misp-circl-feed/feeds/circl/misp/55bb3422-c610-4b66-aa54-4533950d210b.json

936 lines
No EOL
38 KiB
JSON

{
"type": "bundle",
"id": "bundle--55bb3422-c610-4b66-aa54-4533950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:41.000Z",
"modified": "2015-07-31T08:40:41.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--55bb3422-c610-4b66-aa54-4533950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:41.000Z",
"modified": "2015-07-31T08:40:41.000Z",
"name": "OSINT Angler's best friends by SANS ISC Diary",
"published": "2015-07-31T09:12:05Z",
"object_refs": [
"observed-data--55bb3433-f880-4cde-92de-42af950d210b",
"url--55bb3433-f880-4cde-92de-42af950d210b",
"indicator--55bb3449-07b8-46ca-914a-468e950d210b",
"indicator--55bb3449-5030-426e-9922-4ee4950d210b",
"indicator--55bb3449-a088-49f3-81f9-4f08950d210b",
"indicator--55bb3449-6ed4-4535-9abc-45a1950d210b",
"indicator--55bb344a-d914-47a7-a818-4d69950d210b",
"indicator--55bb344a-ba18-4092-8a61-4e26950d210b",
"indicator--55bb344a-4ff0-4637-b379-4a88950d210b",
"indicator--55bb344a-bc58-42fa-8efc-487a950d210b",
"indicator--55bb344a-fbf8-4b51-ae7e-4d39950d210b",
"indicator--55bb344a-6d84-41dd-b3c8-4878950d210b",
"indicator--55bb344a-3fa8-4b20-9f00-416a950d210b",
"indicator--55bb344b-216c-4ca8-a4bd-46d7950d210b",
"indicator--55bb344b-8cb0-42e9-8aeb-447e950d210b",
"indicator--55bb344b-2dc0-4b12-a36e-479d950d210b",
"indicator--55bb344b-c82c-491f-8bb1-4aec950d210b",
"indicator--55bb344b-8198-4ee3-a21b-491f950d210b",
"indicator--55bb344b-1e38-4e4b-94a7-4d10950d210b",
"indicator--55bb344b-6428-4bcc-9fdd-47c3950d210b",
"indicator--55bb344c-95a4-42bf-9598-48d2950d210b",
"indicator--55bb3486-c200-4ad6-88bd-49e2950d210b",
"indicator--55bb3486-13c0-4acc-b1d6-4e09950d210b",
"indicator--55bb3487-34bc-4922-990a-4d12950d210b",
"indicator--55bb3487-2894-44f2-af41-405c950d210b",
"indicator--55bb3487-4638-4383-ba51-482a950d210b",
"indicator--55bb3487-2e80-4a7f-806b-4242950d210b",
"indicator--55bb3487-d9d0-4d55-b4c8-4b05950d210b",
"indicator--55bb3487-3954-497e-84ff-48e2950d210b",
"indicator--55bb3487-f4ac-492e-a677-433d950d210b",
"indicator--55bb3488-680c-4bc6-b732-4d22950d210b",
"indicator--55bb3488-38dc-4270-891e-4077950d210b",
"indicator--55bb3488-e6d4-4c22-8629-4128950d210b",
"indicator--55bb3488-f10c-48e1-999d-41fc950d210b",
"indicator--55bb3488-8604-48da-ac56-4b17950d210b",
"indicator--55bb3488-b9f4-43cc-be29-45b3950d210b",
"indicator--55bb3488-f18c-4459-ba59-4984950d210b",
"indicator--55bb3489-77e8-47db-8ccc-476b950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT"
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--55bb3433-f880-4cde-92de-42af950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:15.000Z",
"modified": "2015-07-31T08:39:15.000Z",
"first_observed": "2015-07-31T08:39:15Z",
"last_observed": "2015-07-31T08:39:15Z",
"number_observed": 1,
"object_refs": [
"url--55bb3433-f880-4cde-92de-42af950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--55bb3433-f880-4cde-92de-42af950d210b",
"value": "https://isc.sans.edu/forums/diary/Anglers+best+friends/19959/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3449-07b8-46ca-914a-468e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:37.000Z",
"modified": "2015-07-31T08:39:37.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '148.251.167.57']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3449-5030-426e-9922-4ee4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:37.000Z",
"modified": "2015-07-31T08:39:37.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '148.251.167.107']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3449-a088-49f3-81f9-4f08950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:37.000Z",
"modified": "2015-07-31T08:39:37.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.9.245.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3449-6ed4-4535-9abc-45a1950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:37.000Z",
"modified": "2015-07-31T08:39:37.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.9.245.140']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344a-d914-47a7-a818-4d69950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:38.000Z",
"modified": "2015-07-31T08:39:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.9.245.142']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344a-ba18-4092-8a61-4e26950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:38.000Z",
"modified": "2015-07-31T08:39:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '206.190.134.189']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344a-4ff0-4637-b379-4a88950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:38.000Z",
"modified": "2015-07-31T08:39:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.48.58.51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344a-bc58-42fa-8efc-487a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:38.000Z",
"modified": "2015-07-31T08:39:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '206.190.134.188']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344a-fbf8-4b51-ae7e-4d39950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:38.000Z",
"modified": "2015-07-31T08:39:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '206.190.134.190']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344a-6d84-41dd-b3c8-4878950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:38.000Z",
"modified": "2015-07-31T08:39:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.162.90.107']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344a-3fa8-4b20-9f00-416a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:38.000Z",
"modified": "2015-07-31T08:39:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.162.64.156']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344b-216c-4ca8-a4bd-46d7950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:39.000Z",
"modified": "2015-07-31T08:39:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.162.116.123']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344b-8cb0-42e9-8aeb-447e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:39.000Z",
"modified": "2015-07-31T08:39:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.43.223.165']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344b-2dc0-4b12-a36e-479d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:39.000Z",
"modified": "2015-07-31T08:39:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.162.116.125']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344b-c82c-491f-8bb1-4aec950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:39.000Z",
"modified": "2015-07-31T08:39:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.245.213.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344b-8198-4ee3-a21b-491f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:39.000Z",
"modified": "2015-07-31T08:39:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.162.86.36']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344b-1e38-4e4b-94a7-4d10950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:39.000Z",
"modified": "2015-07-31T08:39:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.162.64.158']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344b-6428-4bcc-9fdd-47c3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:39.000Z",
"modified": "2015-07-31T08:39:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.245.213.138']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb344c-95a4-42bf-9598-48d2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:39:40.000Z",
"modified": "2015-07-31T08:39:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.43.223.164']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:39:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3486-c200-4ad6-88bd-49e2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:38.000Z",
"modified": "2015-07-31T08:40:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '136.243.96.94']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3486-13c0-4acc-b1d6-4e09950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:38.000Z",
"modified": "2015-07-31T08:40:38.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '148.251.167.105']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3487-34bc-4922-990a-4d12950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:39.000Z",
"modified": "2015-07-31T08:40:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '148.251.167.51']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3487-2894-44f2-af41-405c950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:39.000Z",
"modified": "2015-07-31T08:40:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '148.251.167.97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3487-4638-4383-ba51-482a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:39.000Z",
"modified": "2015-07-31T08:40:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '176.9.245.139']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3487-2e80-4a7f-806b-4242950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:39.000Z",
"modified": "2015-07-31T08:40:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '178.63.173.166']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3487-d9d0-4d55-b4c8-4b05950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:39.000Z",
"modified": "2015-07-31T08:40:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.48.58.52']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3487-3954-497e-84ff-48e2950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:39.000Z",
"modified": "2015-07-31T08:40:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.190.51.212']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3487-f4ac-492e-a677-433d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:39.000Z",
"modified": "2015-07-31T08:40:39.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '209.190.51.214']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3488-680c-4bc6-b732-4d22950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:40.000Z",
"modified": "2015-07-31T08:40:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.144.244.147']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3488-38dc-4270-891e-4077950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:40.000Z",
"modified": "2015-07-31T08:40:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.144.244.148']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3488-e6d4-4c22-8629-4128950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:40.000Z",
"modified": "2015-07-31T08:40:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.4.213.133']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3488-f10c-48e1-999d-41fc950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:40.000Z",
"modified": "2015-07-31T08:40:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '5.79.85.242']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3488-8604-48da-ac56-4b17950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:40.000Z",
"modified": "2015-07-31T08:40:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '63.143.53.46']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3488-b9f4-43cc-be29-45b3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:40.000Z",
"modified": "2015-07-31T08:40:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.162.73.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3488-f18c-4459-ba59-4984950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:40.000Z",
"modified": "2015-07-31T08:40:40.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.63.217.222']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--55bb3489-77e8-47db-8ccc-476b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-07-31T08:40:41.000Z",
"modified": "2015-07-31T08:40:41.000Z",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '74.63.237.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-07-31T08:40:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}