adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/62167543-c4e0-4f39-a23e-c09f0abe1822.json

752 lines
No EOL
32 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--62167543-c4e0-4f39-a23e-c09f0abe1822",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-10-04T10:50:53.000Z",
"modified": "2022-10-04T10:50:53.000Z",
"name": "CERT-FR_1510",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--62167543-c4e0-4f39-a23e-c09f0abe1822",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-10-04T10:50:53.000Z",
"modified": "2022-10-04T10:50:53.000Z",
"name": "[NCSC-UK] Cyclops blink",
"published": "2022-03-03T09:38:05Z",
"object_refs": [
"indicator--dedf5650-c2db-4e8b-b2f1-1a6b57f5ac95",
"indicator--d13fda23-586d-4c3e-a45b-f3bd4590e0fc",
"indicator--de7f253e-bc37-4fb0-9a96-91fe3c29b80a",
"indicator--6f161edf-5aa7-4c40-98a0-d2d55059da3b",
"indicator--dae1a295-317c-48a2-a740-5888dd39d614",
"indicator--ea55aaf1-16f4-405c-b3d2-9d399151ea1b",
"indicator--03f888b6-7b10-40e4-91d4-4bbccad9e02c",
"indicator--a934e756-a436-4ec9-ab77-669d5289cff5",
"indicator--7bb5d8f0-1edc-418d-8848-02a8b1d3059d",
"indicator--5151e208-e848-4678-8210-3372d3289e30",
"indicator--29f5895d-d3c6-4a9f-a236-615881115df5",
"indicator--5da89f24-d794-4317-84e4-60528a75b207",
"indicator--6f21cf3e-4420-4efe-9716-e5b53ab0f4a1",
"indicator--8b9a249c-4a99-4df2-91a3-f85bae52a594",
"indicator--9f9fa798-59ae-424c-9688-9629e647df7e",
"indicator--fa18fc05-f3ee-4bcb-9e29-bce9275af15a",
"indicator--fc594946-a050-4bf4-ad3f-c50b884252f9",
"indicator--c20e7d61-15fd-401a-97fc-78746b3e59e1",
"indicator--063bfd06-5392-467c-9844-d4d4c90777cd",
"indicator--0d9ae37c-c576-4f5f-a4f4-4bebc085367e",
"indicator--8d66da1b-0712-4407-9fc8-7f5cacae7dc5",
"indicator--7df6296d-5af4-4d9a-bb00-3903d712bb3b",
"indicator--2a50158d-bffb-4a19-8106-56981fee7362",
"indicator--882c3256-0b44-4460-9881-3493dc47f88d",
"indicator--f68ca7aa-ea92-43bd-8f69-187daebf04a3",
"indicator--3f26d694-adbf-45a4-8165-3ffd48ab2191",
"indicator--094a4f55-cdd9-4a4a-8b59-b51afae9a83d",
"indicator--163da4e8-6efe-45cf-ba1d-bbef3a9b9e73",
"indicator--7ec41302-a5b9-403a-9e0f-eb62be8e1884"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"fr-classif:non-classifiees=\"NON-CLASSIFIEES\"",
"cossi:TLP=\"white\"",
"cossi:RechercheSourceOuverte=\"Autorisee\"",
"misp-galaxy:threat-actor=\"Sandworm\"",
"misp-galaxy:threat-actor=\"IRIDIUM\"",
"misp-galaxy:threat-actor=\"TeleBots\"",
"misp-galaxy:threat-actor=\"ELECTRUM\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dedf5650-c2db-4e8b-b2f1-1a6b57f5ac95",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '100.43.220.234']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--d13fda23-586d-4c3e-a45b-f3bd4590e0fc",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '96.80.68.193']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--de7f253e-bc37-4fb0-9a96-91fe3c29b80a",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '188.152.254.170']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f161edf-5aa7-4c40-98a0-d2d55059da3b",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.81.37.50']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--dae1a295-317c-48a2-a740-5888dd39d614",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '70.62.153.174']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--ea55aaf1-16f4-405c-b3d2-9d399151ea1b",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '2.230.110.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--03f888b6-7b10-40e4-91d4-4bbccad9e02c",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '90.63.245.175']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--a934e756-a436-4ec9-ab77-669d5289cff5",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.103.208.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7bb5d8f0-1edc-418d-8848-02a8b1d3059d",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '50.255.126.65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5151e208-e848-4678-8210-3372d3289e30",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '78.134.89.167']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--29f5895d-d3c6-4a9f-a236-615881115df5",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.4.177.118']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5da89f24-d794-4317-84e4-60528a75b207",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '24.199.247.222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