misp-circl-feed/feeds/circl/misp/5783a00e-27d8-4e5a-ac92-aec6950d210f.json

3265 lines
No EOL
132 KiB
JSON

{
"type": "bundle",
"id": "bundle--5783a00e-27d8-4e5a-ac92-aec6950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:40:21.000Z",
"modified": "2016-07-11T13:40:21.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5783a00e-27d8-4e5a-ac92-aec6950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:40:21.000Z",
"modified": "2016-07-11T13:40:21.000Z",
"name": "Pivot on What's in a server name (on APT28/Sofacy) by ThreatConnect",
"published": "2016-07-11T13:40:31Z",
"object_refs": [
"indicator--5783a09e-4afc-4fa0-a304-aec5950d210f",
"indicator--5783a09f-193c-4b2b-8f56-aec5950d210f",
"indicator--5783a09f-f564-4258-a3f8-aec5950d210f",
"indicator--5783a0a0-a6d0-4221-8c48-aec5950d210f",
"indicator--5783a0a0-7338-4cd6-8d23-aec5950d210f",
"indicator--5783a0a1-a9b0-411b-af08-aec5950d210f",
"indicator--5783a0a1-b58c-4432-af95-aec5950d210f",
"indicator--5783a0a1-b1fc-4def-a50f-aec5950d210f",
"indicator--5783a0a2-7dd0-4369-8ff3-aec5950d210f",
"indicator--5783a0a2-3c04-41f2-a70f-aec5950d210f",
"indicator--5783a0a3-d600-42af-bc28-aec5950d210f",
"indicator--5783a0a3-b484-4cc8-8639-aec5950d210f",
"indicator--5783a0a4-ceb4-44b1-9e9a-aec5950d210f",
"indicator--5783a0a4-2820-4107-b9c8-aec5950d210f",
"indicator--5783a0a4-c3c4-4168-b6de-aec5950d210f",
"indicator--5783a0a5-63f0-4415-b60e-aec5950d210f",
"indicator--5783a0a5-826c-4f50-ae77-aec5950d210f",
"indicator--5783a0a6-5de8-4781-a7aa-aec5950d210f",
"indicator--5783a0a6-7c3c-4520-895a-aec5950d210f",
"indicator--5783a0a6-fb9c-4092-88ce-aec5950d210f",
"indicator--5783a0a7-370c-4dda-882f-aec5950d210f",
"indicator--5783a0a7-1038-461a-95de-aec5950d210f",
"indicator--5783a0a7-8c14-41ad-989c-aec5950d210f",
"indicator--5783a0a8-d554-42a6-af8a-aec5950d210f",
"indicator--5783a0a8-c58c-4b99-b5b0-aec5950d210f",
"indicator--5783a0a9-986c-4ca1-896f-aec5950d210f",
"indicator--5783a0a9-99c4-4110-9978-aec5950d210f",
"indicator--5783a0aa-7f98-44a6-82ed-aec5950d210f",
"indicator--5783a0aa-4660-48b7-859f-aec5950d210f",
"indicator--5783a0aa-dfe4-4583-af69-aec5950d210f",
"indicator--5783a0ab-cbc8-4d21-bfe2-aec5950d210f",
"indicator--5783a0ab-55d4-4fd7-aa1f-aec5950d210f",
"indicator--5783a0ac-19d8-44fe-8a58-aec5950d210f",
"indicator--5783a0ac-5a00-45f4-ada9-aec5950d210f",
"indicator--5783a0ac-ad9c-4398-8864-aec5950d210f",
"indicator--5783a0ad-3940-4855-a8aa-aec5950d210f",
"indicator--5783a0ad-6024-40dc-85ec-aec5950d210f",
"indicator--5783a0ae-de98-4b95-a6b3-aec5950d210f",
"indicator--5783a0ae-adb4-4902-b90e-aec5950d210f",
"indicator--5783a0af-e204-4b46-b158-aec5950d210f",
"indicator--5783a0af-43f8-4d06-8b87-aec5950d210f",
"indicator--5783a0b0-928c-4ed4-acea-aec5950d210f",
"indicator--5783a0b0-dbb8-4ea6-927a-aec5950d210f",
"indicator--5783a0b0-aae4-48dc-8b15-aec5950d210f",
"indicator--5783a0b1-f180-4150-a604-aec5950d210f",
"indicator--5783a0b1-9f70-4157-8229-aec5950d210f",
"indicator--5783a0b2-02b0-46a3-9b6a-aec5950d210f",
"indicator--5783a0b2-6d14-41b6-bb3e-aec5950d210f",
"indicator--5783a0b3-2b58-43f6-aa4b-aec5950d210f",
"indicator--5783a0b3-bea8-4673-a7dc-aec5950d210f",
"indicator--5783a0b4-4fec-4ca8-a449-aec5950d210f",
"indicator--5783a0b4-382c-4455-94d5-aec5950d210f",
"indicator--5783a0b5-4fe4-4e7d-bde2-aec5950d210f",
"indicator--5783a0b5-1c8c-4e32-86c6-aec5950d210f",
"indicator--5783a0b5-0cc0-42ba-8f91-aec5950d210f",
"indicator--5783a0b6-a848-4df2-9112-aec5950d210f",
"indicator--5783a0b6-4ff8-42dc-940c-aec5950d210f",
"indicator--5783a0b7-6a98-454f-a58f-aec5950d210f",
"indicator--5783a0b7-0114-45f6-a07d-aec5950d210f",
"indicator--5783a0b7-3b08-40d2-8ba2-aec5950d210f",
"indicator--5783a0b8-f4b8-450a-bfae-aec5950d210f",
"indicator--5783a0b8-4b0c-41a1-bd80-aec5950d210f",
"indicator--5783a0b9-1da0-409c-81a4-aec5950d210f",
"indicator--5783a0b9-0e88-4eb8-9497-aec5950d210f",
"indicator--5783a0ba-b98c-4aaf-9069-aec5950d210f",
"indicator--5783a0ba-b200-42cd-8cd6-aec5950d210f",
"indicator--5783a0bb-0b94-4a70-b2fe-aec5950d210f",
"indicator--5783a0bb-9694-415f-a52e-aec5950d210f",
"indicator--5783a0bb-39e4-44f3-a917-aec5950d210f",
"indicator--5783a0bc-0690-4d0c-9b79-aec5950d210f",
"indicator--5783a0bc-c3cc-4809-8c61-aec5950d210f",
"indicator--5783a0bd-7ae8-4190-a0ef-aec5950d210f",
"indicator--5783a0bd-5778-478c-b7f1-aec5950d210f",
"indicator--5783a0bd-0398-4adc-aef8-aec5950d210f",
"indicator--5783a0be-ffe8-4a6e-bcd0-aec5950d210f",
"indicator--5783a0be-f89c-41c2-8ee1-aec5950d210f",
"indicator--5783a0bf-c250-41ca-991c-aec5950d210f",
"indicator--5783a0bf-e654-44b6-9021-aec5950d210f",
"indicator--5783a0c0-edd8-49c8-a6c2-aec5950d210f",
"indicator--5783a0c0-0430-49fe-b923-aec5950d210f",
"indicator--5783a0c1-d674-41b0-85db-aec5950d210f",
"indicator--5783a0c1-1b2c-486e-9e8a-aec5950d210f",
"indicator--5783a0c2-af94-470a-ba19-aec5950d210f",
"indicator--5783a0c2-00a4-448c-8eb9-aec5950d210f",
"indicator--5783a0c2-168c-451e-b663-aec5950d210f",
"indicator--5783a0c3-b330-4137-a2e3-aec5950d210f",
"indicator--5783a0c3-6f94-4f92-b4c7-aec5950d210f",
"indicator--5783a0c4-e4b0-466b-87e3-aec5950d210f",
"indicator--5783a0c4-9670-4425-965e-aec5950d210f",
"indicator--5783a0c4-5768-449b-9536-aec5950d210f",
"indicator--5783a0c5-e5c0-4d2d-83c1-aec5950d210f",
"indicator--5783a0c5-5bcc-4fb0-b3b4-aec5950d210f",
"indicator--5783a0c6-277c-4156-a257-aec5950d210f",
"indicator--5783a0c6-0348-4aea-93df-aec5950d210f",
"indicator--5783a0c6-e938-4391-aedc-aec5950d210f",
"indicator--5783a0c7-fd60-43f5-902d-aec5950d210f",
"indicator--5783a0c7-2fe8-4e47-9c96-aec5950d210f",
"indicator--5783a0c8-a2f4-4f82-86f7-aec5950d210f",
