adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5c18091d-d158-41aa-88c7-4692950d210f.json

2081 lines
No EOL
84 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--5c18091d-d158-41aa-88c7-4692950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:44:58.000Z",
"modified": "2018-12-17T20:44:58.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5c18091d-d158-41aa-88c7-4692950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:44:58.000Z",
"modified": "2018-12-17T20:44:58.000Z",
"name": "OSINT - The Return of The Charming Kitten",
"published": "2018-12-17T20:45:11Z",
"object_refs": [
"observed-data--5c180964-4e10-4189-aa57-4685950d210f",
"url--5c180964-4e10-4189-aa57-4685950d210f",
"x-misp-attribute--5c180987-3da0-4715-b69b-498c950d210f",
"indicator--5c180a1b-2ca8-432c-b105-4d0c950d210f",
"indicator--5c180a1d-c488-45b5-8d5e-4247950d210f",
"indicator--5c180a1e-13d0-4489-b976-4c0d950d210f",
"indicator--5c180a1f-d0b8-4823-819e-4bd5950d210f",
"indicator--5c180a20-8ebc-462e-ae17-4eb3950d210f",
"indicator--5c180a22-28e4-4fc7-aaa0-4e0a950d210f",
"indicator--5c180a23-64d4-4f63-9505-4c89950d210f",
"indicator--5c180a24-8308-4a44-8df0-47ec950d210f",
"indicator--5c180a26-a904-4be3-9282-4660950d210f",
"indicator--5c180a27-b4a8-4b09-bd4c-4ec2950d210f",
"indicator--5c180a27-94a4-4681-99dd-446c950d210f",
"indicator--5c180a28-3c24-4a25-b1e9-46ce950d210f",
"indicator--5c180a28-dee0-437f-8024-4e93950d210f",
"indicator--5c180a29-d948-417a-a429-4617950d210f",
"indicator--5c180a29-623c-4e02-941c-4b94950d210f",
"indicator--5c180a29-87c8-4dfd-b299-4683950d210f",
"indicator--5c180a2a-1514-473e-84bf-48e3950d210f",
"indicator--5c180a2a-3dfc-4442-aa2c-40d4950d210f",
"indicator--5c180a2b-c934-4047-9b06-4ddb950d210f",
"indicator--5c180a2b-615c-4cb4-b783-49b8950d210f",
"indicator--5c180a2c-5fc0-468f-9a7b-4b3b950d210f",
"indicator--5c180a2c-5ca4-46a6-942c-4c57950d210f",
"indicator--5c180a2d-955c-4009-ac98-490f950d210f",
"indicator--5c180a2d-835c-423b-b744-4caf950d210f",
"indicator--5c180a2e-71e4-47fe-bcb4-4079950d210f",
"indicator--5c180a2e-4d94-4a0c-aefe-4447950d210f",
"indicator--5c180a2e-f76c-4bd0-861d-48d0950d210f",
"indicator--5c180a2f-f8a4-4f92-92fa-4cc6950d210f",
"indicator--5c180a2f-838c-4a83-93a3-42f6950d210f",
"indicator--5c180a30-7724-44c1-83a3-4df7950d210f",
"indicator--5c180a30-8f0c-4a1e-930c-439f950d210f",
"indicator--5c180a31-4604-43df-aa60-4822950d210f",
"indicator--5c180a31-6cf4-4e8a-b6b3-4033950d210f",
"indicator--5c180a32-b96c-4692-9c9d-4883950d210f",
"indicator--5c180a32-9f34-438b-a2c3-4539950d210f",
"indicator--5c180a33-5000-4a32-90e9-47d8950d210f",
"indicator--5c180a33-a610-44c9-b811-433c950d210f",
"indicator--5c180a34-2f0c-4679-b8ef-4d1f950d210f",
"indicator--5c180a34-97e0-42c9-9ee0-49ed950d210f",
"indicator--5c180a34-74a0-464e-b821-4b8b950d210f",
"indicator--5c180a35-2fec-4496-ba64-43cb950d210f",
"indicator--5c180a35-733c-414d-bca8-4060950d210f",
"indicator--5c180a36-16d4-4755-a27d-493d950d210f",
"indicator--5c180a36-ae74-471f-a417-4cd5950d210f",
"indicator--5c180a37-30b0-4c44-bfde-479c950d210f",
"indicator--5c180a38-f69c-490a-9371-48ec950d210f",
"indicator--5c180a38-d84c-44b9-b9a0-419c950d210f",
"indicator--5c180a39-bf3c-4957-aa12-410d950d210f",
"indicator--5c180a39-0e84-450b-a010-4743950d210f",
"indicator--5c180a3a-e9e4-4a35-9236-4c9b950d210f",
"indicator--5c180a3a-edb4-470d-a573-4bb6950d210f",
"indicator--5c180a3b-377c-4067-bc6d-4f48950d210f",
"indicator--5c180a3b-a670-456f-a552-438d950d210f",
"indicator--5c180a3c-5cd0-46fe-9b40-4e15950d210f",
"indicator--5c180a3c-99e8-44e8-af12-4db5950d210f",
"indicator--5c180a3d-67f8-42ba-a30b-4e60950d210f",
"indicator--5c180a3d-fb3c-4c30-906a-41c7950d210f",
"indicator--5c180a3d-01bc-448c-a56c-4f0c950d210f",
"indicator--5c180a3e-b674-4eda-b244-4ccd950d210f",
"indicator--5c180a3e-322c-4fcf-8621-4ee3950d210f",
"indicator--5c180a3f-10e4-4cae-b8a6-4107950d210f",
"indicator--5c180a3f-707c-4a70-a2f4-4af5950d210f",
"indicator--5c180a40-82e4-4b15-ab28-4849950d210f",
"indicator--5c180a40-7db0-4b32-8706-4c1a950d210f",
"indicator--5c180a41-90dc-4962-8feb-4d85950d210f",
"indicator--5c180a41-f198-481f-95ba-454f950d210f",
"indicator--5c180a41-fa24-445c-8161-4c6b950d210f",
"indicator--5c180a42-3694-4965-9260-4f92950d210f",
"indicator--5c180a42-3208-42cc-9332-44b3950d210f",
"indicator--5c180a43-f5e4-46ac-b565-43c0950d210f",
"indicator--5c180a43-9a2c-478a-b77e-4977950d210f",
"indicator--5c180a44-085c-4aca-a0bf-43d0950d210f",
"indicator--5c180a44-7c4c-425c-ae6d-44a6950d210f",
"indicator--5c180a45-9334-4b84-97a7-472c950d210f",
"indicator--5c180a45-145c-4389-bd86-4298950d210f",
"indicator--5c180a46-7180-4780-ba2d-45cb950d210f",
"indicator--5c180a46-5a14-4b04-80b3-45b8950d210f",
"indicator--5c180a47-49d0-47a6-9c89-40de950d210f",
"indicator--5c180a47-8b30-4af4-bd3f-43ec950d210f",
"indicator--5c180a47-3c6c-4e1c-9d39-4b50950d210f",
"indicator--5c180a48-c034-48f8-a247-4205950d210f",
"indicator--5c180a48-8990-4724-acaa-4110950d210f",
"indicator--5c180a49-5600-49ec-ba9a-49d3950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"osint:source-type=\"blog-post\"",
"misp-galaxy:threat-actor=\"Charming Kitten\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5c180964-4e10-4189-aa57-4685950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:39:00.000Z",
"modified": "2018-12-17T20:39:00.000Z",
"first_observed": "2018-12-17T20:39:00Z",
"last_observed": "2018-12-17T20:39:00Z",
"number_observed": 1,
"object_refs": [
"url--5c180964-4e10-4189-aa57-4685950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5c180964-4e10-4189-aa57-4685950d210f",
"value": "https://blog.certfa.com/posts/the-return-of-the-charming-kitten/"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5c180987-3da0-4715-b69b-498c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:39:35.000Z",
"modified": "2018-12-17T20:39:35.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Phishing attacks are the most common form of infiltration used by Iranian state-backed hackers to gain access into accounts. Certfa reviews the latest campaign of phishing attacks that has been carried out and dubbed as \u00e2\u20ac\u0153The Return of The Charming Kitten\u00e2\u20ac\u009d.\r\n\r\nIn this campaign, hackers have targeted individuals who are involved in economic and military sanctions against the Islamic Republic of Iran as well as politicians, civil and human rights activists and journalists around the world.\r\n\r\nOur review in Certfa demonstrates that the hackers - knowing that their victims use two-step verification - target verification codes and also their email accounts such as Yahoo! and Gmail. As a result, Certfa believes the safest existing way to confront these attacks is using Security Keys such as YubiKey."
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a1b-2ca8-432c-b105-4d0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:03.000Z",
"modified": "2018-12-17T20:42:03.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.162.132.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a1d-c488-45b5-8d5e-4247950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:05.000Z",
"modified": "2018-12-17T20:42:05.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.2.154.34']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a1e-13d0-4489-b976-4c0d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:06.000Z",
"modified": "2018-12-17T20:42:06.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.2.154.35']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a1f-d0b8-4823-819e-4bd5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:07.000Z",
"modified": "2018-12-17T20:42:07.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.2.154.36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a20-8ebc-462e-ae17-4eb3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:08.000Z",
"modified": "2018-12-17T20:42:08.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.2.154.38']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a22-28e4-4fc7-aaa0-4e0a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:10.000Z",
"modified": "2018-12-17T20:42:10.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.166.151.211']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a23-64d4-4f63-9505-4c89950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:11.000Z",
"modified": "2018-12-17T20:42:11.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.38.87.64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a24-8308-4a44-8df0-47ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:12.000Z",
"modified": "2018-12-17T20:42:12.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.38.87.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a26-a904-4be3-9282-4660950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:14.000Z",
"modified": "2018-12-17T20:42:14.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.68.185.96']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a27-b4a8-4b09-bd4c-4ec2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:15.000Z",
"modified": "2018-12-17T20:42:15.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.38.107.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a27-94a4-4681-99dd-446c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:15.000Z",
"modified": "2018-12-17T20:42:15.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.189.45']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a28-3c24-4a25-b1e9-46ce950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:16.000Z",
"modified": "2018-12-17T20:42:16.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.189.46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a28-dee0-437f-8024-4e93950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:16.000Z",
"modified": "2018-12-17T20:42:16.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '95.211.189.47']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a29-d948-417a-a429-4617950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:17.000Z",
"modified": "2018-12-17T20:42:17.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '213.227.139.148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a29-623c-4e02-941c-4b94950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:17.000Z",
"modified": "2018-12-17T20:42:17.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '54.37.241.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a29-87c8-4dfd-b299-4683950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:17.000Z",
"modified": "2018-12-17T20:42:17.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '54.38.144.250']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2a-1514-473e-84bf-48e3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:18.000Z",
"modified": "2018-12-17T20:42:18.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '54.38.144.251']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2a-3dfc-4442-aa2c-40d4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:18.000Z",
"modified": "2018-12-17T20:42:18.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '54.38.144.252']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2b-c934-4047-9b06-4ddb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:19.000Z",
"modified": "2018-12-17T20:42:19.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.17.127.172']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2b-615c-4cb4-b783-49b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:19.000Z",
"modified": "2018-12-17T20:42:19.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.17.127.173']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2c-5fc0-468f-9a7b-4b3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:20.000Z",
"modified": "2018-12-17T20:42:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.17.127.174']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2c-5ca4-46a6-942c-4c57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:20.000Z",
"modified": "2018-12-17T20:42:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.17.127.175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2d-955c-4009-ac98-490f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:21.000Z",
"modified": "2018-12-17T20:42:21.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '89.198.179.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2d-835c-423b-b744-4caf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:21.000Z",
"modified": "2018-12-17T20:42:21.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '31.2.213.18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2e-71e4-47fe-bcb4-4079950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:22.000Z",
"modified": "2018-12-17T20:42:22.000Z",
"pattern": "[domain-name:value = 'accounts-support.services']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2e-4d94-4a0c-aefe-4447950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:22.000Z",
"modified": "2018-12-17T20:42:22.000Z",
"pattern": "[domain-name:value = 'broadcast-news.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2e-f76c-4bd0-861d-48d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:22.000Z",
"modified": "2018-12-17T20:42:22.000Z",
"pattern": "[domain-name:value = 'broadcastnews.pro']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2f-f8a4-4f92-92fa-4cc6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:23.000Z",
"modified": "2018-12-17T20:42:23.000Z",
"pattern": "[domain-name:value = 'com-identifier-servicelog.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a2f-838c-4a83-93a3-42f6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:23.000Z",
"modified": "2018-12-17T20:42:23.000Z",
"pattern": "[domain-name:value = 'com-identifier-servicelog.name']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a30-7724-44c1-83a3-4df7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:24.000Z",
"modified": "2018-12-17T20:42:24.000Z",
"pattern": "[domain-name:value = 'com-identifier-userservicelog.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a30-8f0c-4a1e-930c-439f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:24.000Z",
"modified": "2018-12-17T20:42:24.000Z",
"pattern": "[domain-name:value = 'confirm-session-identification.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a31-4604-43df-aa60-4822950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:25.000Z",
"modified": "2018-12-17T20:42:25.000Z",
"pattern": "[domain-name:value = 'confirm-session-identifier.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a31-6cf4-4e8a-b6b3-4033950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:25.000Z",
"modified": "2018-12-17T20:42:25.000Z",
"pattern": "[domain-name:value = 'confirmation-service.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a32-b96c-4692-9c9d-4883950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:26.000Z",
"modified": "2018-12-17T20:42:26.000Z",
"pattern": "[domain-name:value = 'customer-recovery.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a32-9f34-438b-a2c3-4539950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:26.000Z",
"modified": "2018-12-17T20:42:26.000Z",
"pattern": "[domain-name:value = 'customize-identity.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a33-5000-4a32-90e9-47d8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:27.000Z",
"modified": "2018-12-17T20:42:27.000Z",
"pattern": "[domain-name:value = 'document-share.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a33-a610-44c9-b811-433c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:27.000Z",
"modified": "2018-12-17T20:42:27.000Z",
"pattern": "[domain-name:value = 'document.support-recoverycustomers.services']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a34-2f0c-4679-b8ef-4d1f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:28.000Z",
"modified": "2018-12-17T20:42:28.000Z",
"pattern": "[domain-name:value = 'documentofficupdate.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a34-97e0-42c9-9ee0-49ed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:28.000Z",
"modified": "2018-12-17T20:42:28.000Z",
"pattern": "[domain-name:value = 'documents.accounts-support.services']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a34-74a0-464e-b821-4b8b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:28.000Z",
"modified": "2018-12-17T20:42:28.000Z",
"pattern": "[domain-name:value = 'documentsfilesharing.cloud']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a35-2fec-4496-ba64-43cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:29.000Z",
"modified": "2018-12-17T20:42:29.000Z",
"pattern": "[domain-name:value = 'email-delivery.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a35-733c-414d-bca8-4060950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:29.000Z",
"modified": "2018-12-17T20:42:29.000Z",
"pattern": "[domain-name:value = 'mobile-sessionid.customize-identity.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a36-16d4-4755-a27d-493d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:30.000Z",
"modified": "2018-12-17T20:42:30.000Z",
"pattern": "[domain-name:value = 'mobiles-sessionid.customize-identity.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a36-ae74-471f-a417-4cd5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:30.000Z",
"modified": "2018-12-17T20:42:30.000Z",
"pattern": "[domain-name:value = 'my-scribdinc.online']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a37-30b0-4c44-bfde-479c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:31.000Z",
"modified": "2018-12-17T20:42:31.000Z",
"pattern": "[domain-name:value = 'myyahoo.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a38-f69c-490a-9371-48ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:32.000Z",
"modified": "2018-12-17T20:42:32.000Z",
"pattern": "[domain-name:value = 'notificationapp.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a38-d84c-44b9-b9a0-419c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:32.000Z",
"modified": "2018-12-17T20:42:32.000Z",
"pattern": "[domain-name:value = 'onlinemessenger.com-identifier-servicelog.name']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a39-bf3c-4957-aa12-410d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:33.000Z",
"modified": "2018-12-17T20:42:33.000Z",
"pattern": "[domain-name:value = 'podcastmedia.online']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a39-0e84-450b-a010-4743950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:33.000Z",
"modified": "2018-12-17T20:42:33.000Z",
"pattern": "[domain-name:value = 'recoveryusercustomer.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3a-e9e4-4a35-9236-4c9b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:34.000Z",
"modified": "2018-12-17T20:42:34.000Z",
"pattern": "[domain-name:value = 'session-management.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3a-edb4-470d-a573-4bb6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:34.000Z",
"modified": "2018-12-17T20:42:34.000Z",
"pattern": "[domain-name:value = 'support-recoverycustomers.services']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3b-377c-4067-bc6d-4f48950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:35.000Z",
"modified": "2018-12-17T20:42:35.000Z",
"pattern": "[domain-name:value = 'continue-session-identifier.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3b-a670-456f-a552-438d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:35.000Z",
"modified": "2018-12-17T20:42:35.000Z",
"pattern": "[domain-name:value = 'mobilecontinue.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3c-5cd0-46fe-9b40-4e15950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:36.000Z",
"modified": "2018-12-17T20:42:36.000Z",
"pattern": "[domain-name:value = 'session-identifier-webservice.mobilecontinue.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3c-99e8-44e8-af12-4db5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:36.000Z",
"modified": "2018-12-17T20:42:36.000Z",
"pattern": "[domain-name:value = 'com-messengersaccount.name']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3d-67f8-42ba-a30b-4e60950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:37.000Z",
"modified": "2018-12-17T20:42:37.000Z",
"pattern": "[domain-name:value = 'invitation-to-messenger.space']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3d-fb3c-4c30-906a-41c7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:37.000Z",
"modified": "2018-12-17T20:42:37.000Z",
"pattern": "[domain-name:value = 'confirm-identification.name']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3d-01bc-448c-a56c-4f0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:37.000Z",
"modified": "2018-12-17T20:42:37.000Z",
"pattern": "[domain-name:value = 'mobile.confirm-identification.name']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3e-b674-4eda-b244-4ccd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:38.000Z",
"modified": "2018-12-17T20:42:38.000Z",
"pattern": "[domain-name:value = 'services.confirm-identification.name']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3e-322c-4fcf-8621-4ee3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:38.000Z",
"modified": "2018-12-17T20:42:38.000Z",
"pattern": "[domain-name:value = 'mobile-messengerplus.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3f-10e4-4cae-b8a6-4107950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:39.000Z",
"modified": "2018-12-17T20:42:39.000Z",
"pattern": "[domain-name:value = 'confirm.mobile-messengerplus.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a3f-707c-4a70-a2f4-4af5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:39.000Z",
"modified": "2018-12-17T20:42:39.000Z",
"pattern": "[domain-name:value = 'com-messengercenters.name']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a40-82e4-4b15-ab28-4849950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:40.000Z",
"modified": "2018-12-17T20:42:40.000Z",
"pattern": "[domain-name:value = 'securemail.mobile-messengerplus.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a40-7db0-4b32-8706-4c1a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:40.000Z",
"modified": "2018-12-17T20:42:40.000Z",
"pattern": "[domain-name:value = 'documents.mobile-messengerplus.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a41-90dc-4962-8feb-4d85950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:41.000Z",
"modified": "2018-12-17T20:42:41.000Z",
"pattern": "[domain-name:value = 'confirm-identity.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a41-f198-481f-95ba-454f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:41.000Z",
"modified": "2018-12-17T20:42:41.000Z",
"pattern": "[domain-name:value = 'identifier-sessions-mailactivityid.site']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a41-fa24-445c-8161-4c6b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:41.000Z",
"modified": "2018-12-17T20:42:41.000Z",
"pattern": "[domain-name:value = 'activatecodeoption.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a42-3694-4965-9260-4f92950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:42.000Z",
"modified": "2018-12-17T20:42:42.000Z",
"pattern": "[domain-name:value = 'broadcastpopuer.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a42-3208-42cc-9332-44b3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:42.000Z",
"modified": "2018-12-17T20:42:42.000Z",
"pattern": "[domain-name:value = 'books.com-identifier-servicelog.name']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a43-f5e4-46ac-b565-43c0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:43.000Z",
"modified": "2018-12-17T20:42:43.000Z",
"pattern": "[domain-name:value = 'mb.sessions-identifier-memberemailid.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a43-9a2c-478a-b77e-4977950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:43.000Z",
"modified": "2018-12-17T20:42:43.000Z",
"pattern": "[domain-name:value = 'sessions-identifier-memberemailid.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a44-085c-4aca-a0bf-43d0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:44.000Z",
"modified": "2018-12-17T20:42:44.000Z",
"pattern": "[domain-name:value = 'sessions.mobile-messengerplus.network']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a44-7c4c-425c-ae6d-44a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:44.000Z",
"modified": "2018-12-17T20:42:44.000Z",
"pattern": "[domain-name:value = 'confirm-verification-process.systems']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a45-9334-4b84-97a7-472c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:45.000Z",
"modified": "2018-12-17T20:42:45.000Z",
"pattern": "[domain-name:value = 'accounts.confirm-verification-process.systems']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a45-145c-4389-bd86-4298950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:45.000Z",
"modified": "2018-12-17T20:42:45.000Z",
"pattern": "[domain-name:value = 'broadcastnews.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a46-7180-4780-ba2d-45cb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:46.000Z",
"modified": "2018-12-17T20:42:46.000Z",
"pattern": "[domain-name:value = 'account-profile-users.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a46-5a14-4b04-80b3-45b8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:46.000Z",
"modified": "2018-12-17T20:42:46.000Z",
"pattern": "[domain-name:value = 'us2-mail-login-profile.site']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a47-49d0-47a6-9c89-40de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:47.000Z",
"modified": "2018-12-17T20:42:47.000Z",
"pattern": "[domain-name:value = 'us2.login-users-account.site']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a47-8b30-4af4-bd3f-43ec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:47.000Z",
"modified": "2018-12-17T20:42:47.000Z",
"pattern": "[domain-name:value = 'login-users-account.site']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a47-3c6c-4e1c-9d39-4b50950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:47.000Z",
"modified": "2018-12-17T20:42:47.000Z",
"pattern": "[domain-name:value = 'live.account-profile-users.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a48-c034-48f8-a247-4205950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:48.000Z",
"modified": "2018-12-17T20:42:48.000Z",
"pattern": "[domain-name:value = 'signin.account-profile-users.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a48-8990-4724-acaa-4110950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:48.000Z",
"modified": "2018-12-17T20:42:48.000Z",
"pattern": "[domain-name:value = 'aol.account-profile-users.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5c180a49-5600-49ec-ba9a-49d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2018-12-17T20:42:49.000Z",
"modified": "2018-12-17T20:42:49.000Z",
"pattern": "[domain-name:value = 'users-account.site']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2018-12-17T20:42:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink