misp-circl-feed/feeds/circl/stix-2.1/57113e3b-2424-44de-9686-4bc8950d210f.json

1360 lines
No EOL
53 KiB
JSON

{
"type": "bundle",
"id": "bundle--57113e3b-2424-44de-9686-4bc8950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:05.000Z",
"modified": "2016-04-15T19:19:05.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--57113e3b-2424-44de-9686-4bc8950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:05.000Z",
"modified": "2016-04-15T19:19:05.000Z",
"name": "Expansion on 596552@qq.com",
"published": "2016-04-15T19:20:51Z",
"object_refs": [
"x-misp-attribute--57113e73-5e1c-423c-b7f1-4ea2950d210f",
"indicator--57113ea9-9f28-473b-8be7-5156950d210f",
"indicator--57113eaa-8c04-42ba-8e34-5156950d210f",
"indicator--57113eaa-5748-421f-8cea-5156950d210f",
"indicator--57113eaa-f258-4aff-9660-5156950d210f",
"indicator--57113eab-673c-4833-81a9-5156950d210f",
"indicator--57113eab-66c4-450f-a579-5156950d210f",
"indicator--57113eac-b178-475d-9ae9-5156950d210f",
"indicator--57113eac-848c-4212-b534-5156950d210f",
"indicator--57113eac-826c-4443-89ef-5156950d210f",
"indicator--57113ead-b898-49ca-a73b-5156950d210f",
"indicator--57113ead-921c-49da-9301-5156950d210f",
"indicator--57113ead-bdfc-4889-b11a-5156950d210f",
"indicator--57113eae-52a4-4a4f-bca7-5156950d210f",
"indicator--57113eae-cf20-413a-b526-5156950d210f",
"indicator--57113eae-cee4-40b3-855c-5156950d210f",
"indicator--57113eaf-196c-47cb-bc65-5156950d210f",
"indicator--57113eaf-8d40-4bf8-8d3a-5156950d210f",
"indicator--57113eaf-ec78-4bfe-9a39-5156950d210f",
"indicator--57113eb0-958c-46a7-8faf-5156950d210f",
"indicator--57113eb0-a14c-4865-82e6-5156950d210f",
"indicator--57113eb0-3504-4254-b5c2-5156950d210f",
"indicator--57113eb1-e794-420f-8a9d-5156950d210f",
"indicator--57113eb1-f2ec-4cb6-b13b-5156950d210f",
"indicator--57113eb1-9bb4-4107-b78b-5156950d210f",
"indicator--57113eb2-c2d8-4124-b112-5156950d210f",
"indicator--57113eb2-7cb8-45b8-b0bf-5156950d210f",
"indicator--57113eb2-b3d8-49c2-99da-5156950d210f",
"indicator--57113eb3-f3e8-4bdc-835d-5156950d210f",
"indicator--57113eb3-bfc0-41d4-ab73-5156950d210f",
"indicator--57113eb3-c58c-46ab-987f-5156950d210f",
"indicator--57113eb4-6034-4deb-848e-5156950d210f",
"indicator--57113eb4-aca4-4f41-b4c8-5156950d210f",
"indicator--57113eb4-0488-4fd0-920f-5156950d210f",
"indicator--57113eb5-e6a8-4ae6-86ee-5156950d210f",
"indicator--57113eb5-c51c-46d7-9320-5156950d210f",
"indicator--57113eb5-52bc-4360-a1db-5156950d210f",
"indicator--57113eb6-e184-4fb0-9711-5156950d210f",
"indicator--57113eb6-a618-447c-abf2-5156950d210f",
"indicator--57113eb6-ce64-4ad1-8ab5-5156950d210f",
"indicator--57113eb7-13c4-4761-a0e3-5156950d210f",
"indicator--57113eb7-2a30-4fe8-8c0c-5156950d210f",
"indicator--57113eb7-4374-474f-9c99-5156950d210f",
"indicator--57113eb8-0640-4b09-8be2-5156950d210f",
"indicator--57113eb8-149c-44a1-98b4-5156950d210f",
"indicator--57113eb8-3b48-4eb7-9dee-5156950d210f",
"indicator--57113eb9-0440-43d3-935f-5156950d210f",
"indicator--57113eb9-a2f8-4505-b38d-5156950d210f",
"indicator--57113eb9-24fc-4945-8637-5156950d210f",
"indicator--57113eba-9160-4ad2-bc92-5156950d210f",
"indicator--57113eba-e0f4-47fd-b4af-5156950d210f",
"indicator--57113eba-59d0-410d-b81c-5156950d210f",
"indicator--57113ebb-ac34-47c3-905a-5156950d210f",
"indicator--57113ebb-8080-47cb-9c53-5156950d210f",
"indicator--57113ebb-2cc8-450a-bee6-5156950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"expansion:whois-registrant-email",
"admiralty-scale:information-credibility=\"3\""
],
"object_marking_refs": [
"marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da"
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--57113e73-5e1c-423c-b7f1-4ea2950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:18:11.000Z",
"modified": "2016-04-15T19:18:11.000Z",
"labels": [
"misp:type=\"whois-registrant-email\"",
"misp:category=\"Attribution\"",
"misp:to_ids=\"True\""
],
"x_misp_category": "Attribution",
"x_misp_type": "whois-registrant-email",
"x_misp_value": "596552@qq.com"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113ea9-9f28-473b-8be7-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:05.000Z",
"modified": "2016-04-15T19:19:05.000Z",
"pattern": "[domain-name:value = 'acld1e.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eaa-8c04-42ba-8e34-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:06.000Z",
"modified": "2016-04-15T19:19:06.000Z",
"pattern": "[domain-name:value = 'ahthja.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eaa-5748-421f-8cea-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:06.000Z",
"modified": "2016-04-15T19:19:06.000Z",
"pattern": "[domain-name:value = 'bple1b.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eaa-f258-4aff-9660-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:06.000Z",
"modified": "2016-04-15T19:19:06.000Z",
"pattern": "[domain-name:value = 'bvff.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eab-673c-4833-81a9-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:07.000Z",
"modified": "2016-04-15T19:19:07.000Z",
"pattern": "[domain-name:value = 'car741.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eab-66c4-450f-a579-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:07.000Z",
"modified": "2016-04-15T19:19:07.000Z",
"pattern": "[domain-name:value = 'car963.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eac-b178-475d-9ae9-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:08.000Z",
"modified": "2016-04-15T19:19:08.000Z",
"pattern": "[domain-name:value = 'celd1.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eac-848c-4212-b534-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:08.000Z",
"modified": "2016-04-15T19:19:08.000Z",
"pattern": "[domain-name:value = 'cmjb.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eac-826c-4443-89ef-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:08.000Z",
"modified": "2016-04-15T19:19:08.000Z",
"pattern": "[domain-name:value = 'cnabc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113ead-b898-49ca-a73b-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:09.000Z",
"modified": "2016-04-15T19:19:09.000Z",
"pattern": "[domain-name:value = 'cnbbc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113ead-921c-49da-9301-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:09.000Z",
"modified": "2016-04-15T19:19:09.000Z",
"pattern": "[domain-name:value = 'cnccc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113ead-bdfc-4889-b11a-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:09.000Z",
"modified": "2016-04-15T19:19:09.000Z",
"pattern": "[domain-name:value = 'cnebc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eae-52a4-4a4f-bca7-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:10.000Z",
"modified": "2016-04-15T19:19:10.000Z",
"pattern": "[domain-name:value = 'cnibc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eae-cf20-413a-b526-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:10.000Z",
"modified": "2016-04-15T19:19:10.000Z",
"pattern": "[domain-name:value = 'dacv.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eae-cee4-40b3-855c-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:10.000Z",
"modified": "2016-04-15T19:19:10.000Z",
"pattern": "[domain-name:value = 'ddct.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eaf-196c-47cb-bc65-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:11.000Z",
"modified": "2016-04-15T19:19:11.000Z",
"pattern": "[domain-name:value = 'deld1a.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eaf-8d40-4bf8-8d3a-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:11.000Z",
"modified": "2016-04-15T19:19:11.000Z",
"pattern": "[domain-name:value = 'dile1.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eaf-ec78-4bfe-9a39-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:11.000Z",
"modified": "2016-04-15T19:19:11.000Z",
"pattern": "[domain-name:value = 'eelcd5.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb0-958c-46a7-8faf-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:12.000Z",
"modified": "2016-04-15T19:19:12.000Z",
"pattern": "[domain-name:value = 'efvc.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb0-a14c-4865-82e6-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:12.000Z",
"modified": "2016-04-15T19:19:12.000Z",
"pattern": "[domain-name:value = 'gaehh.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb0-3504-4254-b5c2-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:12.000Z",
"modified": "2016-04-15T19:19:12.000Z",
"pattern": "[domain-name:value = 'gehae.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb1-e794-420f-8a9d-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:13.000Z",
"modified": "2016-04-15T19:19:13.000Z",
"pattern": "[domain-name:value = 'ggsg.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb1-f2ec-4cb6-b13b-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:13.000Z",
"modified": "2016-04-15T19:19:13.000Z",
"pattern": "[domain-name:value = 'gtpq.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb1-9bb4-4107-b78b-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:13.000Z",
"modified": "2016-04-15T19:19:13.000Z",
"pattern": "[domain-name:value = 'gyez.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb2-c2d8-4124-b112-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:14.000Z",
"modified": "2016-04-15T19:19:14.000Z",
"pattern": "[domain-name:value = 'haerh.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb2-7cb8-45b8-b0bf-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:14.000Z",
"modified": "2016-04-15T19:19:14.000Z",
"pattern": "[domain-name:value = 'herha.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb2-b3d8-49c2-99da-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:14.000Z",
"modified": "2016-04-15T19:19:14.000Z",
"pattern": "[domain-name:value = 'hgvl.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb3-f3e8-4bdc-835d-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:15.000Z",
"modified": "2016-04-15T19:19:15.000Z",
"pattern": "[domain-name:value = 'hmsy.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb3-bfc0-41d4-ab73-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:15.000Z",
"modified": "2016-04-15T19:19:15.000Z",
"pattern": "[domain-name:value = 'htsrh.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb3-c58c-46ab-987f-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:15.000Z",
"modified": "2016-04-15T19:19:15.000Z",
"pattern": "[domain-name:value = 'iyso.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb4-6034-4deb-848e-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:16.000Z",
"modified": "2016-04-15T19:19:16.000Z",
"pattern": "[domain-name:value = 'lwmh.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb4-aca4-4f41-b4c8-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:16.000Z",
"modified": "2016-04-15T19:19:16.000Z",
"pattern": "[domain-name:value = 'meitanjiaoyiwang.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb4-0488-4fd0-920f-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:16.000Z",
"modified": "2016-04-15T19:19:16.000Z",
"pattern": "[domain-name:value = 'myrj.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb5-e6a8-4ae6-86ee-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:17.000Z",
"modified": "2016-04-15T19:19:17.000Z",
"pattern": "[domain-name:value = 'mysoso.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb5-c51c-46d7-9320-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:17.000Z",
"modified": "2016-04-15T19:19:17.000Z",
"pattern": "[domain-name:value = 'newsoso.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb5-52bc-4360-a1db-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:17.000Z",
"modified": "2016-04-15T19:19:17.000Z",
"pattern": "[domain-name:value = 'nvzm.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb6-e184-4fb0-9711-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:18.000Z",
"modified": "2016-04-15T19:19:18.000Z",
"pattern": "[domain-name:value = 'odgd.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb6-a618-447c-abf2-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:18.000Z",
"modified": "2016-04-15T19:19:18.000Z",
"pattern": "[domain-name:value = 'oidd.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb6-ce64-4ad1-8ab5-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:18.000Z",
"modified": "2016-04-15T19:19:18.000Z",
"pattern": "[domain-name:value = 'pliy.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb7-13c4-4761-a0e3-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:19.000Z",
"modified": "2016-04-15T19:19:19.000Z",
"pattern": "[domain-name:value = 'pornisvideo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb7-2a30-4fe8-8c0c-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:19.000Z",
"modified": "2016-04-15T19:19:19.000Z",
"pattern": "[domain-name:value = 'povg.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb7-4374-474f-9c99-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:19.000Z",
"modified": "2016-04-15T19:19:19.000Z",
"pattern": "[domain-name:value = 'qdko.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb8-0640-4b09-8be2-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:20.000Z",
"modified": "2016-04-15T19:19:20.000Z",
"pattern": "[domain-name:value = 'qwhg.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb8-149c-44a1-98b4-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:20.000Z",
"modified": "2016-04-15T19:19:20.000Z",
"pattern": "[domain-name:value = 'rgbd.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb8-3b48-4eb7-9dee-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:20.000Z",
"modified": "2016-04-15T19:19:20.000Z",
"pattern": "[domain-name:value = 'sctq.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb9-0440-43d3-935f-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:21.000Z",
"modified": "2016-04-15T19:19:21.000Z",
"pattern": "[domain-name:value = 'shopay.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb9-a2f8-4505-b38d-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:21.000Z",
"modified": "2016-04-15T19:19:21.000Z",
"pattern": "[domain-name:value = 'shoppingoflove.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eb9-24fc-4945-8637-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:21.000Z",
"modified": "2016-04-15T19:19:21.000Z",
"pattern": "[domain-name:value = 'ssxb.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eba-9160-4ad2-bc92-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:22.000Z",
"modified": "2016-04-15T19:19:22.000Z",
"pattern": "[domain-name:value = 'uoxz.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eba-e0f4-47fd-b4af-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:22.000Z",
"modified": "2016-04-15T19:19:22.000Z",
"pattern": "[domain-name:value = 'xerd.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113eba-59d0-410d-b81c-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:22.000Z",
"modified": "2016-04-15T19:19:22.000Z",
"pattern": "[domain-name:value = 'ydjp.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113ebb-ac34-47c3-905a-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:23.000Z",
"modified": "2016-04-15T19:19:23.000Z",
"pattern": "[domain-name:value = 'yourbroiler.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113ebb-8080-47cb-9c53-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:23.000Z",
"modified": "2016-04-15T19:19:23.000Z",
"pattern": "[domain-name:value = 'zros.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--57113ebb-2cc8-450a-bee6-5156950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-04-15T19:19:23.000Z",
"modified": "2016-04-15T19:19:23.000Z",
"pattern": "[domain-name:value = 'zryh.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-04-15T19:19:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:GREEN",
"definition": {
"tlp": "green"
}
}
]
}