"indicator--5783a0c8-8560-4d94-b2fc-aec5950d210f",
"indicator--5783a0c8-c520-4c9d-92f5-aec5950d210f",
"indicator--5783a0c9-b334-4303-8d54-aec5950d210f",
"indicator--5783a0c9-1c44-4ae8-838b-aec5950d210f",
"indicator--5783a0c9-bbdc-4ce8-aba8-aec5950d210f",
"indicator--5783a0ca-4d04-4f22-b8de-aec5950d210f",
"indicator--5783a0ca-4acc-4a7e-a229-aec5950d210f",
"indicator--5783a0cb-b154-4895-86a4-aec5950d210f",
"indicator--5783a0cb-b2c0-4023-9c9b-aec5950d210f",
"indicator--5783a0cb-8b48-4760-97f5-aec5950d210f",
"indicator--5783a0cc-cca0-4b93-9ded-aec5950d210f",
"indicator--5783a0cc-67d4-4b91-8aeb-aec5950d210f",
"indicator--5783a0cc-6fd8-4c1f-ad7d-aec5950d210f",
"indicator--5783a0cd-ad84-4cf1-bb3a-aec5950d210f",
"indicator--5783a0cd-1fa8-478b-af67-aec5950d210f",
"indicator--5783a0ce-5ab8-4d54-ab52-aec5950d210f",
"indicator--5783a0ce-2b8c-46cd-bb79-aec5950d210f",
"indicator--5783a0ce-5c78-4161-a9de-aec5950d210f",
"indicator--5783a0cf-66c0-461a-9598-aec5950d210f",
"indicator--5783a0cf-6ea8-4eaf-b6ea-aec5950d210f",
"indicator--5783a0cf-1418-4106-817b-aec5950d210f",
"indicator--5783a0d0-b488-4949-a7fb-aec5950d210f",
"indicator--5783a0d0-0d74-4873-ac22-aec5950d210f",
"indicator--5783a0d0-5e70-454d-808a-aec5950d210f",
"indicator--5783a0d1-e4ac-4e60-af2c-aec5950d210f",
"indicator--5783a0d1-d714-416d-9a96-aec5950d210f",
"indicator--5783a0d2-ee28-44d7-95f6-aec5950d210f",
"indicator--5783a0d2-235c-4e9f-b525-aec5950d210f",
"indicator--5783a0d2-1a94-42d3-84be-aec5950d210f",
"x-misp-attribute--5783a1bd-e418-4ac9-95c4-aec6950d210f",
"observed-data--5783a1c5-95e8-4cb0-aaba-c1f3950d210f",
"url--5783a1c5-95e8-4cb0-aaba-c1f3950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"OSINT",
"Threat:Sofacy/APT28",
"admiralty-scale:information-credibility=\"2\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a09e-4afc-4fa0-a304-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:26.000Z",
"modified": "2016-07-11T13:35:26.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'barry.smith2004@yandex.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a09f-193c-4b2b-8f56-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:27.000Z",
"modified": "2016-07-11T13:35:27.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'energyaspacts.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a09f-f564-4258-a3f8-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:27.000Z",
"modified": "2016-07-11T13:35:27.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'leo.link@email.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a0-a6d0-4221-8c48-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:28.000Z",
"modified": "2016-07-11T13:35:28.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'bourquinsa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a0-7338-4cd6-8d23-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:28.000Z",
"modified": "2016-07-11T13:35:28.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ctbkonline.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a1-a9b0-411b-af08-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:29.000Z",
"modified": "2016-07-11T13:35:29.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'cjgr8hm@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a1-b58c-4432-af95-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:29.000Z",
"modified": "2016-07-11T13:35:29.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ozverler-tr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a1-b1fc-4def-a50f-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:29.000Z",
"modified": "2016-07-11T13:35:29.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'hanmiail.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a2-7dd0-4369-8ff3-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:30.000Z",
"modified": "2016-07-11T13:35:30.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'idolbreaker@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a2-3c04-41f2-a70f-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:30.000Z",
"modified": "2016-07-11T13:35:30.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'hamnaill.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a3-d600-42af-bc28-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:31.000Z",
"modified": "2016-07-11T13:35:31.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'chianceforkids.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a3-b484-4cc8-8639-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:31.000Z",
"modified": "2016-07-11T13:35:31.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'paulbecker@cock.li']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a4-ceb4-44b1-9e9a-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:32.000Z",
"modified": "2016-07-11T13:35:32.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'bisicoind.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a4-2820-4107-b9c8-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:32.000Z",
"modified": "2016-07-11T13:35:32.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'unjiaya.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a4-c3c4-4168-b6de-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:32.000Z",
"modified": "2016-07-11T13:35:32.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'saira.samosa@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a5-63f0-4415-b60e-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:33.000Z",
"modified": "2016-07-11T13:35:33.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'honeyvvell.co']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a5-826c-4f50-ae77-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:33.000Z",
