adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/b6a0d910-69ae-463d-80a8-1f84839a2514.json

699 lines
No EOL
30 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--b6a0d910-69ae-463d-80a8-1f84839a2514",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:44:37.000Z",
"modified": "2021-08-17T12:44:37.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--b6a0d910-69ae-463d-80a8-1f84839a2514",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:44:37.000Z",
"modified": "2021-08-17T12:44:37.000Z",
"name": "Nanocore 20210816",
"published": "2021-08-17T12:44:49Z",
"object_refs": [
"indicator--5fe0a2c9-529a-463d-bdf1-ce9810a326a1",
"indicator--f664f99d-7c72-43f8-978e-b37728009b2e",
"indicator--1d6fc8a1-543c-4e88-bdb1-cc881073ef5a",
"indicator--b7a87190-e31c-49f4-a48a-17a28d9e387e",
"indicator--0204068e-f994-45b0-9ee1-82075c844cfe",
"indicator--bceb056d-02a2-4d20-8805-274c2176302e",
"indicator--41496714-768e-4cec-8863-ed1478fc5ba6",
"indicator--98127c27-a87e-4d7d-97ce-86933ccbe785",
"indicator--7b6fbd55-6968-4d0a-97c6-cf59b2793d09",
"indicator--2c6ff02d-d040-4b06-906f-9a12052e1e0e",
"x-misp-object--691b9653-eeb4-4e37-813c-615d479136f2",
"indicator--952d82ff-7ba8-4518-84fb-ca5532b2bf11",
"x-misp-object--be08969d-fac1-4f76-b6bc-a1c79350a375",
"indicator--6f98c9e8-8a06-417f-af9e-c5e33fda7f1f",
"x-misp-object--d05559b0-7b96-4f69-804d-1d31b20faafa",
"indicator--7774835c-4f7f-49bd-8bc4-d45323247df8",
"x-misp-object--ecaaa472-1599-4a58-b1ef-f5f6b318fb20",
"indicator--491b2ed4-78ea-4b29-afad-103e9f3ebf07",
"x-misp-object--4af9b009-2178-4c95-aaa7-56f231e4052d",
"x-misp-object--2735f53e-0789-4e37-aba1-ec69432d5be7",
"relationship--3dd3db8e-04be-4677-8aa3-9ff8a1b0a4c0",
"relationship--8abae221-bf84-4fce-842a-bd24c5b01ead",
"relationship--393646f9-b7f5-4d96-8eb2-b58d5fdcdbd3",
"relationship--f6a74bd5-41ec-485e-8f5b-07c3422f77b0",
"relationship--e040adf6-4ed5-419f-bf59-834e7dee4705"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"osint:lifetime=\"perpetual\"",
"osint:certainty=\"50\"",
"misp-galaxy:malpedia=\"Nanocore RAT\"",
"misp-galaxy:tool=\"NanoCoreRAT\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5fe0a2c9-529a-463d-bdf1-ce9810a326a1",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:35:18.000Z",
"modified": "2021-08-17T12:35:18.000Z",
"pattern": "[domain-name:value = 'coc88.duckdns.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:35:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--f664f99d-7c72-43f8-978e-b37728009b2e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:35:18.000Z",
"modified": "2021-08-17T12:35:18.000Z",
"pattern": "[domain-name:value = 'torok1111112.ddns.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:35:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--1d6fc8a1-543c-4e88-bdb1-cc881073ef5a",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:13.000Z",
"modified": "2021-08-17T12:36:13.000Z",
"pattern": "[file:hashes.SHA256 = '2a2c0a635beba215a9e3f21c398d684dc1d2ad487356e29140247b14f2c6838f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--b7a87190-e31c-49f4-a48a-17a28d9e387e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:13.000Z",
"modified": "2021-08-17T12:36:13.000Z",
"pattern": "[file:hashes.SHA256 = '060dc5124e4d0f8869856b52016cbed32339b8ac456b8cb5fea50f628961fc73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--0204068e-f994-45b0-9ee1-82075c844cfe",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:13.000Z",
"modified": "2021-08-17T12:36:13.000Z",
"pattern": "[file:hashes.SHA1 = 'ec958c2d48c6719238780878d1621b8af18c4b65']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--bceb056d-02a2-4d20-8805-274c2176302e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:13.000Z",
"modified": "2021-08-17T12:36:13.000Z",
"pattern": "[file:hashes.SHA1 = '716c942e237ebe40e5e0bf443bf2128e5a883197']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--41496714-768e-4cec-8863-ed1478fc5ba6",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:13.000Z",
"modified": "2021-08-17T12:36:13.000Z",
"pattern": "[file:hashes.MD5 = 'd915f9f8421aa34dfd88d1595249f954']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--98127c27-a87e-4d7d-97ce-86933ccbe785",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:13.000Z",
"modified": "2021-08-17T12:36:13.000Z",
"pattern": "[file:hashes.MD5 = 'cab3529dc19b4c630163a24759125fd7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7b6fbd55-6968-4d0a-97c6-cf59b2793d09",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:13.000Z",
"modified": "2021-08-17T12:36:13.000Z",
"pattern": "[file:hashes.SHA256 = 'afdcfeac16d321fef57c2aae9b001952544a53fc785ba78a6ad794a81bef0c05']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--2c6ff02d-d040-4b06-906f-9a12052e1e0e",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:13.000Z",
"modified": "2021-08-17T12:36:13.000Z",
"pattern": "[file:hashes.SHA256 = '67b695b139106a73c333aa2fdd0f08ae160ff5ee38d843cb9999146ad605da73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--691b9653-eeb4-4e37-813c-615d479136f2",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:36:45.000Z",
"modified": "2021-08-17T12:36:45.000Z",
"labels": [
"misp:name=\"report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "link",
"object_relation": "link",
"value": "https://otx.alienvault.com/pulse/611ba6128fe8c7c18b06861f",
"category": "External analysis",
"uuid": "65d659ce-c79b-486f-ac9e-aad1da028ee6"
},
{
"type": "text",
"object_relation": "type",
"value": "Report",
"category": "Other",
"uuid": "4873e17e-8594-4331-94c8-69f04a44bc90"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--952d82ff-7ba8-4518-84fb-ca5532b2bf11",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:38:20.000Z",
"modified": "2021-08-17T12:38:20.000Z",
"pattern": "[file:hashes.MD5 = 'd915f9f8421aa34dfd88d1595249f954' AND file:hashes.SHA1 = 'ec958c2d48c6719238780878d1621b8af18c4b65' AND file:hashes.SHA256 = '060dc5124e4d0f8869856b52016cbed32339b8ac456b8cb5fea50f628961fc73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:38:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--be08969d-fac1-4f76-b6bc-a1c79350a375",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:38:20.000Z",
"modified": "2021-08-17T12:38:20.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2021-08-14T23:15:37+00:00",
"category": "Other",
"uuid": "d5778aa6-c074-44ec-9ca7-e1a05a3fd2c7"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/060dc5124e4d0f8869856b52016cbed32339b8ac456b8cb5fea50f628961fc73/detection/f-060dc5124e4d0f8869856b52016cbed32339b8ac456b8cb5fea50f628961fc73-1628982937",
"category": "Payload delivery",
"uuid": "873c9e6f-b87d-4f6c-b4fb-b382279e7869"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "56/70",
"category": "Payload delivery",
"uuid": "c817e8d0-2681-4626-b8a5-26034b3083fe"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--6f98c9e8-8a06-417f-af9e-c5e33fda7f1f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:38:20.000Z",
"modified": "2021-08-17T12:38:20.000Z",
"pattern": "[file:hashes.MD5 = 'cab3529dc19b4c630163a24759125fd7' AND file:hashes.SHA1 = '716c942e237ebe40e5e0bf443bf2128e5a883197' AND file:hashes.SHA256 = '2a2c0a635beba215a9e3f21c398d684dc1d2ad487356e29140247b14f2c6838f']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:38:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--d05559b0-7b96-4f69-804d-1d31b20faafa",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:38:20.000Z",
"modified": "2021-08-17T12:38:20.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2021-08-15T19:04:24+00:00",
"category": "Other",
"uuid": "d8b8fa9c-d29b-43cf-814d-cb35cc093819"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/2a2c0a635beba215a9e3f21c398d684dc1d2ad487356e29140247b14f2c6838f/detection/f-2a2c0a635beba215a9e3f21c398d684dc1d2ad487356e29140247b14f2c6838f-1629054264",
"category": "Payload delivery",
"uuid": "5d2d3405-9efa-4ddb-93b3-185b2119ffe4"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "55/70",
"category": "Payload delivery",
"uuid": "75c51767-eda2-48ae-9839-0899f7dd20ab"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--7774835c-4f7f-49bd-8bc4-d45323247df8",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:38:21.000Z",
"modified": "2021-08-17T12:38:21.000Z",
"pattern": "[file:hashes.MD5 = '0ff932908a4201a1c0a27db317321e1c' AND file:hashes.SHA1 = '511e815032cfeec9706117436c6bfdc9e974e4df' AND file:hashes.SHA256 = '67b695b139106a73c333aa2fdd0f08ae160ff5ee38d843cb9999146ad605da73']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:38:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--ecaaa472-1599-4a58-b1ef-f5f6b318fb20",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:38:22.000Z",
"modified": "2021-08-17T12:38:22.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2021-08-17T01:10:57+00:00",
"category": "Other",
"uuid": "50179a94-1afe-4b10-94b2-17d4e048a618"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/67b695b139106a73c333aa2fdd0f08ae160ff5ee38d843cb9999146ad605da73/detection/f-67b695b139106a73c333aa2fdd0f08ae160ff5ee38d843cb9999146ad605da73-1629162657",
"category": "Payload delivery",
"uuid": "7c2c183a-dcaa-4590-9bdb-28d540697bb0"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "35/70",
"category": "Payload delivery",
"uuid": "fc3d84a1-1144-4e3d-bc89-25bd85f87d88"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--491b2ed4-78ea-4b29-afad-103e9f3ebf07",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:38:22.000Z",
"modified": "2021-08-17T12:38:22.000Z",
"pattern": "[file:hashes.MD5 = '9bdfa3add2456a5efccabdad1343fa70' AND file:hashes.SHA1 = '02a34db66b361e9cb326f32d6e8f71f1cd284b68' AND file:hashes.SHA256 = 'afdcfeac16d321fef57c2aae9b001952544a53fc785ba78a6ad794a81bef0c05']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2021-08-17T12:38:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "file"
}
],
"labels": [
"misp:name=\"file\"",
"misp:meta-category=\"file\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--4af9b009-2178-4c95-aaa7-56f231e4052d",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:38:23.000Z",
"modified": "2021-08-17T12:38:23.000Z",
"labels": [
"misp:name=\"virustotal-report\"",
"misp:meta-category=\"misc\""
],
"x_misp_attributes": [
{
"type": "datetime",
"object_relation": "last-submission",
"value": "2021-08-16T14:55:59+00:00",
"category": "Other",
"uuid": "0c1866c0-8a38-4065-9cbd-6d1911176ce1"
},
{
"type": "link",
"object_relation": "permalink",
"value": "https://www.virustotal.com/gui/file/afdcfeac16d321fef57c2aae9b001952544a53fc785ba78a6ad794a81bef0c05/detection/f-afdcfeac16d321fef57c2aae9b001952544a53fc785ba78a6ad794a81bef0c05-1629125759",
"category": "Payload delivery",
"uuid": "b641bd56-f3f7-437d-825e-0130676151a8"
},
{
"type": "text",
"object_relation": "detection-ratio",
"value": "34/69",
"category": "Payload delivery",
"uuid": "17fd4f40-6ac2-416d-91a8-2b10001962da"
}
],
"x_misp_meta_category": "misc",
"x_misp_name": "virustotal-report"
},
{
"type": "x-misp-object",
"spec_version": "2.1",
"id": "x-misp-object--2735f53e-0789-4e37-aba1-ec69432d5be7",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2021-08-17T12:40:35.000Z",
"modified": "2021-08-17T12:40:35.000Z",
"labels": [
"misp:name=\"passive-dns\"",
"misp:meta-category=\"network\""
],
"x_misp_attributes": [
{
"type": "text",
"object_relation": "rdata",
"value": "86.125.138.162",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: torok1111112.ddns.net",
"to_ids": true,
"uuid": "ce780277-1f91-474f-925d-46ce6d9e5324"
},
{
"type": "counter",
"object_relation": "count",
"value": "1",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: torok1111112.ddns.net",
"uuid": "3592cfeb-a2d7-409e-9fdc-fe43d259edb7"
},
{
"type": "datetime",
"object_relation": "time_first",
"value": "2021-08-17T04:15:12+00:00",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: torok1111112.ddns.net",
"uuid": "a6c8bc85-7c31-4323-8d3c-dc334af7d25a"
},
{
"type": "datetime",
"object_relation": "time_last",
"value": "2021-08-17T04:15:12+00:00",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: torok1111112.ddns.net",
"uuid": "2ad3f979-e163-4ac7-be91-df63246ffdfa"
},
{
"type": "text",
"object_relation": "rrname",
"value": "torok1111112.ddns.net.",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: torok1111112.ddns.net",
"uuid": "929f0a46-9f0a-43f5-9eed-80309941123c"
},
{
"type": "text",
"object_relation": "rrtype",
"value": "A",
"category": "Other",
"comment": "Result from a rrset lookup on DNSDB about the hostname: torok1111112.ddns.net",
"uuid": "b239a327-5646-485a-a586-06fc86a3b49d"
},
{
"type": "domain",
"object_relation": "bailiwick",
"value": "ddns.net",
"category": "Network activity",
"comment": "Result from a rrset lookup on DNSDB about the hostname: torok1111112.ddns.net",
"uuid": "cb30f6bb-1a01-4bf4-bee7-fda9eab45ac9"
}
],
"x_misp_comment": "torok1111112.ddns.net: Enriched via the farsight_passivedns module",
"x_misp_meta_category": "network",
"x_misp_name": "passive-dns"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--3dd3db8e-04be-4677-8aa3-9ff8a1b0a4c0",
"created": "2021-08-17T12:38:24.000Z",
"modified": "2021-08-17T12:38:24.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--952d82ff-7ba8-4518-84fb-ca5532b2bf11",
"target_ref": "x-misp-object--be08969d-fac1-4f76-b6bc-a1c79350a375"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--8abae221-bf84-4fce-842a-bd24c5b01ead",
"created": "2021-08-17T12:38:24.000Z",
"modified": "2021-08-17T12:38:24.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--6f98c9e8-8a06-417f-af9e-c5e33fda7f1f",
"target_ref": "x-misp-object--d05559b0-7b96-4f69-804d-1d31b20faafa"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--393646f9-b7f5-4d96-8eb2-b58d5fdcdbd3",
"created": "2021-08-17T12:38:25.000Z",
"modified": "2021-08-17T12:38:25.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--7774835c-4f7f-49bd-8bc4-d45323247df8",
"target_ref": "x-misp-object--ecaaa472-1599-4a58-b1ef-f5f6b318fb20"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--f6a74bd5-41ec-485e-8f5b-07c3422f77b0",
"created": "2021-08-17T12:38:25.000Z",
"modified": "2021-08-17T12:38:25.000Z",
"relationship_type": "analysed-with",
"source_ref": "indicator--491b2ed4-78ea-4b29-afad-103e9f3ebf07",
"target_ref": "x-misp-object--4af9b009-2178-4c95-aaa7-56f231e4052d"
},
{
"type": "relationship",
"spec_version": "2.1",
"id": "relationship--e040adf6-4ed5-419f-bf59-834e7dee4705",
"created": "2021-08-17T12:40:04.000Z",
"modified": "2021-08-17T12:40:04.000Z",
"relationship_type": "related-to",
"source_ref": "x-misp-object--2735f53e-0789-4e37-aba1-ec69432d5be7",
"target_ref": "indicator--f664f99d-7c72-43f8-978e-b37728009b2e"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink