-fc1d950d210f",
"ipv4-addr--59de12ff-116c-445d-8cda-fc1d950d210f",
"indicator--59de12ff-132c-4d95-9bce-fbb6950d210f",
"indicator--59de12ff-0364-4d36-9379-ae14950d210f",
"observed-data--59de1300-3718-4c5f-a436-ac3b950d210f",
"network-traffic--59de1300-3718-4c5f-a436-ac3b950d210f",
"ipv4-addr--59de1300-3718-4c5f-a436-ac3b950d210f",
"indicator--59de1300-2d88-4fe9-b7ec-fc1c950d210f",
"indicator--59de1300-4940-496f-9583-400a950d210f",
"observed-data--59de1301-c154-4009-9434-fc5b950d210f",
"network-traffic--59de1301-c154-4009-9434-fc5b950d210f",
"ipv4-addr--59de1301-c154-4009-9434-fc5b950d210f",
"indicator--59de1301-cd38-48e0-a8c3-401a950d210f",
"indicator--59de1301-0ad4-4cee-981c-4188950d210f",
"observed-data--59de1302-ef64-4a89-bd10-4c93950d210f",
"network-traffic--59de1302-ef64-4a89-bd10-4c93950d210f",
"ipv4-addr--59de1302-ef64-4a89-bd10-4c93950d210f",
"indicator--59de1302-33d4-4112-89de-4c5b950d210f",
"indicator--59de1302-59ec-4bf0-9734-fc1d950d210f",
"observed-data--59de1303-03d0-42bd-8bc6-fbb6950d210f",
"network-traffic--59de1303-03d0-42bd-8bc6-fbb6950d210f",
"ipv4-addr--59de1303-03d0-42bd-8bc6-fbb6950d210f",
"indicator--59de1303-18e8-462d-84a8-49ee950d210f",
"indicator--59de1303-6fcc-4d37-9038-ac3b950d210f",
"observed-data--59de1304-ef7c-4b24-a1fd-fc1c950d210f",
"network-traffic--59de1304-ef7c-4b24-a1fd-fc1c950d210f",
"ipv4-addr--59de1304-ef7c-4b24-a1fd-fc1c950d210f",
"indicator--59de1304-ebc4-4f2c-a33c-4194950d210f",
"indicator--59de1304-36d0-49b7-bdb0-ad5d950d210f",
"observed-data--59de1304-ab68-44f5-8ca0-4188950d210f",
"network-traffic--59de1304-ab68-44f5-8ca0-4188950d210f",
"ipv4-addr--59de1304-ab68-44f5-8ca0-4188950d210f",
"indicator--59de1304-30dc-424a-a0c6-4142950d210f",
"indicator--59de1305-c410-4ccd-ab6c-4a30950d210f",
"observed-data--59de1305-f134-4796-8df7-4094950d210f",
"network-traffic--59de1305-f134-4796-8df7-4094950d210f",
"ipv4-addr--59de1305-f134-4796-8df7-4094950d210f",
"indicator--59de1305-2e18-4cba-a09d-3f0e950d210f",
"indicator--59de1305-60dc-45ef-b433-ade0950d210f",
"observed-data--59de1306-700c-4e36-9a47-ae14950d210f",
"network-traffic--59de1306-700c-4e36-9a47-ae14950d210f",
"ipv4-addr--59de1306-700c-4e36-9a47-ae14950d210f",
"indicator--59de1306-07dc-4522-b39a-447e950d210f",
"observed-data--59de1306-c638-4cfb-a195-fc1c950d210f",
"network-traffic--59de1306-c638-4cfb-a195-fc1c950d210f",
"ipv4-addr--59de1306-c638-4cfb-a195-fc1c950d210f",
"observed-data--59de1306-4f14-4f92-8bd0-4194950d210f",
"network-traffic--59de1306-4f14-4f92-8bd0-4194950d210f",
"ipv4-addr--59de1306-4f14-4f92-8bd0-4194950d210f",
"observed-data--59de1307-f744-4282-aac8-ad5d950d210f",
"network-traffic--59de1307-f744-4282-aac8-ad5d950d210f",
"ipv4-addr--59de1307-f744-4282-aac8-ad5d950d210f",
"observed-data--59de1307-c250-4542-9a2c-4067950d210f",
"network-traffic--59de1307-c250-4542-9a2c-4067950d210f",
"ipv4-addr--59de1307-c250-4542-9a2c-4067950d210f",
"observed-data--59de1308-5160-428d-a55e-40fa950d210f",
"network-traffic--59de1308-5160-428d-a55e-40fa950d210f",
"ipv4-addr--59de1308-5160-428d-a55e-40fa950d210f",
"observed-data--59de1308-6f4c-42e4-96da-4bac950d210f",
"network-traffic--59de1308-6f4c-42e4-96da-4bac950d210f",
"ipv4-addr--59de1308-6f4c-42e4-96da-4bac950d210f",
"observed-data--59de1309-aaf8-46b2-8edc-fc1d950d210f",
"network-traffic--59de1309-aaf8-46b2-8edc-fc1d950d210f",
"ipv4-addr--59de1309-aaf8-46b2-8edc-fc1d950d210f",
"observed-data--59de1309-c490-46ac-88d7-ae14950d210f",
"network-traffic--59de1309-c490-46ac-88d7-ae14950d210f",
"ipv4-addr--59de1309-c490-46ac-88d7-ae14950d210f",
"observed-data--59de1309-25e0-4d50-8fe3-4637950d210f",
"network-traffic--59de1309-25e0-4d50-8fe3-4637950d210f",
"ipv4-addr--59de1309-25e0-4d50-8fe3-4637950d210f",
"observed-data--59de1309-d178-4c31-8d0c-ac3b950d210f",
"network-traffic--59de1309-d178-4c31-8d0c-ac3b950d210f",
"ipv4-addr--59de1309-d178-4c31-8d0c-ac3b950d210f",
"observed-data--59de130a-2654-4d8e-885e-fc1c950d210f",
"network-traffic--59de130a-2654-4d8e-885e-fc1c950d210f",
"ipv4-addr--59de130a-2654-4d8e-885e-fc1c950d210f",
"observed-data--59de130a-cd48-4da6-8e64-4194950d210f",
"network-traffic--59de130a-cd48-4da6-8e64-4194950d210f",
"ipv4-addr--59de130a-cd48-4da6-8e64-4194950d210f",
"observed-data--59de130a-2d98-4a8d-93c5-4188950d210f",
"network-traffic--59de130a-2d98-4a8d-93c5-4188950d210f",
"ipv4-addr--59de130a-2d98-4a8d-93c5-4188950d210f",
"observed-data--59de130b-75bc-4b6e-a703-4142950d210f",
"network-traffic--59de130b-75bc-4b6e-a703-4142950d210f",
"ipv4-addr--59de130b-75bc-4b6e-a703-4142950d210f",
"observed-data--59de130b-4818-44f2-b10e-4229950d210f",
"network-traffic--59de130b-4818-44f2-b10e-4229950d210f",
"ipv4-addr--59de130b-4818-44f2-b10e-4229950d210f",
"observed-data--59de130b-ad58-400f-bf8f-498e950d210f",
"network-traffic--59de130b-ad58-400f-bf8f-498e950d210f",
"ipv4-addr--59de130b-ad58-400f-bf8f-498e950d210f",
"observed-data--59de130c-8e74-4aee-b67c-fc1d950d210f",
"network-traffic--59de130c-8e74-4aee-b67c-fc1d950d210f",
"ipv4-addr--59de130c-8e74-4aee-b67c-fc1d950d210f",
"observed-data--59de130c-c560-4073-a9d8-ae14950d210f",
"network-traffic--59de130c-c560-4073-a9d8-ae14950d210f",
"ipv4-addr--59de130c-c560-4073-a9d8-ae14950d210f",
"observed-data--59de130c-ec8c-4ad2-987d-42c1950d210f",
"network-traffic--59de130c-ec8c-4ad2-987d-42c1950d210f",
"ipv4-addr--59de130c-ec8c-4ad2-987d-42c1950d210f",
"observed-data--59de130d-bf64-454f-b7a4-49c3950d210f",
"network-traffic--59de130d-bf64-454f-b7a4-49c3950d210f",
"ipv4-addr--59de130d-bf64-454f-b7a4-49c3950d210f",
"observed-data--59de130d-c8e0-4988-8ae9-fc1c950d210f",
"network-traffic--59de130d-c8e0-4988-8ae9-fc1c950d210f",
"ipv4-addr--59de130d-c8e0-4988-8ae9-fc1c950d210f",
"observed-data--59de130d-0014-44f5-b7eb-4194950d210f",
"network-traffic--59de130d-0014-44f5-b7eb-4194950d210f",
"ipv4-addr--59de130d-0014-44f5-b7eb-4194950d210f",
"observed-data--59de130d-95a0-49b0-86a0-ad5d950d210f",
"network-traffic--59de130d-95a0-49b0-86a0-ad5d950d210f",
"ipv4-addr--59de130d-95a0-49b0-86a0-ad5d950d210f",
"observed-data--59de130e-e5ec-4c5d-be1b-4142950d210f",
"network-traffic--59de130e-e5ec-4c5d-be1b-4142950d210f",
"ipv4-addr--59de130e-e5ec-4c5d-be1b-4142950d210f",
"observed-data--59de130e-8000-462d-a8c3-42f1950d210f",
"network-traffic--59de130e-8000-462d-a8c3-42f1950d210f",
"ipv4-addr--59de130e-8000-462d-a8c3-42f1950d210f",
"observed-data--59de130e-9670-4e0e-b75f-4a46950d210f",
"network-traffic--59de130e-9670-4e0e-b75f-4a46950d210f",
"ipv4-addr--59de130e-9670-4e0e-b75f-4a46950d210f",
"observed-data--59de130f-2314-4b76-9252-3f0e950d210f",
"network-traffic--59de130f-2314-4b76-9252-3f0e950d210f",
"ipv4-addr--59de130f-2314-4b76-9252-3f0e950d210f",
"observed-data--59de130f-98bc-4e1a-87b1-ade0950d210f",
"network-traffic--59de130f-98bc-4e1a-87b1-ade0950d210f",
"ipv4-addr--59de130f-98bc-4e1a-87b1-ade0950d210f",
"observed-data--59de130f-8a44-4ed1-b173-ae14950d210f",
"network-traffic--59de130f-8a44-4ed1-b173-ae14950d210f",
"ipv4-addr--59de130f-8a44-4ed1-b173-ae14950d210f",
"observed-data--59de130f-7584-49f3-9d2a-fbb6950d210f",
"network-traffic--59de130f-7584-49f3-9d2a-fbb6950d210f",
"ipv4-addr--59de130f-7584-49f3-9d2a-fbb6950d210f",
"observed-data--59de1310-7f88-4b88-8545-ac3b950d210f",
"network-traffic--59de1310-7f88-4b88-8545-ac3b950d210f",
"ipv4-addr--59de1310-7f88-4b88-8545-ac3b950d210f",
"observed-data--59de1310-8100-42a7-8904-fc1c950d210f",
"network-traffic--59de1310-8100-42a7-8904-fc1c950d210f",
"ipv4-addr--59de1310-8100-42a7-8904-fc1c950d210f",
"indicator--59dfa923-5820-4ad2-95b3-a10802de0b81",
"indicator--59dfa923-7ed4-4684-845e-a10802de0b81",
"observed-data--59dfa923-fa70-472e-839f-a10802de0b81",
"url--59dfa923-fa70-472e-839f-a10802de0b81",
"indicator--59dfa923-6484-4697-bbd7-a10802de0b81",
"indicator--59dfa923-8108-4f54-b36c-a10802de0b81",
"observed-data--59dfa923-9e5c-46c2-b4a6-a10802de0b81",
"url--59dfa923-9e5c-46c2-b4a6-a10802de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Locky\"",
"misp-galaxy:tool=\"Trick Bot\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12cf-2490-4184-92a6-fbb6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = '6cc527a3d3297aa5d175b06b7bb6b27a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12cf-78d4-4a70-bbbd-44fd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[file:hashes.MD5 = '1a9d91c1a290ec5e36e3fc8ddac60bd5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12cf-3efc-46e9-a078-4bb9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://abdulhamit.org/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d0-c714-4833-81a0-ac3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'abdulhamit.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d0-6840-4eeb-88c9-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d0-6840-4eeb-88c9-4194950d210f",
"ipv4-addr--59de12d0-6840-4eeb-88c9-4194950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d0-6840-4eeb-88c9-4194950d210f",
"dst_ref": "ipv4-addr--59de12d0-6840-4eeb-88c9-4194950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d0-6840-4eeb-88c9-4194950d210f",
"value": "77.245.149.11"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d0-e244-49fe-9840-4188950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://bdbl.com.np/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d0-51a4-447d-95df-fc5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'bdbl.com.np']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f",
"ipv4-addr--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f",
"dst_ref": "ipv4-addr--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d1-3a5c-4fc4-a4a1-ad5d950d210f",
"value": "74.200.89.84"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d1-06d0-4051-ae42-4142950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://bnphealthcare.com/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d1-7390-45e9-9f08-4e60950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'bnphealthcare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d2-54b8-4142-8a2f-fc1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d2-54b8-4142-8a2f-fc1d950d210f",
"ipv4-addr--59de12d2-54b8-4142-8a2f-fc1d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d2-54b8-4142-8a2f-fc1d950d210f",
"dst_ref": "ipv4-addr--59de12d2-54b8-4142-8a2f-fc1d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d2-54b8-4142-8a2f-fc1d950d210f",
"value": "202.169.44.152"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d2-243c-4f7d-9d4f-ade0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://demopowerindo.com/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d3-cf60-41cf-8241-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'demopowerindo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d3-5b54-4359-9caf-ac3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d3-5b54-4359-9caf-ac3b950d210f",
"ipv4-addr--59de12d3-5b54-4359-9caf-ac3b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d3-5b54-4359-9caf-ac3b950d210f",
"dst_ref": "ipv4-addr--59de12d3-5b54-4359-9caf-ac3b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d3-5b54-4359-9caf-ac3b950d210f",
"value": "202.169.44.167"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d3-48e8-410d-adcc-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://dispjutr.nl/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d3-ca90-4afd-b630-47cd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'dispjutr.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d4-3e54-4cd3-8b8d-fc5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d4-3e54-4cd3-8b8d-fc5b950d210f",
"ipv4-addr--59de12d4-3e54-4cd3-8b8d-fc5b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d4-3e54-4cd3-8b8d-fc5b950d210f",
"dst_ref": "ipv4-addr--59de12d4-3e54-4cd3-8b8d-fc5b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d4-3e54-4cd3-8b8d-fc5b950d210f",
"value": "144.76.149.235"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d4-a624-4d4d-a073-ad5d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://globoart.es/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d4-19f8-4528-929a-4652950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'globoart.es']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d4-3324-40a0-9285-4e28950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d4-3324-40a0-9285-4e28950d210f",
"ipv4-addr--59de12d4-3324-40a0-9285-4e28950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d4-3324-40a0-9285-4e28950d210f",
"dst_ref": "ipv4-addr--59de12d4-3324-40a0-9285-4e28950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d4-3324-40a0-9285-4e28950d210f",
"value": "86.109.170.198"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d5-5120-499c-a513-4f82950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://highlandfamily.org/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d5-6814-4d97-bbca-fbb6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'highlandfamily.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d5-50d0-4d07-a2b5-ade0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d5-50d0-4d07-a2b5-ade0950d210f",
"ipv4-addr--59de12d5-50d0-4d07-a2b5-ade0950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d5-50d0-4d07-a2b5-ade0950d210f",
"dst_ref": "ipv4-addr--59de12d5-50d0-4d07-a2b5-ade0950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d5-50d0-4d07-a2b5-ade0950d210f",
"value": "98.124.252.66"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d5-7780-4b44-be12-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://holidaypools.com.au/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d6-a99c-4a4c-80dc-45eb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'holidaypools.com.au']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d7-6b9c-4f69-b65b-4188950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d7-6b9c-4f69-b65b-4188950d210f",
"ipv4-addr--59de12d7-6b9c-4f69-b65b-4188950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d7-6b9c-4f69-b65b-4188950d210f",
"dst_ref": "ipv4-addr--59de12d7-6b9c-4f69-b65b-4188950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d7-6b9c-4f69-b65b-4188950d210f",
"value": "27.50.86.12"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d7-5934-4b0e-b941-443a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://louisawong.net/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d7-b708-45eb-8d91-fbb6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'louisawong.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d8-ad80-4bba-8613-4592950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d8-ad80-4bba-8613-4592950d210f",
"ipv4-addr--59de12d8-ad80-4bba-8613-4592950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d8-ad80-4bba-8613-4592950d210f",
"dst_ref": "ipv4-addr--59de12d8-ad80-4bba-8613-4592950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d8-ad80-4bba-8613-4592950d210f",
"value": "123.242.230.63"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d8-9fd8-489b-bc66-fc5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[url:value = 'http://supremocartuchos.com/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d9-6acc-4d10-a3f8-4f3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"pattern": "[domain-name:value = 'supremocartuchos.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12d9-f9a4-4c98-843b-3f0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:49.000Z",
"modified": "2017-10-12T17:40:49.000Z",
"first_observed": "2017-10-12T17:40:49Z",
"last_observed": "2017-10-12T17:40:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12d9-f9a4-4c98-843b-3f0e950d210f",
"ipv4-addr--59de12d9-f9a4-4c98-843b-3f0e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12d9-f9a4-4c98-843b-3f0e950d210f",
"dst_ref": "ipv4-addr--59de12d9-f9a4-4c98-843b-3f0e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12d9-f9a4-4c98-843b-3f0e950d210f",
"value": "80.172.241.21"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d9-1784-47b9-ac3d-4142950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://teracom.co.id/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12d9-d9ac-4d9f-9c7a-4a3e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'teracom.co.id']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12da-5f50-4530-a218-491b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12da-5f50-4530-a218-491b950d210f",
"ipv4-addr--59de12da-5f50-4530-a218-491b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12da-5f50-4530-a218-491b950d210f",
"dst_ref": "ipv4-addr--59de12da-5f50-4530-a218-491b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12da-5f50-4530-a218-491b950d210f",
"value": "202.169.44.149"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12da-f510-4f97-bdd9-ade0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://fetchstats.net/p66/jhbfvg7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12db-4a3c-44e7-b391-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'fetchstats.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12f9-8228-4fee-a870-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://accessyouraudience.com/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12f9-3fd8-487e-8da4-4b00950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'accessyouraudience.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12f9-3d48-4a92-91fe-449f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12f9-3d48-4a92-91fe-449f950d210f",
"ipv4-addr--59de12f9-3d48-4a92-91fe-449f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12f9-3d48-4a92-91fe-449f950d210f",
"dst_ref": "ipv4-addr--59de12f9-3d48-4a92-91fe-449f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12f9-3d48-4a92-91fe-449f950d210f",
"value": "98.124.251.75"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fa-38e8-466b-b5d6-443b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://areanuova.it/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fa-4218-4da1-a1d9-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'areanuova.it']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12fa-6b60-4fde-aa13-ad5d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12fa-6b60-4fde-aa13-ad5d950d210f",
"ipv4-addr--59de12fa-6b60-4fde-aa13-ad5d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12fa-6b60-4fde-aa13-ad5d950d210f",
"dst_ref": "ipv4-addr--59de12fa-6b60-4fde-aa13-ad5d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12fa-6b60-4fde-aa13-ad5d950d210f",
"value": "85.235.130.46"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fa-1560-4f42-bcbf-49a4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://eurecas.org/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fa-1824-46ee-b827-4142950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'eurecas.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12fb-b4a8-44d2-b5a8-4aee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12fb-b4a8-44d2-b5a8-4aee950d210f",
"ipv4-addr--59de12fb-b4a8-44d2-b5a8-4aee950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12fb-b4a8-44d2-b5a8-4aee950d210f",
"dst_ref": "ipv4-addr--59de12fb-b4a8-44d2-b5a8-4aee950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12fb-b4a8-44d2-b5a8-4aee950d210f",
"value": "185.58.7.11"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fb-1b78-488a-8a8a-3f0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://georginabringas.com/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fb-9e48-4750-a840-435f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'georginabringas.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12fc-3058-4e4d-b8bc-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12fc-3058-4e4d-b8bc-ae14950d210f",
"ipv4-addr--59de12fc-3058-4e4d-b8bc-ae14950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12fc-3058-4e4d-b8bc-ae14950d210f",
"dst_ref": "ipv4-addr--59de12fc-3058-4e4d-b8bc-ae14950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12fc-3058-4e4d-b8bc-ae14950d210f",
"value": "40.76.209.29"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fc-c1b8-4135-8181-48ad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://highpressurewelding.co.uk/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fc-7e2c-4647-8461-430c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'highpressurewelding.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12fd-ded0-4413-b45c-4759950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12fd-ded0-4413-b45c-4759950d210f",
"ipv4-addr--59de12fd-ded0-4413-b45c-4759950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12fd-ded0-4413-b45c-4759950d210f",
"dst_ref": "ipv4-addr--59de12fd-ded0-4413-b45c-4759950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12fd-ded0-4413-b45c-4759950d210f",
"value": "91.192.195.51"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fd-cbc4-41c0-b92d-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://jns.co.th/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12fd-ba3c-4336-8813-ad5d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'jns.co.th']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12fe-2cc4-4d03-b513-4c8c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12fe-2cc4-4d03-b513-4c8c950d210f",
"ipv4-addr--59de12fe-2cc4-4d03-b513-4c8c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12fe-2cc4-4d03-b513-4c8c950d210f",
"dst_ref": "ipv4-addr--59de12fe-2cc4-4d03-b513-4c8c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12fe-2cc4-4d03-b513-4c8c950d210f",
"value": "203.146.43.65"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12ff-8ba4-4da5-985f-4e03950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://maule.biz/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12ff-f8a0-4f71-90e0-445f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'maule.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de12ff-116c-445d-8cda-fc1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de12ff-116c-445d-8cda-fc1d950d210f",
"ipv4-addr--59de12ff-116c-445d-8cda-fc1d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de12ff-116c-445d-8cda-fc1d950d210f",
"dst_ref": "ipv4-addr--59de12ff-116c-445d-8cda-fc1d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de12ff-116c-445d-8cda-fc1d950d210f",
"value": "98.124.251.176"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12ff-132c-4d95-9bce-fbb6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://missinglynxsystems.com/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de12ff-0364-4d36-9379-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'missinglynxsystems.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1300-3718-4c5f-a436-ac3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1300-3718-4c5f-a436-ac3b950d210f",
"ipv4-addr--59de1300-3718-4c5f-a436-ac3b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1300-3718-4c5f-a436-ac3b950d210f",
"dst_ref": "ipv4-addr--59de1300-3718-4c5f-a436-ac3b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1300-3718-4c5f-a436-ac3b950d210f",
"value": "66.36.173.181"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1300-2d88-4fe9-b7ec-fc1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://old.tuttoggi.info/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1300-4940-496f-9583-400a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'old.tuttoggi.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1301-c154-4009-9434-fc5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1301-c154-4009-9434-fc5b950d210f",
"ipv4-addr--59de1301-c154-4009-9434-fc5b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1301-c154-4009-9434-fc5b950d210f",
"dst_ref": "ipv4-addr--59de1301-c154-4009-9434-fc5b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1301-c154-4009-9434-fc5b950d210f",
"value": "66.71.182.143"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1301-cd38-48e0-a8c3-401a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://pdj.co.id/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1301-0ad4-4cee-981c-4188950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'pdj.co.id']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1302-ef64-4a89-bd10-4c93950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1302-ef64-4a89-bd10-4c93950d210f",
"ipv4-addr--59de1302-ef64-4a89-bd10-4c93950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1302-ef64-4a89-bd10-4c93950d210f",
"dst_ref": "ipv4-addr--59de1302-ef64-4a89-bd10-4c93950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1302-ef64-4a89-bd10-4c93950d210f",
"value": "202.169.44.166"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1302-33d4-4112-89de-4c5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://resortphotographics.com/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1302-59ec-4bf0-9734-fc1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'resortphotographics.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1303-03d0-42bd-8bc6-fbb6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1303-03d0-42bd-8bc6-fbb6950d210f",
"ipv4-addr--59de1303-03d0-42bd-8bc6-fbb6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1303-03d0-42bd-8bc6-fbb6950d210f",
"dst_ref": "ipv4-addr--59de1303-03d0-42bd-8bc6-fbb6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1303-03d0-42bd-8bc6-fbb6950d210f",
"value": "68.171.62.61"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1303-18e8-462d-84a8-49ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://team-bobcat.org/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1303-6fcc-4d37-9038-ac3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'team-bobcat.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1304-ef7c-4b24-a1fd-fc1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1304-ef7c-4b24-a1fd-fc1c950d210f",
"ipv4-addr--59de1304-ef7c-4b24-a1fd-fc1c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1304-ef7c-4b24-a1fd-fc1c950d210f",
"dst_ref": "ipv4-addr--59de1304-ef7c-4b24-a1fd-fc1c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1304-ef7c-4b24-a1fd-fc1c950d210f",
"value": "212.224.65.254"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1304-ebc4-4f2c-a33c-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://t-plesk.com/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1304-36d0-49b7-bdb0-ad5d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 't-plesk.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1304-ab68-44f5-8ca0-4188950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1304-ab68-44f5-8ca0-4188950d210f",
"ipv4-addr--59de1304-ab68-44f5-8ca0-4188950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1304-ab68-44f5-8ca0-4188950d210f",
"dst_ref": "ipv4-addr--59de1304-ab68-44f5-8ca0-4188950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1304-ab68-44f5-8ca0-4188950d210f",
"value": "77.92.99.9"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1304-30dc-424a-a0c6-4142950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://vithos.de/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1305-c410-4ccd-ab6c-4a30950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'vithos.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1305-f134-4796-8df7-4094950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1305-f134-4796-8df7-4094950d210f",
"ipv4-addr--59de1305-f134-4796-8df7-4094950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1305-f134-4796-8df7-4094950d210f",
"dst_ref": "ipv4-addr--59de1305-f134-4796-8df7-4094950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1305-f134-4796-8df7-4094950d210f",
"value": "87.106.30.57"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1305-2e18-4cba-a09d-3f0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://wiskundebijles.nu/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1305-60dc-45ef-b433-ade0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[domain-name:value = 'wiskundebijles.nu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1306-700c-4e36-9a47-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1306-700c-4e36-9a47-ae14950d210f",
"ipv4-addr--59de1306-700c-4e36-9a47-ae14950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1306-700c-4e36-9a47-ae14950d210f",
"dst_ref": "ipv4-addr--59de1306-700c-4e36-9a47-ae14950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1306-700c-4e36-9a47-ae14950d210f",
"value": "37.48.73.139"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59de1306-07dc-4522-b39a-447e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"pattern": "[url:value = 'http://fetchstats.net/p66/8y6ghhfg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1306-c638-4cfb-a195-fc1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1306-c638-4cfb-a195-fc1c950d210f",
"ipv4-addr--59de1306-c638-4cfb-a195-fc1c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1306-c638-4cfb-a195-fc1c950d210f",
"dst_ref": "ipv4-addr--59de1306-c638-4cfb-a195-fc1c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1306-c638-4cfb-a195-fc1c950d210f",
"value": "91.83.88.51"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1306-4f14-4f92-8bd0-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1306-4f14-4f92-8bd0-4194950d210f",
"ipv4-addr--59de1306-4f14-4f92-8bd0-4194950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1306-4f14-4f92-8bd0-4194950d210f",
"dst_ref": "ipv4-addr--59de1306-4f14-4f92-8bd0-4194950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1306-4f14-4f92-8bd0-4194950d210f",
"value": "46.237.117.193"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1307-f744-4282-aac8-ad5d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1307-f744-4282-aac8-ad5d950d210f",
"ipv4-addr--59de1307-f744-4282-aac8-ad5d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1307-f744-4282-aac8-ad5d950d210f",
"dst_ref": "ipv4-addr--59de1307-f744-4282-aac8-ad5d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1307-f744-4282-aac8-ad5d950d210f",
"value": "79.170.7.139"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1307-c250-4542-9a2c-4067950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:50.000Z",
"modified": "2017-10-12T17:40:50.000Z",
"first_observed": "2017-10-12T17:40:50Z",
"last_observed": "2017-10-12T17:40:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1307-c250-4542-9a2c-4067950d210f",
"ipv4-addr--59de1307-c250-4542-9a2c-4067950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1307-c250-4542-9a2c-4067950d210f",
"dst_ref": "ipv4-addr--59de1307-c250-4542-9a2c-4067950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1307-c250-4542-9a2c-4067950d210f",
"value": "41.57.103.218"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1308-5160-428d-a55e-40fa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1308-5160-428d-a55e-40fa950d210f",
"ipv4-addr--59de1308-5160-428d-a55e-40fa950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1308-5160-428d-a55e-40fa950d210f",
"dst_ref": "ipv4-addr--59de1308-5160-428d-a55e-40fa950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1308-5160-428d-a55e-40fa950d210f",
"value": "196.202.194.202"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1308-6f4c-42e4-96da-4bac950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1308-6f4c-42e4-96da-4bac950d210f",
"ipv4-addr--59de1308-6f4c-42e4-96da-4bac950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1308-6f4c-42e4-96da-4bac950d210f",
"dst_ref": "ipv4-addr--59de1308-6f4c-42e4-96da-4bac950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1308-6f4c-42e4-96da-4bac950d210f",
"value": "46.20.56.239"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1309-aaf8-46b2-8edc-fc1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1309-aaf8-46b2-8edc-fc1d950d210f",
"ipv4-addr--59de1309-aaf8-46b2-8edc-fc1d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1309-aaf8-46b2-8edc-fc1d950d210f",
"dst_ref": "ipv4-addr--59de1309-aaf8-46b2-8edc-fc1d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1309-aaf8-46b2-8edc-fc1d950d210f",
"value": "176.120.126.21"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1309-c490-46ac-88d7-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1309-c490-46ac-88d7-ae14950d210f",
"ipv4-addr--59de1309-c490-46ac-88d7-ae14950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1309-c490-46ac-88d7-ae14950d210f",
"dst_ref": "ipv4-addr--59de1309-c490-46ac-88d7-ae14950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1309-c490-46ac-88d7-ae14950d210f",
"value": "91.239.249.118"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1309-25e0-4d50-8fe3-4637950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1309-25e0-4d50-8fe3-4637950d210f",
"ipv4-addr--59de1309-25e0-4d50-8fe3-4637950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1309-25e0-4d50-8fe3-4637950d210f",
"dst_ref": "ipv4-addr--59de1309-25e0-4d50-8fe3-4637950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1309-25e0-4d50-8fe3-4637950d210f",
"value": "194.87.103.184"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1309-d178-4c31-8d0c-ac3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1309-d178-4c31-8d0c-ac3b950d210f",
"ipv4-addr--59de1309-d178-4c31-8d0c-ac3b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1309-d178-4c31-8d0c-ac3b950d210f",
"dst_ref": "ipv4-addr--59de1309-d178-4c31-8d0c-ac3b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1309-d178-4c31-8d0c-ac3b950d210f",
"value": "92.63.102.64"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130a-2654-4d8e-885e-fc1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130a-2654-4d8e-885e-fc1c950d210f",
"ipv4-addr--59de130a-2654-4d8e-885e-fc1c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130a-2654-4d8e-885e-fc1c950d210f",
"dst_ref": "ipv4-addr--59de130a-2654-4d8e-885e-fc1c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130a-2654-4d8e-885e-fc1c950d210f",
"value": "194.87.238.53"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130a-cd48-4da6-8e64-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130a-cd48-4da6-8e64-4194950d210f",
"ipv4-addr--59de130a-cd48-4da6-8e64-4194950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130a-cd48-4da6-8e64-4194950d210f",
"dst_ref": "ipv4-addr--59de130a-cd48-4da6-8e64-4194950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130a-cd48-4da6-8e64-4194950d210f",
"value": "92.63.102.159"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130a-2d98-4a8d-93c5-4188950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130a-2d98-4a8d-93c5-4188950d210f",
"ipv4-addr--59de130a-2d98-4a8d-93c5-4188950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130a-2d98-4a8d-93c5-4188950d210f",
"dst_ref": "ipv4-addr--59de130a-2d98-4a8d-93c5-4188950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130a-2d98-4a8d-93c5-4188950d210f",
"value": "194.87.232.219"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130b-75bc-4b6e-a703-4142950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130b-75bc-4b6e-a703-4142950d210f",
"ipv4-addr--59de130b-75bc-4b6e-a703-4142950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130b-75bc-4b6e-a703-4142950d210f",
"dst_ref": "ipv4-addr--59de130b-75bc-4b6e-a703-4142950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130b-75bc-4b6e-a703-4142950d210f",
"value": "149.154.69.70"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130b-4818-44f2-b10e-4229950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130b-4818-44f2-b10e-4229950d210f",
"ipv4-addr--59de130b-4818-44f2-b10e-4229950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130b-4818-44f2-b10e-4229950d210f",
"dst_ref": "ipv4-addr--59de130b-4818-44f2-b10e-4229950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130b-4818-44f2-b10e-4229950d210f",
"value": "78.24.223.153"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130b-ad58-400f-bf8f-498e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130b-ad58-400f-bf8f-498e950d210f",
"ipv4-addr--59de130b-ad58-400f-bf8f-498e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130b-ad58-400f-bf8f-498e950d210f",
"dst_ref": "ipv4-addr--59de130b-ad58-400f-bf8f-498e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130b-ad58-400f-bf8f-498e950d210f",
"value": "194.87.92.207"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130c-8e74-4aee-b67c-fc1d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130c-8e74-4aee-b67c-fc1d950d210f",
"ipv4-addr--59de130c-8e74-4aee-b67c-fc1d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130c-8e74-4aee-b67c-fc1d950d210f",
"dst_ref": "ipv4-addr--59de130c-8e74-4aee-b67c-fc1d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130c-8e74-4aee-b67c-fc1d950d210f",
"value": "194.87.94.239"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130c-c560-4073-a9d8-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130c-c560-4073-a9d8-ae14950d210f",
"ipv4-addr--59de130c-c560-4073-a9d8-ae14950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130c-c560-4073-a9d8-ae14950d210f",
"dst_ref": "ipv4-addr--59de130c-c560-4073-a9d8-ae14950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130c-c560-4073-a9d8-ae14950d210f",
"value": "195.133.147.238"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130c-ec8c-4ad2-987d-42c1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130c-ec8c-4ad2-987d-42c1950d210f",
"ipv4-addr--59de130c-ec8c-4ad2-987d-42c1950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130c-ec8c-4ad2-987d-42c1950d210f",
"dst_ref": "ipv4-addr--59de130c-ec8c-4ad2-987d-42c1950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130c-ec8c-4ad2-987d-42c1950d210f",
"value": "62.109.15.132"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130d-bf64-454f-b7a4-49c3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130d-bf64-454f-b7a4-49c3950d210f",
"ipv4-addr--59de130d-bf64-454f-b7a4-49c3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130d-bf64-454f-b7a4-49c3950d210f",
"dst_ref": "ipv4-addr--59de130d-bf64-454f-b7a4-49c3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130d-bf64-454f-b7a4-49c3950d210f",
"value": "194.87.236.240"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130d-c8e0-4988-8ae9-fc1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130d-c8e0-4988-8ae9-fc1c950d210f",
"ipv4-addr--59de130d-c8e0-4988-8ae9-fc1c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130d-c8e0-4988-8ae9-fc1c950d210f",
"dst_ref": "ipv4-addr--59de130d-c8e0-4988-8ae9-fc1c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130d-c8e0-4988-8ae9-fc1c950d210f",
"value": "62.109.6.237"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130d-0014-44f5-b7eb-4194950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130d-0014-44f5-b7eb-4194950d210f",
"ipv4-addr--59de130d-0014-44f5-b7eb-4194950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130d-0014-44f5-b7eb-4194950d210f",
"dst_ref": "ipv4-addr--59de130d-0014-44f5-b7eb-4194950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130d-0014-44f5-b7eb-4194950d210f",
"value": "149.154.69.47"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130d-95a0-49b0-86a0-ad5d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130d-95a0-49b0-86a0-ad5d950d210f",
"ipv4-addr--59de130d-95a0-49b0-86a0-ad5d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130d-95a0-49b0-86a0-ad5d950d210f",
"dst_ref": "ipv4-addr--59de130d-95a0-49b0-86a0-ad5d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130d-95a0-49b0-86a0-ad5d950d210f",
"value": "82.146.47.121"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130e-e5ec-4c5d-be1b-4142950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130e-e5ec-4c5d-be1b-4142950d210f",
"ipv4-addr--59de130e-e5ec-4c5d-be1b-4142950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130e-e5ec-4c5d-be1b-4142950d210f",
"dst_ref": "ipv4-addr--59de130e-e5ec-4c5d-be1b-4142950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130e-e5ec-4c5d-be1b-4142950d210f",
"value": "78.24.216.250"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130e-8000-462d-a8c3-42f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130e-8000-462d-a8c3-42f1950d210f",
"ipv4-addr--59de130e-8000-462d-a8c3-42f1950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130e-8000-462d-a8c3-42f1950d210f",