"modified": "2016-07-11T13:35:33.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'pedrodonations.co']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a6-5de8-4781-a7aa-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:34.000Z",
"modified": "2016-07-11T13:35:34.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'owen@kehoe.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a6-7c3c-4520-895a-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:34.000Z",
"modified": "2016-07-11T13:35:34.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'diamondscourier.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a6-fb9c-4092-88ce-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:34.000Z",
"modified": "2016-07-11T13:35:34.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'win-wnigarden.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a7-370c-4dda-882f-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:35.000Z",
"modified": "2016-07-11T13:35:35.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'noshare1024@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a7-1038-461a-95de-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:35.000Z",
"modified": "2016-07-11T13:35:35.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'pinllive.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a7-8c14-41ad-989c-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:35.000Z",
"modified": "2016-07-11T13:35:35.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'mishel_corp@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a8-d554-42a6-af8a-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:36.000Z",
"modified": "2016-07-11T13:35:36.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'terms-google.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a8-c58c-4b99-b5b0-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:36.000Z",
"modified": "2016-07-11T13:35:36.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'access-google.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a9-986c-4ca1-896f-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:37.000Z",
"modified": "2016-07-11T13:35:37.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'egypressoffice.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0a9-99c4-4110-9978-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:37.000Z",
"modified": "2016-07-11T13:35:37.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'softwaresupportsv.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0aa-7f98-44a6-82ed-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:38.000Z",
"modified": "2016-07-11T13:35:38.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'securesystemwin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0aa-4660-48b7-859f-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:38.000Z",
"modified": "2016-07-11T13:35:38.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'intelintelligence.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0aa-dfe4-4583-af69-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:38.000Z",
"modified": "2016-07-11T13:35:38.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'tracksy.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ab-cbc8-4d21-bfe2-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:39.000Z",
"modified": "2016-07-11T13:35:39.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'e-dates.me']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ab-55d4-4fd7-aa1f-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:39.000Z",
"modified": "2016-07-11T13:35:39.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ms-updates.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ac-19d8-44fe-8a58-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:40.000Z",
"modified": "2016-07-11T13:35:40.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'uninstalled.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ac-5a00-45f4-ada9-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:40.000Z",
"modified": "2016-07-11T13:35:40.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'microsoft-updates.me']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ac-ad9c-4398-8864-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:40.000Z",
"modified": "2016-07-11T13:35:40.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ms-drivadptrwin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ad-3940-4855-a8aa-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:41.000Z",
"modified": "2016-07-11T13:35:41.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'cdncloudflare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ad-6024-40dc-85ec-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:41.000Z",
"modified": "2016-07-11T13:35:41.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'helper-akamai.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ae-de98-4b95-a6b3-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:42.000Z",
"modified": "2016-07-11T13:35:42.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'vrickson@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ae-adb4-4902-b90e-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:42.000Z",
"modified": "2016-07-11T13:35:42.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'best.cameron@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0af-e204-4b46-b158-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:43.000Z",
"modified": "2016-07-11T13:35:43.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'akamaitechupdate.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0af-43f8-4d06-8b87-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:43.000Z",
"modified": "2016-07-11T13:35:43.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'surleoborden@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b0-928c-4ed4-acea-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:44.000Z",
"modified": "2016-07-11T13:35:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'josiekilbyav@aol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b0-dbb8-4ea6-927a-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:44.000Z",
"modified": "2016-07-11T13:35:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'weronika76@hotmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b0-aae4-48dc-8b15-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:44.000Z",
"modified": "2016-07-11T13:35:44.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'bergers3008@usa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b1-f180-4150-a604-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:45.000Z",
"modified": "2016-07-11T13:35:45.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'guiromolly@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b1-9f70-4157-8229-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:45.000Z",
"modified": "2016-07-11T13:35:45.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = '8yhi4xqycpzm@mail.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b2-02b0-46a3-9b6a-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:46.000Z",
"modified": "2016-07-11T13:35:46.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'loots@tuta.io']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b2-6d14-41b6-bb3e-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:46.000Z",
"modified": "2016-07-11T13:35:46.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'mia.konzet99@ok.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b3-2b58-43f6-aa4b-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:47.000Z",
"modified": "2016-07-11T13:35:47.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'dana.raphaela@chewiemail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b3-bea8-4673-a7dc-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:47.000Z",
"modified": "2016-07-11T13:35:47.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'yourflashplayer.xyz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b4-4fec-4ca8-a449-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:48.000Z",
"modified": "2016-07-11T13:35:48.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'abuse@opticaljungle.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b4-382c-4455-94d5-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:48.000Z",
"modified": "2016-07-11T13:35:48.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'flashplayer2015.xyz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b5-4fe4-4e7d-bde2-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:49.000Z",
"modified": "2016-07-11T13:35:49.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'v9sa2cml@instancemail.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b5-1c8c-4e32-86c6-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:49.000Z",
"modified": "2016-07-11T13:35:49.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'newflashplayer2015.xyz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b5-0cc0-42ba-8f91-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:49.000Z",
"modified": "2016-07-11T13:35:49.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'issacgolden@hmamail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b6-a848-4df2-9112-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:50.000Z",
"modified": "2016-07-11T13:35:50.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'aerofit.club']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b6-4ff8-42dc-940c-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:50.000Z",
"modified": "2016-07-11T13:35:50.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'gregorio.oconnor@hmamail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b7-6a98-454f-a58f-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:51.000Z",
"modified": "2016-07-11T13:35:51.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'artur.klimenkov@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b7-0114-45f6-a07d-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:51.000Z",
"modified": "2016-07-11T13:35:51.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'superflashplayers.xyz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b7-3b08-40d2-8ba2-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:51.000Z",
"modified": "2016-07-11T13:35:51.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'pinfiangtw@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b8-f4b8-450a-bfae-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:52.000Z",
"modified": "2016-07-11T13:35:52.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'pdf-online-viewer.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b8-4b0c-41a1-bd80-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:52.000Z",
"modified": "2016-07-11T13:35:52.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'mattew.barnes@aol.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b9-1da0-409c-81a4-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:53.000Z",
"modified": "2016-07-11T13:35:53.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'petkrist@myself.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0b9-0e88-4eb8-9497-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:53.000Z",
"modified": "2016-07-11T13:35:53.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adobeupdatetechnology.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ba-b98c-4aaf-9069-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:54.000Z",
"modified": "2016-07-11T13:35:54.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'fisterboks@email.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ba-b200-42cd-8cd6-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:54.000Z",
"modified": "2016-07-11T13:35:54.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adobeupdater.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bb-0b94-4a70-b2fe-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:55.000Z",
"modified": "2016-07-11T13:35:55.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adobeflashdownload.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bb-9694-415f-a52e-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:55.000Z",
"modified": "2016-07-11T13:35:55.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'syst.soul@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bb-39e4-44f3-a917-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:55.000Z",
"modified": "2016-07-11T13:35:55.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'wsjworld.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bc-0690-4d0c-9b79-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:56.000Z",
"modified": "2016-07-11T13:35:56.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'm8r-abrn11@mailinator.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bc-c3cc-4809-8c61-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:56.000Z",
"modified": "2016-07-11T13:35:56.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'contacts@up57893.in']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bd-7ae8-4190-a0ef-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:57.000Z",
"modified": "2016-07-11T13:35:57.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'mr.michoverton@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bd-5778-478c-b7f1-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:57.000Z",
"modified": "2016-07-11T13:35:57.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'ken.tanaka@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bd-0398-4adc-aef8-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:57.000Z",
"modified": "2016-07-11T13:35:57.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'yrauto-tw.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0be-ffe8-4a6e-bcd0-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:58.000Z",
"modified": "2016-07-11T13:35:58.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'sandra.rafaela@chewiemail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0be-f89c-41c2-8ee1-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:58.000Z",
"modified": "2016-07-11T13:35:58.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'svroulette.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bf-c250-41ca-991c-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:59.000Z",
"modified": "2016-07-11T13:35:59.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ferrarlcostruzloni.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0bf-e654-44b6-9021-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:35:59.000Z",
"modified": "2016-07-11T13:35:59.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'bkopfer7101@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:35:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c0-edd8-49c8-a6c2-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:00.000Z",
"modified": "2016-07-11T13:36:00.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'chinagameke.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c0-0430-49fe-b923-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:00.000Z",
"modified": "2016-07-11T13:36:00.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'tostembekary.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c1-d674-41b0-85db-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:01.000Z",
"modified": "2016-07-11T13:36:01.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'uniccomvalve.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c1-1b2c-486e-9e8a-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:01.000Z",
"modified": "2016-07-11T13:36:01.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'elfreda.pollie@chewiemail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c2-af94-470a-ba19-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:02.000Z",
"modified": "2016-07-11T13:36:02.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'atosbasena.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c2-00a4-448c-8eb9-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:02.000Z",
"modified": "2016-07-11T13:36:02.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'intelsupportcenter.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c2-168c-451e-b663-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:02.000Z",
"modified": "2016-07-11T13:36:02.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'konrecranes.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c3-b330-4137-a2e3-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:03.000Z",
"modified": "2016-07-11T13:36:03.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'intelsupportcenter.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c3-6f94-4f92-b4c7-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:03.000Z",
"modified": "2016-07-11T13:36:03.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'ruzeedomeon@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c4-e4b0-466b-87e3-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:04.000Z",
"modified": "2016-07-11T13:36:04.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'adamsfinanace.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c4-9670-4425-965e-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:04.000Z",
"modified": "2016-07-11T13:36:04.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'agnasirahmedd@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c4-5768-449b-9536-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:04.000Z",
"modified": "2016-07-11T13:36:04.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'vortaxworldwlde.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c5-e5c0-4d2d-83c1-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:05.000Z",
"modified": "2016-07-11T13:36:05.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'cellpack-sg.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c5-5bcc-4fb0-b3b4-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:05.000Z",
"modified": "2016-07-11T13:36:05.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 's.penn.254@gmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c6-277c-4156-a257-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:06.000Z",
"modified": "2016-07-11T13:36:06.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'expo-consrtuct.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c6-0348-4aea-93df-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:06.000Z",
"modified": "2016-07-11T13:36:06.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'csc-sratori.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c6-e938-4391-aedc-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:06.000Z",
"modified": "2016-07-11T13:36:06.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'j.holmberg@dr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c7-fd60-43f5-902d-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:07.000Z",
"modified": "2016-07-11T13:36:07.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ghanltootgroup.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c7-2fe8-4e47-9c96-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:07.000Z",
"modified": "2016-07-11T13:36:07.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'admin@wm-z.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c8-a2f4-4f82-86f7-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:08.000Z",
"modified": "2016-07-11T13:36:08.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'corcpromotion.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c8-8560-4d94-b2fc-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:08.000Z",
"modified": "2016-07-11T13:36:08.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'shawanda.kirlin37@mail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c8-c520-4c9d-92f5-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:08.000Z",
"modified": "2016-07-11T13:36:08.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'haamltex.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c9-b334-4303-8d54-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:09.000Z",
"modified": "2016-07-11T13:36:09.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'truslt-valves.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c9-1c44-4ae8-838b-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:09.000Z",
"modified": "2016-07-11T13:36:09.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'transllead.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0c9-bbdc-4ce8-aba8-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:09.000Z",
"modified": "2016-07-11T13:36:09.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'swsupporttools.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ca-4d04-4f22-b8de-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:10.000Z",
"modified": "2016-07-11T13:36:10.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'ajw-avaition.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ca-4acc-4a7e-a229-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:10.000Z",
"modified": "2016-07-11T13:36:10.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'micoft.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cb-b154-4895-86a4-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:11.000Z",
"modified": "2016-07-11T13:36:11.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'winliveupdate.top']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cb-b2c0-4023-9c9b-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:11.000Z",
"modified": "2016-07-11T13:36:11.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'xui.ooo']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cb-8b48-4760-97f5-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:11.000Z",
"modified": "2016-07-11T13:36:11.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'avolt.top']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cc-cca0-4b93-9ded-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:12.000Z",
"modified": "2016-07-11T13:36:12.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[file:name = 'topservers.top']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"filename\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cc-67d4-4b91-8aeb-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:12.000Z",
"modified": "2016-07-11T13:36:12.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'wincodec.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cc-6fd8-4c1f-ad7d-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:12.000Z",
"modified": "2016-07-11T13:36:12.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'sec-trusted.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:12Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cd-ad84-4cf1-bb3a-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:13.000Z",
"modified": "2016-07-11T13:36:13.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'sec-verified.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cd-1fa8-478b-af67-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:13.000Z",
"modified": "2016-07-11T13:36:13.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'sec-login.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:13Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ce-5ab8-4d54-ab52-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:14.000Z",
"modified": "2016-07-11T13:36:14.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'natoadviser.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ce-2b8c-46cd-bb79-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:14.000Z",
"modified": "2016-07-11T13:36:14.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'j.wang@uymail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0ce-5c78-4161-a9de-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:14.000Z",
"modified": "2016-07-11T13:36:14.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[email-message:from_ref.value = 'play@xtcmail.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Payload delivery"
}
],
"labels": [
"misp:type=\"email-src\"",
"misp:category=\"Payload delivery\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cf-66c0-461a-9598-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:15.000Z",
"modified": "2016-07-11T13:36:15.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'bitfare.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cf-6ea8-4eaf-b6ea-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:15.000Z",
"modified": "2016-07-11T13:36:15.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'goaarmy.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0cf-1418-4106-817b-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:15.000Z",
"modified": "2016-07-11T13:36:15.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'nato-org.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:15Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0d0-b488-4949-a7fb-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:16.000Z",
"modified": "2016-07-11T13:36:16.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'kaunas-city.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0d0-0d74-4873-ac22-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:16.000Z",
"modified": "2016-07-11T13:36:16.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'laisve25.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0d0-5e70-454d-808a-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:16.000Z",
"modified": "2016-07-11T13:36:16.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'stratforglobal.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0d1-e4ac-4e60-af2c-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:17.000Z",
"modified": "2016-07-11T13:36:17.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'theguardiannews.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0d1-d714-416d-9a96-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:17.000Z",
"modified": "2016-07-11T13:36:17.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'theguardianpress.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0d2-ee28-44d7-95f6-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:18.000Z",
"modified": "2016-07-11T13:36:18.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'wm-z.biz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0d2-235c-4e9f-b525-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:18.000Z",
"modified": "2016-07-11T13:36:18.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'worldpostjournal.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5783a0d2-1a94-42d3-84be-aec5950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:36:18.000Z",
"modified": "2016-07-11T13:36:18.000Z",
"description": "Imported via the Freetext Import Tool",
"pattern": "[domain-name:value = 'wmepadtech.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-07-11T13:36:18Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5783a1bd-e418-4ac9-95c4-aec6950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:40:13.000Z",
"modified": "2016-07-11T13:40:13.000Z",
"labels": [
"misp:type=\"comment\"",
"misp:category=\"Internal reference\""
],
"x_misp_category": "Internal reference",
"x_misp_type": "comment",
"x_misp_value": "Used emails (SOA & Whois registrant) to pivot domains registrants from passiveTotal DB"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5783a1c5-95e8-4cb0-aaba-c1f3950d210f",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2016-07-11T13:40:21.000Z",
"modified": "2016-07-11T13:40:21.000Z",
"first_observed": "2016-07-11T13:40:21Z",
"last_observed": "2016-07-11T13:40:21Z",
"number_observed": 1,
"object_refs": [
"url--5783a1c5-95e8-4cb0-aaba-c1f3950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5783a1c5-95e8-4cb0-aaba-c1f3950d210f",
"value": "https://threatconnect.com/whats-in-a-name-server/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}