f21cf3e-4420-4efe-9716-e5b53ab0f4a1",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.99.163.162']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8b9a249c-4a99-4df2-91a3-f85bae52a594",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '37.71.147.186']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--9f9fa798-59ae-424c-9688-9629e647df7e",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '105.159.248.137']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fa18fc05-f3ee-4bcb-9e29-bce9275af15a",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.155.38.210']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--fc594946-a050-4bf4-ad3f-c50b884252f9",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '217.57.80.18']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--c20e7d61-15fd-401a-97fc-78746b3e59e1",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '151.0.169.250']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--063bfd06-5392-467c-9844-d4d4c90777cd",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.202.147.10']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0d9ae37c-c576-4f5f-a4f4-4bebc085367e",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.234.179.113']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--8d66da1b-0712-4407-9fc8-7f5cacae7dc5",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.82.169.99']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7df6296d-5af4-4d9a-bb00-3903d712bb3b",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.51.177.66']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2a50158d-bffb-4a19-8106-56981fee7362",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.15.113.188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--882c3256-0b44-4460-9881-3493dc47f88d",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.153.75.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f68ca7aa-ea92-43bd-8f69-187daebf04a3",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '109.192.30.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--3f26d694-adbf-45a4-8165-3ffd48ab2191",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"description": "Cyclops Blink - Linux ELF PowerPC big-endian. The size corresponds to the complete file, but the hash values correspond to the executable code segment only.",
"pattern": "[file:hashes.MD5 = 'd01e2c2e8df92edeb8298c55211bc4b6' AND file:hashes.SHA1 = '3adf9a59743bc5d8399f67cab5eb2daf28b9b863' AND file:hashes.SHA256 = '50df5734dd0c6c5983c21278f119527f9fdf6ef1d7e808a29754ebc5253e9a86' AND file:name = 'cpd' AND file:size = '2494940']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--094a4f55-cdd9-4a4a-8b59-b51afae9a83d",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"description": "Cyclops Blink - Linux ELF PowerPC big-endian. The size corresponds to the complete file, but the hash values correspond to the executable code segment only.",
"pattern": "[file:hashes.MD5 = 'bbb76de7654337fb6c2e851d106cebc7' AND file:hashes.SHA1 = 'c59bc17659daca1b1ce65b6af077f86a648ad8a8' AND file:hashes.SHA256 = 'c082a9117294fa4880d75a2625cf80f63c8bb159b54a7151553969541ac35862' AND file:name = 'cpd' AND file:size = '2494940']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--163da4e8-6efe-45cf-ba1d-bbef3a9b9e73",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"description": "Cyclops Blink embedded ELF - Linux ELF PowerPC big-endian",
"pattern": "[file:hashes.MD5 = '3c9d46dc4e664e20f1a7256e14a33766' AND file:hashes.SHA1 = '7d61c0dd0cd901221a9dff9df09bb90810754f10' AND file:hashes.SHA256 = '4e69bbb61329ace36fbe62f9fb6ca49c37e2e5a5293545c44d155641934e39d1' AND file:name = 'install_upgrade' AND file:size = '964556']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7ec41302-a5b9-403a-9e0f-eb62be8e1884",
"created_by_ref": "identity--56bdf779-46f8-4353-bdf9-2bb95bce2212",
"created": "2022-02-23T17:56:20.000Z",
"modified": "2022-02-23T17:56:20.000Z",
"description": "Cyclops Blink embedded ELF - Linux ELF PowerPC big-endian",
"pattern": "[file:hashes.MD5 = '3f22c0aeb1eec4350868368ea1cc798c' AND file:hashes.SHA1 = '438cd40caca70cafe5ca436b36ef7d3a6321e858' AND file:hashes.SHA256 = 'ff17ccd8c96059461710711fcc8372cfea5f0f9eb566ceb6ab709ea871190dc6' AND file:name = 'install_upgrade' AND file:size = '964556']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2022-02-23T17:56:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink