misp-circl-feed/feeds/circl/misp/5847c9b1-9114-4e0c-afe8-d9c6950d210f.json

4471 lines
No EOL
180 KiB
JSON

{
"type": "bundle",
"id": "bundle--5847c9b1-9114-4e0c-afe8-d9c6950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:11.000Z",
"modified": "2016-12-07T08:37:11.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5847c9b1-9114-4e0c-afe8-d9c6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:11.000Z",
"modified": "2016-12-07T08:37:11.000Z",
"name": "Malspam 2016-12-07 (.js in .zip) - campaign: \"receipt\"",
"published": "2016-12-07T08:38:23Z",
"object_refs": [
"indicator--5847ca0d-67b0-460a-b82d-d9c2950d210f",
"indicator--5847ca0e-287c-4998-b731-d9c2950d210f",
"indicator--5847ca0e-e5f0-4eec-9c48-d9c2950d210f",
"indicator--5847ca0e-693c-412d-afd6-d9c2950d210f",
"indicator--5847ca0e-da34-4187-a393-d9c2950d210f",
"indicator--5847ca0f-5ca0-4429-9abf-d9c2950d210f",
"indicator--5847ca0f-7d50-414a-a6fe-d9c2950d210f",
"indicator--5847ca0f-afa4-4c08-98c5-d9c2950d210f",
"indicator--5847ca0f-8ab4-4f14-b869-d9c2950d210f",
"indicator--5847ca0f-5298-4701-930c-d9c2950d210f",
"indicator--5847ca10-5044-4255-acb0-d9c2950d210f",
"indicator--5847ca10-107c-4036-a3e1-d9c2950d210f",
"indicator--5847ca10-3c7c-4c13-877a-d9c2950d210f",
"indicator--5847ca10-55ec-4fd9-9420-d9c2950d210f",
"indicator--5847ca11-a758-48fd-8788-d9c2950d210f",
"indicator--5847ca11-a38c-41e2-918b-d9c2950d210f",
"indicator--5847ca11-b650-4e8a-969f-d9c2950d210f",
"indicator--5847ca11-a568-4e21-92a8-d9c2950d210f",
"indicator--5847ca11-a0ec-4550-82ce-d9c2950d210f",
"indicator--5847ca12-1b9c-470d-9c3d-d9c2950d210f",
"indicator--5847ca12-e474-4ab3-9151-d9c2950d210f",
"indicator--5847ca12-73c4-4f55-ab89-d9c2950d210f",
"indicator--5847ca12-7bd4-4ee9-a32a-d9c2950d210f",
"indicator--5847ca13-3f10-49c4-872e-d9c2950d210f",
"indicator--5847ca13-4de0-41ec-9919-d9c2950d210f",
"indicator--5847ca13-479c-4f96-a6b8-d9c2950d210f",
"indicator--5847ca13-fe0c-4e96-b662-d9c2950d210f",
"indicator--5847ca14-bb48-48e2-8485-d9c2950d210f",
"indicator--5847ca14-0c64-4f7c-901d-d9c2950d210f",
"indicator--5847ca14-36c0-46b2-bc2b-d9c2950d210f",
"indicator--5847ca14-d45c-447a-a914-d9c2950d210f",
"indicator--5847ca15-89b8-4113-980c-d9c2950d210f",
"indicator--5847ca15-2408-4768-8263-d9c2950d210f",
"indicator--5847ca15-f51c-4e22-b7e7-d9c2950d210f",
"indicator--5847ca15-dfa4-46de-9747-d9c2950d210f",
"indicator--5847ca16-80b4-47fe-afe1-d9c2950d210f",
"indicator--5847ca16-183c-477c-baf4-d9c2950d210f",
"indicator--5847ca16-3404-4e52-8954-d9c2950d210f",
"indicator--5847ca16-9464-4b0d-949a-d9c2950d210f",
"indicator--5847ca17-55f4-40df-9b73-d9c2950d210f",
"indicator--5847ca17-3780-47bc-8e9f-d9c2950d210f",
"indicator--5847ca17-1418-40d0-99e9-d9c2950d210f",
"indicator--5847ca17-9784-405a-82b9-d9c2950d210f",
"indicator--5847ca18-0ff8-401c-9719-d9c2950d210f",
"indicator--5847ca18-e058-4257-a072-d9c2950d210f",
"indicator--5847ca18-8d08-4068-a2fd-d9c2950d210f",
"indicator--5847ca18-03bc-44bb-836c-d9c2950d210f",
"indicator--5847ca19-6f9c-4a75-aa3a-d9c2950d210f",
"indicator--5847ca19-3bcc-4a53-95a3-d9c2950d210f",
"indicator--5847ca19-2374-4c3d-8526-d9c2950d210f",
"indicator--5847ca19-64b8-42f0-896d-d9c2950d210f",
"indicator--5847ca1a-16d8-4472-9bf8-d9c2950d210f",
"indicator--5847ca1a-992c-4776-b788-d9c2950d210f",
"indicator--5847ca1a-c410-4616-be83-d9c2950d210f",
"indicator--5847ca1a-10d4-4470-9424-d9c2950d210f",
"indicator--5847ca1a-feb0-4989-b347-d9c2950d210f",
"indicator--5847ca1b-0d80-45f8-9523-d9c2950d210f",
"indicator--5847ca1b-a69c-4a4d-afce-d9c2950d210f",
"indicator--5847ca1b-eae0-41d0-ba8b-d9c2950d210f",
"indicator--5847ca1b-0a3c-4676-949b-d9c2950d210f",
"indicator--5847ca1c-e36c-4274-b326-d9c2950d210f",
"indicator--5847ca1c-5f14-4ab6-9780-d9c2950d210f",
"indicator--5847ca1c-325c-4f3f-b2b9-d9c2950d210f",
"indicator--5847ca1c-a68c-4a62-b572-d9c2950d210f",
"indicator--5847ca1d-b9e8-45b7-bec8-d9c2950d210f",
"indicator--5847ca1d-9b54-414f-916e-d9c2950d210f",
"indicator--5847ca1d-e710-434a-aa66-d9c2950d210f",
"indicator--5847ca1d-a8c4-4fb0-a1ba-d9c2950d210f",
"indicator--5847ca1d-3f2c-4357-a651-d9c2950d210f",
"indicator--5847ca1e-a20c-43c1-b0d3-d9c2950d210f",
"indicator--5847ca1e-97bc-4925-86f3-d9c2950d210f",
"indicator--5847ca1e-3de8-4532-b29c-d9c2950d210f",
"indicator--5847ca1e-d204-4bbc-bb70-d9c2950d210f",
"indicator--5847ca1f-58ac-476f-ae56-d9c2950d210f",
"indicator--5847ca1f-cf70-48f8-89c7-d9c2950d210f",
"indicator--5847ca1f-f688-4d42-bd5f-d9c2950d210f",
"indicator--5847ca1f-57dc-4f84-a787-d9c2950d210f",
"indicator--5847ca20-4480-4797-ac9f-d9c2950d210f",
"indicator--5847ca20-d394-43c1-a0f5-d9c2950d210f",
"indicator--5847ca20-2380-43f5-9aa4-d9c2950d210f",
"indicator--5847ca20-36e4-430d-894e-d9c2950d210f",
"indicator--5847ca20-dd1c-455d-ab66-d9c2950d210f",
"indicator--5847ca21-7a54-4a02-a4a3-d9c2950d210f",
"indicator--5847ca21-b2f4-4863-8ed2-d9c2950d210f",
"indicator--5847ca21-5578-4135-bc1e-d9c2950d210f",
"indicator--5847ca21-80e4-454d-ba04-d9c2950d210f",
"indicator--5847ca22-3774-4c8f-aaa9-d9c2950d210f",
"indicator--5847ca22-8090-4ad1-9716-d9c2950d210f",
"indicator--5847ca22-f880-475b-a038-d9c2950d210f",
"indicator--5847ca22-c310-4065-84cd-d9c2950d210f",
"indicator--5847ca22-66d0-42ef-82e6-d9c2950d210f",
"indicator--5847ca23-fe54-402d-b1a6-d9c2950d210f",
"indicator--5847ca23-d49c-4b84-b06f-d9c2950d210f",
"indicator--5847ca23-b794-4e9a-9f0e-d9c2950d210f",
"indicator--5847ca23-ffac-4108-83eb-d9c2950d210f",
"indicator--5847ca24-cea8-4058-8bd5-d9c2950d210f",
"indicator--5847ca24-30cc-4e66-9840-d9c2950d210f",
"indicator--5847ca24-e404-4d0b-82c7-d9c2950d210f",
"indicator--5847ca24-6168-4ff4-84e5-d9c2950d210f",
"indicator--5847ca25-3a58-44c2-8602-d9c2950d210f",
"indicator--5847ca25-4160-41ae-8a84-d9c2950d210f",
"indicator--5847ca25-7a5c-4a2c-82d5-d9c2950d210f",
"indicator--5847ca25-e018-4f3d-a991-d9c2950d210f",
"indicator--5847ca25-0c20-4870-a6e0-d9c2950d210f",
"indicator--5847ca26-b0ac-488d-8b80-d9c2950d210f",
"indicator--5847ca26-3bf8-48f9-884e-d9c2950d210f",
"indicator--5847ca26-e208-4f90-9654-d9c2950d210f",
"indicator--5847ca26-f4e8-4ece-9d71-d9c2950d210f",
"indicator--5847ca27-1148-497c-baee-d9c2950d210f",
"indicator--5847ca27-e880-4ded-8c74-d9c2950d210f",
"indicator--5847ca27-c790-404d-94aa-d9c2950d210f",
"indicator--5847ca27-9424-4c71-bd9e-d9c2950d210f",
"indicator--5847ca27-eacc-416c-9c57-d9c2950d210f",
"indicator--5847ca28-1004-43a3-882c-d9c2950d210f",
"indicator--5847ca28-4540-4a1e-b290-d9c2950d210f",
"indicator--5847ca28-6404-4324-b3f3-d9c2950d210f",
"indicator--5847ca29-da4c-4f1f-b657-d9c2950d210f",
"indicator--5847ca29-368c-4c03-98f3-d9c2950d210f",
"indicator--5847ca29-2a6c-4d9a-813f-d9c2950d210f",
"indicator--5847ca29-5e58-4a46-9aea-d9c2950d210f",
"indicator--5847ca2a-19d0-45a5-aff4-d9c2950d210f",
"indicator--5847ca2a-7540-47f6-a652-d9c2950d210f",
"indicator--5847ca2a-8118-4453-84a2-d9c2950d210f",
"indicator--5847ca2a-2638-4cb2-a95a-d9c2950d210f",
"indicator--5847ca2b-8360-4865-9f52-d9c2950d210f",
"indicator--5847ca2b-55fc-4afe-9859-d9c2950d210f",
"indicator--5847ca2b-8478-4aae-99dc-d9c2950d210f",
"indicator--5847ca2b-460c-47e7-ac49-d9c2950d210f",
"indicator--5847ca2b-6208-4db3-bdce-d9c2950d210f",
"indicator--5847ca2c-29b8-4e2a-8e90-d9c2950d210f",
"indicator--5847ca2c-7ebc-443d-828c-d9c2950d210f",
"indicator--5847ca2c-776c-462c-a7c8-d9c2950d210f",
"indicator--5847ca2c-f058-4aab-a9c0-d9c2950d210f",
"indicator--5847ca2d-2ae0-48f4-9d40-d9c2950d210f",
"indicator--5847ca2d-a7bc-4703-8920-d9c2950d210f",
"indicator--5847ca2d-3e90-4c6d-97f5-d9c2950d210f",
"indicator--5847ca2d-2e9c-419f-a60e-d9c2950d210f",
"indicator--5847ca2e-3444-4943-9d5c-d9c2950d210f",
"indicator--5847ca2e-ddfc-4068-bd5c-d9c2950d210f",
"indicator--5847ca2e-cd5c-4891-b210-d9c2950d210f",
"indicator--5847ca2e-e0f8-4a00-b800-d9c2950d210f",
"indicator--5847ca2f-82e8-476d-86dd-d9c2950d210f",
"indicator--5847ca2f-7304-49f9-ac0e-d9c2950d210f",
"indicator--5847ca2f-c84c-4be8-a97b-d9c2950d210f",
"indicator--5847ca2f-2c90-4560-aa62-d9c2950d210f",
"indicator--5847ca30-7b14-41b6-8344-d9c2950d210f",
"indicator--5847ca30-b600-45b3-a573-d9c2950d210f",
"indicator--5847ca30-3224-4eab-9d1b-d9c2950d210f",
"indicator--5847ca30-9f8c-4711-b656-d9c2950d210f",
"indicator--5847ca31-f518-4176-8cb3-d9c2950d210f",
"indicator--5847ca31-405c-4537-a30c-d9c2950d210f",
"indicator--5847ca31-7b80-4ab1-8765-d9c2950d210f",
"indicator--5847ca32-94f8-44f7-906b-d9c2950d210f",
"indicator--5847ca32-2028-4663-b881-d9c2950d210f",
"indicator--5847ca32-2100-4dfd-803c-d9c2950d210f",
"indicator--5847ca32-f3f4-4fed-856c-d9c2950d210f",
"indicator--5847ca33-0474-4897-9cea-d9c2950d210f",
"indicator--5847ca33-5590-42f7-a6ff-d9c2950d210f",
"indicator--5847ca33-fb98-4d25-9cb8-d9c2950d210f",
"indicator--5847ca33-7430-4aa3-a2b1-d9c2950d210f",
"indicator--5847ca34-88cc-4ac0-9269-d9c2950d210f",
"indicator--5847ca34-c024-4a0d-8386-d9c2950d210f",
"indicator--5847ca34-8330-4482-b4e9-d9c2950d210f",
"indicator--5847ca34-7b70-4ea8-8e22-d9c2950d210f",
"indicator--5847ca34-8d5c-4b2e-accd-d9c2950d210f",
"indicator--5847ca35-2054-4c4f-84ab-d9c2950d210f",
"indicator--5847ca35-bc90-4387-aace-d9c2950d210f",
"indicator--5847ca35-4ac0-400a-888f-d9c2950d210f",
"indicator--5847ca35-1d20-422c-9a83-d9c2950d210f",
"indicator--5847ca35-b740-4b90-9859-d9c2950d210f",
"indicator--5847ca36-465c-454c-a0e9-d9c2950d210f",
"indicator--5847ca36-ae0c-46f8-a9e6-d9c2950d210f",
"indicator--5847ca36-42e4-420d-ae93-d9c2950d210f",
"indicator--5847ca36-b498-43c2-a48e-d9c2950d210f",
"indicator--5847ca37-4d14-45a6-b006-d9c2950d210f",
"indicator--5847ca37-1588-43d0-beee-d9c2950d210f",
"indicator--5847ca37-3d74-4dc4-aa92-d9c2950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"circl:incident-classification=\"malware\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0d-67b0-460a-b82d-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:29.000Z",
"modified": "2016-12-07T08:36:29.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.izmirtente.info/itccwdk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0e-287c-4998-b731-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:30.000Z",
"modified": "2016-12-07T08:36:30.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.izmirtente.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0e-e5f0-4eec-9c48-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:30.000Z",
"modified": "2016-12-07T08:36:30.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '92.42.39.141']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0e-693c-412d-afd6-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:30.000Z",
"modified": "2016-12-07T08:36:30.000Z",
"description": "download location",
"pattern": "[url:value = 'http://cementossj.cl/qrgmkmi']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0e-da34-4187-a393-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:30.000Z",
"modified": "2016-12-07T08:36:30.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'cementossj.cl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0f-5ca0-4429-9abf-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:31.000Z",
"modified": "2016-12-07T08:36:31.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '131.108.209.103']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0f-7d50-414a-a6fe-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:31.000Z",
"modified": "2016-12-07T08:36:31.000Z",
"description": "download location",
"pattern": "[url:value = 'http://pregnancysquare.com/wk97j']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0f-afa4-4c08-98c5-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:31.000Z",
"modified": "2016-12-07T08:36:31.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'pregnancysquare.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0f-8ab4-4f14-b869-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:31.000Z",
"modified": "2016-12-07T08:36:31.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '27.254.41.206']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca0f-5298-4701-930c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:31.000Z",
"modified": "2016-12-07T08:36:31.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.tacfitacademy.com/i46phb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca10-5044-4255-acb0-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:32.000Z",
"modified": "2016-12-07T08:36:32.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.tacfitacademy.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca10-107c-4036-a3e1-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:32.000Z",
"modified": "2016-12-07T08:36:32.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.92.105.3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca10-3c7c-4c13-877a-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:32.000Z",
"modified": "2016-12-07T08:36:32.000Z",
"description": "download location",
"pattern": "[url:value = 'http://nekkel.pl/0apru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca10-55ec-4fd9-9420-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:32.000Z",
"modified": "2016-12-07T08:36:32.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'nekkel.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca11-a758-48fd-8788-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:33.000Z",
"modified": "2016-12-07T08:36:33.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '87.98.239.19']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca11-a38c-41e2-918b-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:33.000Z",
"modified": "2016-12-07T08:36:33.000Z",
"description": "download location",
"pattern": "[url:value = 'http://specimengear.dk/2armwx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca11-b650-4e8a-969f-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:33.000Z",
"modified": "2016-12-07T08:36:33.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'specimengear.dk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca11-a568-4e21-92a8-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:33.000Z",
"modified": "2016-12-07T08:36:33.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.231.103.128']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca11-a0ec-4550-82ce-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:33.000Z",
"modified": "2016-12-07T08:36:33.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.tvblanket.com/baxullbrx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca12-1b9c-470d-9c3d-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:34.000Z",
"modified": "2016-12-07T08:36:34.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.tvblanket.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca12-e474-4ab3-9151-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:34.000Z",
"modified": "2016-12-07T08:36:34.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.29.151.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca12-73c4-4f55-ab89-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:34.000Z",
"modified": "2016-12-07T08:36:34.000Z",
"description": "download location",
"pattern": "[url:value = 'http://trehoada.org/rakk97']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca12-7bd4-4ee9-a32a-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:34.000Z",
"modified": "2016-12-07T08:36:34.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'trehoada.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca13-3f10-49c4-872e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:35.000Z",
"modified": "2016-12-07T08:36:35.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '123.30.187.207']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca13-4de0-41ec-9919-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:35.000Z",
"modified": "2016-12-07T08:36:35.000Z",
"description": "download location",
"pattern": "[url:value = 'http://nechtyela.sk/k7ras']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca13-479c-4f96-a6b8-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:35.000Z",
"modified": "2016-12-07T08:36:35.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'nechtyela.sk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca13-fe0c-4e96-b662-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:35.000Z",
"modified": "2016-12-07T08:36:35.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.94.52.79']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca14-bb48-48e2-8485-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:36.000Z",
"modified": "2016-12-07T08:36:36.000Z",
"description": "download location",
"pattern": "[url:value = 'http://brei.com.br/kyi5l']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca14-0c64-4f7c-901d-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:36.000Z",
"modified": "2016-12-07T08:36:36.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'brei.com.br']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca14-36c0-46b2-bc2b-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:36.000Z",
"modified": "2016-12-07T08:36:36.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.202.153.53']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca14-d45c-447a-a914-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:36.000Z",
"modified": "2016-12-07T08:36:36.000Z",
"description": "download location",
"pattern": "[url:value = 'http://galeriamultiarte.com.br/osn2bj']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca15-89b8-4113-980c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:37.000Z",
"modified": "2016-12-07T08:36:37.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'galeriamultiarte.com.br']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca15-2408-4768-8263-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:37.000Z",
"modified": "2016-12-07T08:36:37.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '200.201.213.115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca15-f51c-4e22-b7e7-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:37.000Z",
"modified": "2016-12-07T08:36:37.000Z",
"description": "download location",
"pattern": "[url:value = 'http://radom.nl/zdknyeq0du']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca15-dfa4-46de-9747-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:37.000Z",
"modified": "2016-12-07T08:36:37.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'radom.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca16-80b4-47fe-afe1-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:38.000Z",
"modified": "2016-12-07T08:36:38.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '159.253.0.64']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca16-183c-477c-baf4-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:38.000Z",
"modified": "2016-12-07T08:36:38.000Z",
"description": "download location",
"pattern": "[url:value = 'http://restauranteelveintiseis.com/antpme']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca16-3404-4e52-8954-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:38.000Z",
"modified": "2016-12-07T08:36:38.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'restauranteelveintiseis.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca16-9464-4b0d-949a-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:38.000Z",
"modified": "2016-12-07T08:36:38.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.30.215.22']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:38Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca17-55f4-40df-9b73-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:39.000Z",
"modified": "2016-12-07T08:36:39.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.globalem.asia/gsup38l5']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca17-3780-47bc-8e9f-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:39.000Z",
"modified": "2016-12-07T08:36:39.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.globalem.asia']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca17-1418-40d0-99e9-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:39.000Z",
"modified": "2016-12-07T08:36:39.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.23.76.112']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca17-9784-405a-82b9-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:39.000Z",
"modified": "2016-12-07T08:36:39.000Z",
"description": "download location",
"pattern": "[url:value = 'http://hotpeppertrading.com/iuuhioli']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca18-0ff8-401c-9719-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:40.000Z",
"modified": "2016-12-07T08:36:40.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'hotpeppertrading.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca18-e058-4257-a072-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:40.000Z",
"modified": "2016-12-07T08:36:40.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '199.217.112.201']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca18-8d08-4068-a2fd-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:40.000Z",
"modified": "2016-12-07T08:36:40.000Z",
"description": "download location",
"pattern": "[url:value = 'http://nyxiaoyuan.com/uig0dyc7m']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca18-03bc-44bb-836c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:40.000Z",
"modified": "2016-12-07T08:36:40.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'nyxiaoyuan.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca19-6f9c-4a75-aa3a-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:41.000Z",
"modified": "2016-12-07T08:36:41.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '122.114.90.173']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca19-3bcc-4a53-95a3-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:41.000Z",
"modified": "2016-12-07T08:36:41.000Z",
"description": "download location",
"pattern": "[url:value = 'http://fonteaulente.com/q5vpvcz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca19-2374-4c3d-8526-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:41.000Z",
"modified": "2016-12-07T08:36:41.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'fonteaulente.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca19-64b8-42f0-896d-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:41.000Z",
"modified": "2016-12-07T08:36:41.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.231.103.55']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1a-16d8-4472-9bf8-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:42.000Z",
"modified": "2016-12-07T08:36:42.000Z",
"description": "download location",
"pattern": "[url:value = 'http://hotelmira.ru/on2gh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1a-992c-4776-b788-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:42.000Z",
"modified": "2016-12-07T08:36:42.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'hotelmira.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1a-c410-4616-be83-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:42.000Z",
"modified": "2016-12-07T08:36:42.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.177.135.43']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1a-10d4-4470-9424-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:42.000Z",
"modified": "2016-12-07T08:36:42.000Z",
"description": "download location",
"pattern": "[url:value = 'http://one1club.com/8iqrtn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1a-feb0-4989-b347-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:42.000Z",
"modified": "2016-12-07T08:36:42.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'one1club.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:42Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1b-0d80-45f8-9523-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:43.000Z",
"modified": "2016-12-07T08:36:43.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.61.21.236']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1b-a69c-4a4d-afce-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:43.000Z",
"modified": "2016-12-07T08:36:43.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.clap4ya.com/1eodzfvkg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1b-eae0-41d0-ba8b-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:43.000Z",
"modified": "2016-12-07T08:36:43.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.clap4ya.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1b-0a3c-4676-949b-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:43.000Z",
"modified": "2016-12-07T08:36:43.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.233.50.248']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:43Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1c-e36c-4274-b326-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:44.000Z",
"modified": "2016-12-07T08:36:44.000Z",
"description": "download location",
"pattern": "[url:value = 'http://4djsbydjs.com/ffi5tpbui']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1c-5f14-4ab6-9780-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:44.000Z",
"modified": "2016-12-07T08:36:44.000Z",
"description": "download location",
"pattern": "[domain-name:value = '4djsbydjs.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1c-325c-4f3f-b2b9-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:44.000Z",
"modified": "2016-12-07T08:36:44.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '167.114.119.192']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1c-a68c-4a62-b572-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:44.000Z",
"modified": "2016-12-07T08:36:44.000Z",
"description": "download location",
"pattern": "[url:value = 'http://gocatering.se/ctrshwvx']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:44Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1d-b9e8-45b7-bec8-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:45.000Z",
"modified": "2016-12-07T08:36:45.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'gocatering.se']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1d-9b54-414f-916e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:45.000Z",
"modified": "2016-12-07T08:36:45.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '46.30.213.182']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1d-e710-434a-aa66-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:45.000Z",
"modified": "2016-12-07T08:36:45.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.secretblog.de/j3m3iyomrh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1d-a8c4-4fb0-a1ba-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:45.000Z",
"modified": "2016-12-07T08:36:45.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.secretblog.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1d-3f2c-4357-a651-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:45.000Z",
"modified": "2016-12-07T08:36:45.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '85.214.253.127']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1e-a20c-43c1-b0d3-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:46.000Z",
"modified": "2016-12-07T08:36:46.000Z",
"description": "download location",
"pattern": "[url:value = 'http://cr-inos.com/lzwiz3d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1e-97bc-4925-86f3-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:46.000Z",
"modified": "2016-12-07T08:36:46.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'cr-inos.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1e-3de8-4532-b29c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:46.000Z",
"modified": "2016-12-07T08:36:46.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '190.0.230.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1e-d204-4bbc-bb70-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:46.000Z",
"modified": "2016-12-07T08:36:46.000Z",
"description": "download location",
"pattern": "[url:value = 'http://rampas.ch/xc2clj']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1f-58ac-476f-ae56-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:47.000Z",
"modified": "2016-12-07T08:36:47.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'rampas.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1f-cf70-48f8-89c7-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:47.000Z",
"modified": "2016-12-07T08:36:47.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '212.40.5.42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1f-f688-4d42-bd5f-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:47.000Z",
"modified": "2016-12-07T08:36:47.000Z",
"description": "download location",
"pattern": "[url:value = 'http://uriauerbach.com/l87aw']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca1f-57dc-4f84-a787-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:47.000Z",
"modified": "2016-12-07T08:36:47.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'uriauerbach.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca20-4480-4797-ac9f-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:48.000Z",
"modified": "2016-12-07T08:36:48.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.148.168.167']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca20-d394-43c1-a0f5-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:48.000Z",
"modified": "2016-12-07T08:36:48.000Z",
"description": "download location",
"pattern": "[url:value = 'http://realearthproperties.in/surhnrm6xv']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca20-2380-43f5-9aa4-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:48.000Z",
"modified": "2016-12-07T08:36:48.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'realearthproperties.in']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca20-36e4-430d-894e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:48.000Z",
"modified": "2016-12-07T08:36:48.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.96.217.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca20-dd1c-455d-ab66-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:48.000Z",
"modified": "2016-12-07T08:36:48.000Z",
"description": "download location",
"pattern": "[url:value = 'http://xn--80adixsmm7f.net/9c8cqg55x']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca21-7a54-4a02-a4a3-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:49.000Z",
"modified": "2016-12-07T08:36:49.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'xn--80adixsmm7f.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca21-b2f4-4863-8ed2-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:49.000Z",
"modified": "2016-12-07T08:36:49.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.28.172.177']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca21-5578-4135-bc1e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:49.000Z",
"modified": "2016-12-07T08:36:49.000Z",
"description": "download location",
"pattern": "[url:value = 'http://nsecoaching.ca/cd62kg4btm']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca21-80e4-454d-ba04-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:49.000Z",
"modified": "2016-12-07T08:36:49.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'nsecoaching.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca22-3774-4c8f-aaa9-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:50.000Z",
"modified": "2016-12-07T08:36:50.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.124.249.59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca22-8090-4ad1-9716-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:50.000Z",
"modified": "2016-12-07T08:36:50.000Z",
"description": "download location",
"pattern": "[url:value = 'http://childrenshouse.co.za/1v0lblf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca22-f880-475b-a038-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:50.000Z",
"modified": "2016-12-07T08:36:50.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'childrenshouse.co.za']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca22-c310-4065-84cd-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:50.000Z",
"modified": "2016-12-07T08:36:50.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '41.193.5.59']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca22-66d0-42ef-82e6-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:50.000Z",
"modified": "2016-12-07T08:36:50.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.gostaythere.com/7oemd']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca23-fe54-402d-b1a6-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:51.000Z",
"modified": "2016-12-07T08:36:51.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.gostaythere.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca23-d49c-4b84-b06f-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:51.000Z",
"modified": "2016-12-07T08:36:51.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '51.255.35.216']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca23-b794-4e9a-9f0e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:51.000Z",
"modified": "2016-12-07T08:36:51.000Z",
"description": "download location",
"pattern": "[url:value = 'http://gaozhao-edu.com/jdspeeimvz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca23-ffac-4108-83eb-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:51.000Z",
"modified": "2016-12-07T08:36:51.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'gaozhao-edu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca24-cea8-4058-8bd5-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:52.000Z",
"modified": "2016-12-07T08:36:52.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '198.252.107.142']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca24-30cc-4e66-9840-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:52.000Z",
"modified": "2016-12-07T08:36:52.000Z",
"description": "download location",
"pattern": "[url:value = 'http://artsonimage.com/b7d2pn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca24-e404-4d0b-82c7-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:52.000Z",
"modified": "2016-12-07T08:36:52.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'artsonimage.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca24-6168-4ff4-84e5-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:52.000Z",
"modified": "2016-12-07T08:36:52.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '184.107.101.211']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca25-3a58-44c2-8602-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:53.000Z",
"modified": "2016-12-07T08:36:53.000Z",
"description": "download location",
"pattern": "[url:value = 'http://elizabethwright.co.uk/ode8hifc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca25-4160-41ae-8a84-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:53.000Z",
"modified": "2016-12-07T08:36:53.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'elizabethwright.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca25-7a5c-4a2c-82d5-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:53.000Z",
"modified": "2016-12-07T08:36:53.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.23.152.24']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca25-e018-4f3d-a991-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:53.000Z",
"modified": "2016-12-07T08:36:53.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.veinteproducciones.com.ar/mcren']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca25-0c20-4870-a6e0-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:53.000Z",
"modified": "2016-12-07T08:36:53.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.veinteproducciones.com.ar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca26-b0ac-488d-8b80-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:54.000Z",
"modified": "2016-12-07T08:36:54.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '69.28.199.70']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca26-3bf8-48f9-884e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:54.000Z",
"modified": "2016-12-07T08:36:54.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.dahuahdcvi.com/4yjo2ewbam']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca26-e208-4f90-9654-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:54.000Z",
"modified": "2016-12-07T08:36:54.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.dahuahdcvi.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca26-f4e8-4ece-9d71-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:54.000Z",
"modified": "2016-12-07T08:36:54.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '203.146.127.213']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca27-1148-497c-baee-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:55.000Z",
"modified": "2016-12-07T08:36:55.000Z",
"description": "download location",
"pattern": "[url:value = 'http://rosispitaniya.com/x07nn']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca27-e880-4ded-8c74-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:55.000Z",
"modified": "2016-12-07T08:36:55.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'rosispitaniya.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca27-c790-404d-94aa-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:55.000Z",
"modified": "2016-12-07T08:36:55.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '93.95.102.221']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca27-9424-4c71-bd9e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:55.000Z",
"modified": "2016-12-07T08:36:55.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.seecomedia.com/qem1cmp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca27-eacc-416c-9c57-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:55.000Z",
"modified": "2016-12-07T08:36:55.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.seecomedia.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca28-1004-43a3-882c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:56.000Z",
"modified": "2016-12-07T08:36:56.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '114.112.91.91']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca28-4540-4a1e-b290-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:56.000Z",
"modified": "2016-12-07T08:36:56.000Z",
"description": "download location",
"pattern": "[url:value = 'http://rabussa.wz.cz/x08gte']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca28-6404-4324-b3f3-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:56.000Z",
"modified": "2016-12-07T08:36:56.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'rabussa.wz.cz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca29-da4c-4f1f-b657-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:57.000Z",
"modified": "2016-12-07T08:36:57.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.64.219.7']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca29-368c-4c03-98f3-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:57.000Z",
"modified": "2016-12-07T08:36:57.000Z",
"description": "download location",
"pattern": "[url:value = 'http://koresh.co.il/9uoctzb2vo']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca29-2a6c-4d9a-813f-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:57.000Z",
"modified": "2016-12-07T08:36:57.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'koresh.co.il']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca29-5e58-4a46-9aea-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:57.000Z",
"modified": "2016-12-07T08:36:57.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.218.71.217']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2a-19d0-45a5-aff4-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:58.000Z",
"modified": "2016-12-07T08:36:58.000Z",
"description": "download location",
"pattern": "[url:value = 'http://thedivafiles.com/29gce0ube']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2a-7540-47f6-a652-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:58.000Z",
"modified": "2016-12-07T08:36:58.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'thedivafiles.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2a-8118-4453-84a2-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:58.000Z",
"modified": "2016-12-07T08:36:58.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '64.251.29.233']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2a-2638-4cb2-a95a-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:58.000Z",
"modified": "2016-12-07T08:36:58.000Z",
"description": "download location",
"pattern": "[url:value = 'http://benefeet.org/a4ztilxpex']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2b-8360-4865-9f52-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:59.000Z",
"modified": "2016-12-07T08:36:59.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'benefeet.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2b-55fc-4afe-9859-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:59.000Z",
"modified": "2016-12-07T08:36:59.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '76.74.128.210']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2b-8478-4aae-99dc-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:59.000Z",
"modified": "2016-12-07T08:36:59.000Z",
"description": "download location",
"pattern": "[url:value = 'http://rhyzrin.com/ysacclh']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2b-460c-47e7-ac49-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:59.000Z",
"modified": "2016-12-07T08:36:59.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'rhyzrin.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2b-6208-4db3-bdce-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:36:59.000Z",
"modified": "2016-12-07T08:36:59.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.6.196.118']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:36:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2c-29b8-4e2a-8e90-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:00.000Z",
"modified": "2016-12-07T08:37:00.000Z",
"description": "download location",
"pattern": "[url:value = 'http://sieuthicuadep.com/jwqwt']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2c-7ebc-443d-828c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:00.000Z",
"modified": "2016-12-07T08:37:00.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'sieuthicuadep.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2c-776c-462c-a7c8-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:00.000Z",
"modified": "2016-12-07T08:37:00.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '103.28.36.203']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2c-f058-4aab-a9c0-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:00.000Z",
"modified": "2016-12-07T08:37:00.000Z",
"description": "download location",
"pattern": "[url:value = 'http://mirageaudiovisual.com/jflp9dkxsg']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2d-2ae0-48f4-9d40-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:01.000Z",
"modified": "2016-12-07T08:37:01.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'mirageaudiovisual.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2d-a7bc-4703-8920-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:01.000Z",
"modified": "2016-12-07T08:37:01.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '208.83.210.26']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2d-3e90-4c6d-97f5-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:01.000Z",
"modified": "2016-12-07T08:37:01.000Z",
"description": "download location",
"pattern": "[url:value = 'http://col-lab.com/m1p73uqdeb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2d-2e9c-419f-a60e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:01.000Z",
"modified": "2016-12-07T08:37:01.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'col-lab.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:01Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2e-3444-4943-9d5c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:02.000Z",
"modified": "2016-12-07T08:37:02.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '101.79.129.23']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2e-ddfc-4068-bd5c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:02.000Z",
"modified": "2016-12-07T08:37:02.000Z",
"description": "download location",
"pattern": "[url:value = 'http://naama-yeshayahu.com/twibpn8don']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2e-cd5c-4891-b210-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:02.000Z",
"modified": "2016-12-07T08:37:02.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'naama-yeshayahu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2e-e0f8-4a00-b800-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:02.000Z",
"modified": "2016-12-07T08:37:02.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '81.218.71.219']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2f-82e8-476d-86dd-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:03.000Z",
"modified": "2016-12-07T08:37:03.000Z",
"description": "download location",
"pattern": "[url:value = 'http://be-liveinu.com/gcc4vi0jyb']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2f-7304-49f9-ac0e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:03.000Z",
"modified": "2016-12-07T08:37:03.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'be-liveinu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2f-c84c-4be8-a97b-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:03.000Z",
"modified": "2016-12-07T08:37:03.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '23.229.246.135']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca2f-2c90-4560-aa62-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:03.000Z",
"modified": "2016-12-07T08:37:03.000Z",
"description": "download location",
"pattern": "[url:value = 'http://redecamponesa.com.br/bovofik']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:03Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca30-7b14-41b6-8344-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:04.000Z",
"modified": "2016-12-07T08:37:04.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'redecamponesa.com.br']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca30-b600-45b3-a573-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:04.000Z",
"modified": "2016-12-07T08:37:04.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '186.202.153.161']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca30-3224-4eab-9d1b-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:04.000Z",
"modified": "2016-12-07T08:37:04.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.smartkutu.com/eijjjici62']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca30-9f8c-4711-b656-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:04.000Z",
"modified": "2016-12-07T08:37:04.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.smartkutu.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:04Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca31-f518-4176-8cb3-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:05.000Z",
"modified": "2016-12-07T08:37:05.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '94.73.144.151']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca31-405c-4537-a30c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:05.000Z",
"modified": "2016-12-07T08:37:05.000Z",
"description": "download location",
"pattern": "[url:value = 'http://jachin.co.kr/n48wu8a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca31-7b80-4ab1-8765-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:05.000Z",
"modified": "2016-12-07T08:37:05.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'jachin.co.kr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:05Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca32-94f8-44f7-906b-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:06.000Z",
"modified": "2016-12-07T08:37:06.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '211.40.221.67']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca32-2028-4663-b881-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:06.000Z",
"modified": "2016-12-07T08:37:06.000Z",
"description": "download location",
"pattern": "[url:value = 'http://quentinconstruction.com/jcmprfrr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca32-2100-4dfd-803c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:06.000Z",
"modified": "2016-12-07T08:37:06.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'quentinconstruction.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca32-f3f4-4fed-856c-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:06.000Z",
"modified": "2016-12-07T08:37:06.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '216.9.9.93']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:06Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca33-0474-4897-9cea-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:07.000Z",
"modified": "2016-12-07T08:37:07.000Z",
"description": "download location",
"pattern": "[url:value = 'http://welte.pl/czdpf6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca33-5590-42f7-a6ff-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:07.000Z",
"modified": "2016-12-07T08:37:07.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'welte.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca33-fb98-4d25-9cb8-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:07.000Z",
"modified": "2016-12-07T08:37:07.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '79.96.68.245']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca33-7430-4aa3-a2b1-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:07.000Z",
"modified": "2016-12-07T08:37:07.000Z",
"description": "download location",
"pattern": "[url:value = 'http://roome.co.il/uc3bhhxwoa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca34-88cc-4ac0-9269-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:07.000Z",
"modified": "2016-12-07T08:37:07.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'roome.co.il']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:07Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca34-c024-4a0d-8386-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:08.000Z",
"modified": "2016-12-07T08:37:08.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '192.124.249.165']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca34-8330-4482-b4e9-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:08.000Z",
"modified": "2016-12-07T08:37:08.000Z",
"description": "download location",
"pattern": "[url:value = 'http://bjarnum.eu/pjj42gl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca34-7b70-4ea8-8e22-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:08.000Z",
"modified": "2016-12-07T08:37:08.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'bjarnum.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca34-8d5c-4b2e-accd-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:08.000Z",
"modified": "2016-12-07T08:37:08.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '194.9.95.75']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:08Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca35-2054-4c4f-84ab-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:09.000Z",
"modified": "2016-12-07T08:37:09.000Z",
"description": "download location",
"pattern": "[url:value = 'http://www.cvshopfactory.com/da9p4ja']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca35-bc90-4387-aace-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:09.000Z",
"modified": "2016-12-07T08:37:09.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'www.cvshopfactory.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca35-4ac0-400a-888f-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:09.000Z",
"modified": "2016-12-07T08:37:09.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '80.241.208.104']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca35-1d20-422c-9a83-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:09.000Z",
"modified": "2016-12-07T08:37:09.000Z",
"description": "download location",
"pattern": "[url:value = 'http://renklerle.com/vycrub']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca35-b740-4b90-9859-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:09.000Z",
"modified": "2016-12-07T08:37:09.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'renklerle.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:09Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca36-465c-454c-a0e9-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:10.000Z",
"modified": "2016-12-07T08:37:10.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '185.95.84.115']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca36-ae0c-46f8-a9e6-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:10.000Z",
"modified": "2016-12-07T08:37:10.000Z",
"description": "download location",
"pattern": "[url:value = 'http://chocogaterie.eu/lijxve8']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca36-42e4-420d-ae93-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:10.000Z",
"modified": "2016-12-07T08:37:10.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'chocogaterie.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca36-b498-43c2-a48e-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:10.000Z",
"modified": "2016-12-07T08:37:10.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '91.121.50.140']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:10Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca37-4d14-45a6-b006-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:11.000Z",
"modified": "2016-12-07T08:37:11.000Z",
"description": "download location",
"pattern": "[url:value = 'http://diariolatitud35.com.ar/edkij4anq']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca37-1588-43d0-beee-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:11.000Z",
"modified": "2016-12-07T08:37:11.000Z",
"description": "download location",
"pattern": "[domain-name:value = 'diariolatitud35.com.ar']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5847ca37-3d74-4dc4-aa92-d9c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2016-12-07T08:37:11.000Z",
"modified": "2016-12-07T08:37:11.000Z",
"description": "download location",
"pattern": "[network-traffic:dst_ref.type = 'ipv4-addr' AND network-traffic:dst_ref.value = '173.230.155.240']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2016-12-07T08:37:11Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}