"dst_ref": "ipv4-addr--59de130e-8000-462d-a8c3-42f1950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130e-8000-462d-a8c3-42f1950d210f",
"value": "82.146.56.218"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130e-9670-4e0e-b75f-4a46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130e-9670-4e0e-b75f-4a46950d210f",
"ipv4-addr--59de130e-9670-4e0e-b75f-4a46950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130e-9670-4e0e-b75f-4a46950d210f",
"dst_ref": "ipv4-addr--59de130e-9670-4e0e-b75f-4a46950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130e-9670-4e0e-b75f-4a46950d210f",
"value": "185.159.131.198"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130f-2314-4b76-9252-3f0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130f-2314-4b76-9252-3f0e950d210f",
"ipv4-addr--59de130f-2314-4b76-9252-3f0e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130f-2314-4b76-9252-3f0e950d210f",
"dst_ref": "ipv4-addr--59de130f-2314-4b76-9252-3f0e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130f-2314-4b76-9252-3f0e950d210f",
"value": "194.87.146.32"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130f-98bc-4e1a-87b1-ade0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130f-98bc-4e1a-87b1-ade0950d210f",
"ipv4-addr--59de130f-98bc-4e1a-87b1-ade0950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130f-98bc-4e1a-87b1-ade0950d210f",
"dst_ref": "ipv4-addr--59de130f-98bc-4e1a-87b1-ade0950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130f-98bc-4e1a-87b1-ade0950d210f",
"value": "5.133.179.77"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130f-8a44-4ed1-b173-ae14950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130f-8a44-4ed1-b173-ae14950d210f",
"ipv4-addr--59de130f-8a44-4ed1-b173-ae14950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130f-8a44-4ed1-b173-ae14950d210f",
"dst_ref": "ipv4-addr--59de130f-8a44-4ed1-b173-ae14950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130f-8a44-4ed1-b173-ae14950d210f",
"value": "94.242.224.214"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de130f-7584-49f3-9d2a-fbb6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de130f-7584-49f3-9d2a-fbb6950d210f",
"ipv4-addr--59de130f-7584-49f3-9d2a-fbb6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de130f-7584-49f3-9d2a-fbb6950d210f",
"dst_ref": "ipv4-addr--59de130f-7584-49f3-9d2a-fbb6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de130f-7584-49f3-9d2a-fbb6950d210f",
"value": "194.87.92.242"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1310-7f88-4b88-8545-ac3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1310-7f88-4b88-8545-ac3b950d210f",
"ipv4-addr--59de1310-7f88-4b88-8545-ac3b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1310-7f88-4b88-8545-ac3b950d210f",
"dst_ref": "ipv4-addr--59de1310-7f88-4b88-8545-ac3b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1310-7f88-4b88-8545-ac3b950d210f",
"value": "195.133.146.236"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59de1310-8100-42a7-8904-fc1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59de1310-8100-42a7-8904-fc1c950d210f",
"ipv4-addr--59de1310-8100-42a7-8904-fc1c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59de1310-8100-42a7-8904-fc1c950d210f",
"dst_ref": "ipv4-addr--59de1310-8100-42a7-8904-fc1c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59de1310-8100-42a7-8904-fc1c950d210f",
"value": "193.124.117.238"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dfa923-5820-4ad2-95b3-a10802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"description": "- Xchecked via VT: 1a9d91c1a290ec5e36e3fc8ddac60bd5",
"pattern": "[file:hashes.SHA256 = 'a1183310a389c528fafd288d574307db2bb9dba7358bae50a08cee4cddaaecf0']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dfa923-7ed4-4684-845e-a10802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"description": "- Xchecked via VT: 1a9d91c1a290ec5e36e3fc8ddac60bd5",
"pattern": "[file:hashes.SHA1 = '8808d159cf0178687e068c1b3f914a0faec06c6a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dfa923-fa70-472e-839f-a10802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"url--59dfa923-fa70-472e-839f-a10802de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59dfa923-fa70-472e-839f-a10802de0b81",
"value": "https://www.virustotal.com/file/a1183310a389c528fafd288d574307db2bb9dba7358bae50a08cee4cddaaecf0/analysis/1507726127/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dfa923-6484-4697-bbd7-a10802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"description": "- Xchecked via VT: 6cc527a3d3297aa5d175b06b7bb6b27a",
"pattern": "[file:hashes.SHA256 = '15bbdae2a95fb65dd3cbc280bf63fb2e172fd3cf37384f3a0f96c2fd83f905c6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59dfa923-8108-4f54-b36c-a10802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"description": "- Xchecked via VT: 6cc527a3d3297aa5d175b06b7bb6b27a",
"pattern": "[file:hashes.SHA1 = 'cb536c8d40b0e75ddb76702ba90791f738694a75']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-12T17:40:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59dfa923-9e5c-46c2-b4a6-a10802de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-12T17:40:51.000Z",
"modified": "2017-10-12T17:40:51.000Z",
"first_observed": "2017-10-12T17:40:51Z",
"last_observed": "2017-10-12T17:40:51Z",
"number_observed": 1,
"object_refs": [
"url--59dfa923-9e5c-46c2-b4a6-a10802de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59dfa923-9e5c-46c2-b4a6-a10802de0b81",
"value": "https://www.virustotal.com/file/15bbdae2a95fb65dd3cbc280bf63fb2e172fd3cf37384f3a0f96c2fd83f905c6/analysis/1507777609/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink