misp-circl-feed/feeds/circl/misp/593a41df-b920-4f52-bbc3-4abd950d210f.json

2098 lines
No EOL
83 KiB
JSON

{
"type": "bundle",
"id": "bundle--593a41df-b920-4f52-bbc3-4abd950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:54:50.000Z",
"modified": "2017-06-09T06:54:50.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--593a41df-b920-4f52-bbc3-4abd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:54:50.000Z",
"modified": "2017-06-09T06:54:50.000Z",
"name": "M2M - Jaff 2017-06-06 : \"Order\" - \"MX-2310U_20170606_123456.pdf\"",
"published": "2017-06-09T06:55:56Z",
"object_refs": [
"indicator--593a41e0-b224-4faa-ba18-4728950d210f",
"indicator--593a41e0-6114-4fab-8a66-497e950d210f",
"indicator--593a41e1-8e34-4bc2-bcca-4898950d210f",
"indicator--593a41e1-3098-4ffb-bfdb-4f73950d210f",
"observed-data--593a41e2-7a04-4f4e-9a83-4159950d210f",
"network-traffic--593a41e2-7a04-4f4e-9a83-4159950d210f",
"ipv4-addr--593a41e2-7a04-4f4e-9a83-4159950d210f",
"indicator--593a41e3-57b8-4f06-a5ac-8bcc950d210f",
"indicator--593a41e3-465c-4126-a411-46f4950d210f",
"observed-data--593a41e4-9bf4-4fcf-95b3-488b950d210f",
"network-traffic--593a41e4-9bf4-4fcf-95b3-488b950d210f",
"ipv4-addr--593a41e4-9bf4-4fcf-95b3-488b950d210f",
"indicator--593a41e4-bed0-4bc2-86c3-46e6950d210f",
"indicator--593a41e5-2834-4b8a-86da-49ae950d210f",
"observed-data--593a41e5-e89c-4a73-9db8-4f3a950d210f",
"network-traffic--593a41e5-e89c-4a73-9db8-4f3a950d210f",
"ipv4-addr--593a41e5-e89c-4a73-9db8-4f3a950d210f",
"indicator--593a41e6-d35c-482f-8440-41d7950d210f",
"indicator--593a41e7-e7e8-47d9-8e10-4786950d210f",
"observed-data--593a41e7-d49c-423b-93b2-436b950d210f",
"network-traffic--593a41e7-d49c-423b-93b2-436b950d210f",
"ipv4-addr--593a41e7-d49c-423b-93b2-436b950d210f",
"indicator--593a41e8-bce8-40e9-9b9b-8a4b950d210f",
"indicator--593a41e8-2570-4ca0-b852-4e13950d210f",
"observed-data--593a41e9-530c-4229-9979-4f0f950d210f",
"network-traffic--593a41e9-530c-4229-9979-4f0f950d210f",
"ipv4-addr--593a41e9-530c-4229-9979-4f0f950d210f",
"indicator--593a41e9-d090-4123-b1d4-436b950d210f",
"indicator--593a41ea-aef4-4601-a3e8-4936950d210f",
"observed-data--593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"network-traffic--593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"ipv4-addr--593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"indicator--593a41eb-0288-4606-9f93-431b950d210f",
"indicator--593a41eb-f058-4ba7-b448-49f1950d210f",
"observed-data--593a41ec-9a2c-48ed-904e-46f4950d210f",
"network-traffic--593a41ec-9a2c-48ed-904e-46f4950d210f",
"ipv4-addr--593a41ec-9a2c-48ed-904e-46f4950d210f",
"indicator--593a41ed-b2e4-4e8b-a24b-4130950d210f",
"indicator--593a41ed-84b4-47ac-9a50-4d98950d210f",
"observed-data--593a41ee-4668-4308-bbcf-4f97950d210f",
"network-traffic--593a41ee-4668-4308-bbcf-4f97950d210f",
"ipv4-addr--593a41ee-4668-4308-bbcf-4f97950d210f",
"indicator--593a41ee-c7b0-4e71-8602-4b4a950d210f",
"indicator--593a41ef-7d54-4d56-a94e-43ef950d210f",
"observed-data--593a41ef-caac-4c80-a0aa-4728950d210f",
"network-traffic--593a41ef-caac-4c80-a0aa-4728950d210f",
"ipv4-addr--593a41ef-caac-4c80-a0aa-4728950d210f",
"indicator--593a41f0-da5c-4822-ac44-8a4b950d210f",
"indicator--593a41f0-a9d8-43a0-a526-46e6950d210f",
"observed-data--593a41f1-3920-4151-b6be-4bda950d210f",
"network-traffic--593a41f1-3920-4151-b6be-4bda950d210f",
"ipv4-addr--593a41f1-3920-4151-b6be-4bda950d210f",
"indicator--593a41f1-65a4-4eea-9dd8-4897950d210f",
"indicator--593a41f2-1814-4fcd-85ff-4902950d210f",
"observed-data--593a41f3-bc54-41c2-a784-4801950d210f",
"network-traffic--593a41f3-bc54-41c2-a784-4801950d210f",
"ipv4-addr--593a41f3-bc54-41c2-a784-4801950d210f",
"indicator--593a41f3-b658-47ec-af91-4728950d210f",
"indicator--593a41f4-84f0-40b7-b61f-8a4b950d210f",
"observed-data--593a41f4-99c0-4818-b93b-46e6950d210f",
"network-traffic--593a41f4-99c0-4818-b93b-46e6950d210f",
"ipv4-addr--593a41f4-99c0-4818-b93b-46e6950d210f",
"indicator--593a41f5-88b8-4206-94b7-4cb9950d210f",
"indicator--593a41f5-e5d4-4411-bdf2-8bcc950d210f",
"observed-data--593a41f6-2b74-449f-b5cb-46f4950d210f",
"network-traffic--593a41f6-2b74-449f-b5cb-46f4950d210f",
"ipv4-addr--593a41f6-2b74-449f-b5cb-46f4950d210f",
"indicator--593a41f7-cca8-465b-b501-45d6950d210f",
"indicator--593a41f7-03cc-49f3-9803-49b2950d210f",
"observed-data--593a41f8-91fc-41ff-b179-4c50950d210f",
"network-traffic--593a41f8-91fc-41ff-b179-4c50950d210f",
"ipv4-addr--593a41f8-91fc-41ff-b179-4c50950d210f",
"indicator--593a41f8-1f4c-4dc2-8cfa-45b9950d210f",
"indicator--593a41f9-44c4-4867-9586-8bcc950d210f",
"indicator--593a41fd-a310-48f6-ad1e-8bcc950d210f",
"indicator--593a41fe-32fc-4dd0-89c3-8a4b950d210f",
"observed-data--593a41fe-82e4-4500-a84d-4b3b950d210f",
"network-traffic--593a41fe-82e4-4500-a84d-4b3b950d210f",
"ipv4-addr--593a41fe-82e4-4500-a84d-4b3b950d210f",
"indicator--593a41ff-e3ac-460e-a28d-40c1950d210f",
"indicator--593a4200-03f4-4f0c-80e9-40f5950d210f",
"observed-data--593a4201-af84-4092-9bdb-4d80950d210f",
"network-traffic--593a4201-af84-4092-9bdb-4d80950d210f",
"ipv4-addr--593a4201-af84-4092-9bdb-4d80950d210f",
"indicator--593a4201-c300-4406-a2af-4728950d210f",
"indicator--593a4202-1d84-4de9-8ccc-4133950d210f",
"observed-data--593a4202-6a18-4cfb-b20f-46f4950d210f",
"network-traffic--593a4202-6a18-4cfb-b20f-46f4950d210f",
"ipv4-addr--593a4202-6a18-4cfb-b20f-46f4950d210f",
"indicator--593a4203-81bc-4008-b72c-4e80950d210f",
"indicator--593a4203-9ad4-4b5a-8f60-42f1950d210f",
"observed-data--593a4204-5334-48e9-a9ff-422a950d210f",
"network-traffic--593a4204-5334-48e9-a9ff-422a950d210f",
"ipv4-addr--593a4204-5334-48e9-a9ff-422a950d210f",
"indicator--593a4204-0918-4fcd-a404-4f24950d210f",
"indicator--593a4205-ef04-433f-9cc8-42c5950d210f",
"observed-data--593a4206-8cac-4b75-b731-4f3e950d210f",
"network-traffic--593a4206-8cac-4b75-b731-4f3e950d210f",
"ipv4-addr--593a4206-8cac-4b75-b731-4f3e950d210f",
"observed-data--593a4206-b69c-4f87-99df-418e950d210f",
"network-traffic--593a4206-b69c-4f87-99df-418e950d210f",
"ipv4-addr--593a4206-b69c-4f87-99df-418e950d210f",
"indicator--593a4206-88e8-47ba-8457-4218950d210f",
"indicator--593a4207-fa80-4507-bfc3-4007950d210f",
"observed-data--593a4207-efdc-4da7-898a-46f4950d210f",
"network-traffic--593a4207-efdc-4da7-898a-46f4950d210f",
"ipv4-addr--593a4207-efdc-4da7-898a-46f4950d210f",
"indicator--593a4208-2e20-4c1a-972e-4d9a950d210f",
"indicator--593a4208-db38-4951-a9cf-47b6950d210f",
"observed-data--593a4209-3180-4269-bc68-8bcc950d210f",
"network-traffic--593a4209-3180-4269-bc68-8bcc950d210f",
"ipv4-addr--593a4209-3180-4269-bc68-8bcc950d210f",
"indicator--593a420a-d21c-42ca-b992-8a4b950d210f",
"indicator--593a420a-e9a0-4cb6-bf22-45c8950d210f",
"observed-data--593a420b-7c7c-46a4-834d-4a3a950d210f",
"network-traffic--593a420b-7c7c-46a4-834d-4a3a950d210f",
"ipv4-addr--593a420b-7c7c-46a4-834d-4a3a950d210f",
"indicator--593a420b-b8ac-49a0-88cb-46e6950d210f",
"indicator--593a420c-72a0-44d7-8112-48f1950d210f"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Jaff\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e0-b224-4faa-ba18-4728950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:16.000Z",
"modified": "2017-06-09T06:36:16.000Z",
"pattern": "[file:hashes.MD5 = '76e150bceffaee4322fa70b2c48ced16']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e0-6114-4fab-8a66-497e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:16.000Z",
"modified": "2017-06-09T06:36:16.000Z",
"pattern": "[file:hashes.MD5 = '5ca3d8cf1cde038e762b535ec4e905fe']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:16Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e1-8e34-4bc2-bcca-4898950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:17.000Z",
"modified": "2017-06-09T06:36:17.000Z",
"pattern": "[url:value = 'http://10minutesto1.net/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e1-3098-4ffb-bfdb-4f73950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:17.000Z",
"modified": "2017-06-09T06:36:17.000Z",
"pattern": "[domain-name:value = '10minutesto1.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:17Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41e2-7a04-4f4e-9a83-4159950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:18.000Z",
"modified": "2017-06-09T06:36:18.000Z",
"first_observed": "2017-06-09T06:36:18Z",
"last_observed": "2017-06-09T06:36:18Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41e2-7a04-4f4e-9a83-4159950d210f",
"ipv4-addr--593a41e2-7a04-4f4e-9a83-4159950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41e2-7a04-4f4e-9a83-4159950d210f",
"dst_ref": "ipv4-addr--593a41e2-7a04-4f4e-9a83-4159950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41e2-7a04-4f4e-9a83-4159950d210f",
"value": "104.219.248.47"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e3-57b8-4f06-a5ac-8bcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:19.000Z",
"modified": "2017-06-09T06:36:19.000Z",
"pattern": "[url:value = 'http://cafe-bg.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e3-465c-4126-a411-46f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:19.000Z",
"modified": "2017-06-09T06:36:19.000Z",
"pattern": "[domain-name:value = 'cafe-bg.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:19Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41e4-9bf4-4fcf-95b3-488b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:20.000Z",
"modified": "2017-06-09T06:36:20.000Z",
"first_observed": "2017-06-09T06:36:20Z",
"last_observed": "2017-06-09T06:36:20Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41e4-9bf4-4fcf-95b3-488b950d210f",
"ipv4-addr--593a41e4-9bf4-4fcf-95b3-488b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41e4-9bf4-4fcf-95b3-488b950d210f",
"dst_ref": "ipv4-addr--593a41e4-9bf4-4fcf-95b3-488b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41e4-9bf4-4fcf-95b3-488b950d210f",
"value": "193.68.112.65"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e4-bed0-4bc2-86c3-46e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:20.000Z",
"modified": "2017-06-09T06:36:20.000Z",
"pattern": "[url:value = 'http://cifroshop.net/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:20Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e5-2834-4b8a-86da-49ae950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:21.000Z",
"modified": "2017-06-09T06:36:21.000Z",
"pattern": "[domain-name:value = 'cifroshop.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:21Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41e5-e89c-4a73-9db8-4f3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:21.000Z",
"modified": "2017-06-09T06:36:21.000Z",
"first_observed": "2017-06-09T06:36:21Z",
"last_observed": "2017-06-09T06:36:21Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41e5-e89c-4a73-9db8-4f3a950d210f",
"ipv4-addr--593a41e5-e89c-4a73-9db8-4f3a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41e5-e89c-4a73-9db8-4f3a950d210f",
"dst_ref": "ipv4-addr--593a41e5-e89c-4a73-9db8-4f3a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41e5-e89c-4a73-9db8-4f3a950d210f",
"value": "62.113.208.201"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e6-d35c-482f-8440-41d7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:22.000Z",
"modified": "2017-06-09T06:36:22.000Z",
"pattern": "[url:value = 'http://community-gaming.de/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:22Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e7-e7e8-47d9-8e10-4786950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:23.000Z",
"modified": "2017-06-09T06:36:23.000Z",
"pattern": "[domain-name:value = 'community-gaming.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:23Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41e7-d49c-423b-93b2-436b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:23.000Z",
"modified": "2017-06-09T06:36:23.000Z",
"first_observed": "2017-06-09T06:36:23Z",
"last_observed": "2017-06-09T06:36:23Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41e7-d49c-423b-93b2-436b950d210f",
"ipv4-addr--593a41e7-d49c-423b-93b2-436b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41e7-d49c-423b-93b2-436b950d210f",
"dst_ref": "ipv4-addr--593a41e7-d49c-423b-93b2-436b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41e7-d49c-423b-93b2-436b950d210f",
"value": "93.90.178.67"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e8-bce8-40e9-9b9b-8a4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:24.000Z",
"modified": "2017-06-09T06:36:24.000Z",
"pattern": "[url:value = 'http://cor-huizer.nl/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e8-2570-4ca0-b852-4e13950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:24.000Z",
"modified": "2017-06-09T06:36:24.000Z",
"pattern": "[domain-name:value = 'cor-huizer.nl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:24Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41e9-530c-4229-9979-4f0f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:25.000Z",
"modified": "2017-06-09T06:36:25.000Z",
"first_observed": "2017-06-09T06:36:25Z",
"last_observed": "2017-06-09T06:36:25Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41e9-530c-4229-9979-4f0f950d210f",
"ipv4-addr--593a41e9-530c-4229-9979-4f0f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41e9-530c-4229-9979-4f0f950d210f",
"dst_ref": "ipv4-addr--593a41e9-530c-4229-9979-4f0f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41e9-530c-4229-9979-4f0f950d210f",
"value": "87.239.14.40"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41e9-d090-4123-b1d4-436b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:25.000Z",
"modified": "2017-06-09T06:36:25.000Z",
"pattern": "[url:value = 'http://essentialnulidtro.com/af/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41ea-aef4-4601-a3e8-4936950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:26.000Z",
"modified": "2017-06-09T06:36:26.000Z",
"pattern": "[domain-name:value = 'essentialnulidtro.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:26.000Z",
"modified": "2017-06-09T06:36:26.000Z",
"first_observed": "2017-06-09T06:36:26Z",
"last_observed": "2017-06-09T06:36:26Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"ipv4-addr--593a41ea-fc9c-475b-a4b6-4e7d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"dst_ref": "ipv4-addr--593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41ea-fc9c-475b-a4b6-4e7d950d210f",
"value": "119.28.85.128"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41eb-0288-4606-9f93-431b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:27.000Z",
"modified": "2017-06-09T06:36:27.000Z",
"pattern": "[url:value = 'http://lcpinternational.fr/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41eb-f058-4ba7-b448-49f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:27.000Z",
"modified": "2017-06-09T06:36:27.000Z",
"pattern": "[domain-name:value = 'lcpinternational.fr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41ec-9a2c-48ed-904e-46f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:28.000Z",
"modified": "2017-06-09T06:36:28.000Z",
"first_observed": "2017-06-09T06:36:28Z",
"last_observed": "2017-06-09T06:36:28Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41ec-9a2c-48ed-904e-46f4950d210f",
"ipv4-addr--593a41ec-9a2c-48ed-904e-46f4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41ec-9a2c-48ed-904e-46f4950d210f",
"dst_ref": "ipv4-addr--593a41ec-9a2c-48ed-904e-46f4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41ec-9a2c-48ed-904e-46f4950d210f",
"value": "81.88.48.95"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41ed-b2e4-4e8b-a24b-4130950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:29.000Z",
"modified": "2017-06-09T06:36:29.000Z",
"pattern": "[url:value = 'http://luxurious-ss.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41ed-84b4-47ac-9a50-4d98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:29.000Z",
"modified": "2017-06-09T06:36:29.000Z",
"pattern": "[domain-name:value = 'luxurious-ss.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:29Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41ee-4668-4308-bbcf-4f97950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:30.000Z",
"modified": "2017-06-09T06:36:30.000Z",
"first_observed": "2017-06-09T06:36:30Z",
"last_observed": "2017-06-09T06:36:30Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41ee-4668-4308-bbcf-4f97950d210f",
"ipv4-addr--593a41ee-4668-4308-bbcf-4f97950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41ee-4668-4308-bbcf-4f97950d210f",
"dst_ref": "ipv4-addr--593a41ee-4668-4308-bbcf-4f97950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41ee-4668-4308-bbcf-4f97950d210f",
"value": "107.180.4.132"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41ee-c7b0-4e71-8602-4b4a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:30.000Z",
"modified": "2017-06-09T06:36:30.000Z",
"pattern": "[url:value = 'http://makh.ch/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:30Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41ef-7d54-4d56-a94e-43ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:31.000Z",
"modified": "2017-06-09T06:36:31.000Z",
"pattern": "[domain-name:value = 'makh.ch']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:31Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41ef-caac-4c80-a0aa-4728950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:31.000Z",
"modified": "2017-06-09T06:36:31.000Z",
"first_observed": "2017-06-09T06:36:31Z",
"last_observed": "2017-06-09T06:36:31Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41ef-caac-4c80-a0aa-4728950d210f",
"ipv4-addr--593a41ef-caac-4c80-a0aa-4728950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41ef-caac-4c80-a0aa-4728950d210f",
"dst_ref": "ipv4-addr--593a41ef-caac-4c80-a0aa-4728950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41ef-caac-4c80-a0aa-4728950d210f",
"value": "149.126.4.78"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f0-da5c-4822-ac44-8a4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:32.000Z",
"modified": "2017-06-09T06:36:32.000Z",
"pattern": "[url:value = 'http://marcelrahner.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f0-a9d8-43a0-a526-46e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:32.000Z",
"modified": "2017-06-09T06:36:32.000Z",
"pattern": "[domain-name:value = 'marcelrahner.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:32Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41f1-3920-4151-b6be-4bda950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:33.000Z",
"modified": "2017-06-09T06:36:33.000Z",
"first_observed": "2017-06-09T06:36:33Z",
"last_observed": "2017-06-09T06:36:33Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41f1-3920-4151-b6be-4bda950d210f",
"ipv4-addr--593a41f1-3920-4151-b6be-4bda950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41f1-3920-4151-b6be-4bda950d210f",
"dst_ref": "ipv4-addr--593a41f1-3920-4151-b6be-4bda950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41f1-3920-4151-b6be-4bda950d210f",
"value": "195.178.14.13"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f1-65a4-4eea-9dd8-4897950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:33.000Z",
"modified": "2017-06-09T06:36:33.000Z",
"pattern": "[url:value = 'http://mciverpei.ca/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:33Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f2-1814-4fcd-85ff-4902950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:34.000Z",
"modified": "2017-06-09T06:36:34.000Z",
"pattern": "[domain-name:value = 'mciverpei.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:34Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41f3-bc54-41c2-a784-4801950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:35.000Z",
"modified": "2017-06-09T06:36:35.000Z",
"first_observed": "2017-06-09T06:36:35Z",
"last_observed": "2017-06-09T06:36:35Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41f3-bc54-41c2-a784-4801950d210f",
"ipv4-addr--593a41f3-bc54-41c2-a784-4801950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41f3-bc54-41c2-a784-4801950d210f",
"dst_ref": "ipv4-addr--593a41f3-bc54-41c2-a784-4801950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41f3-bc54-41c2-a784-4801950d210f",
"value": "69.90.161.10"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f3-b658-47ec-af91-4728950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:35.000Z",
"modified": "2017-06-09T06:36:35.000Z",
"pattern": "[url:value = 'http://mitservices.net/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:35Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f4-84f0-40b7-b61f-8a4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:36.000Z",
"modified": "2017-06-09T06:36:36.000Z",
"pattern": "[domain-name:value = 'mitservices.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:36Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41f4-99c0-4818-b93b-46e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:36.000Z",
"modified": "2017-06-09T06:36:36.000Z",
"first_observed": "2017-06-09T06:36:36Z",
"last_observed": "2017-06-09T06:36:36Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41f4-99c0-4818-b93b-46e6950d210f",
"ipv4-addr--593a41f4-99c0-4818-b93b-46e6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41f4-99c0-4818-b93b-46e6950d210f",
"dst_ref": "ipv4-addr--593a41f4-99c0-4818-b93b-46e6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41f4-99c0-4818-b93b-46e6950d210f",
"value": "208.91.198.19"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f5-88b8-4206-94b7-4cb9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:37.000Z",
"modified": "2017-06-09T06:36:37.000Z",
"pattern": "[url:value = 'http://myinti.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f5-e5d4-4411-bdf2-8bcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:37.000Z",
"modified": "2017-06-09T06:36:37.000Z",
"pattern": "[domain-name:value = 'myinti.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:37Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41f6-2b74-449f-b5cb-46f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:38.000Z",
"modified": "2017-06-09T06:36:38.000Z",
"first_observed": "2017-06-09T06:36:38Z",
"last_observed": "2017-06-09T06:36:38Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41f6-2b74-449f-b5cb-46f4950d210f",
"ipv4-addr--593a41f6-2b74-449f-b5cb-46f4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41f6-2b74-449f-b5cb-46f4950d210f",
"dst_ref": "ipv4-addr--593a41f6-2b74-449f-b5cb-46f4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41f6-2b74-449f-b5cb-46f4950d210f",
"value": "103.26.99.147"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f7-cca8-465b-b501-45d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:39.000Z",
"modified": "2017-06-09T06:36:39.000Z",
"pattern": "[url:value = 'http://mymobimarketing.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f7-03cc-49f3-9803-49b2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:39.000Z",
"modified": "2017-06-09T06:36:39.000Z",
"pattern": "[domain-name:value = 'mymobimarketing.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:39Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41f8-91fc-41ff-b179-4c50950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:40.000Z",
"modified": "2017-06-09T06:36:40.000Z",
"first_observed": "2017-06-09T06:36:40Z",
"last_observed": "2017-06-09T06:36:40Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41f8-91fc-41ff-b179-4c50950d210f",
"ipv4-addr--593a41f8-91fc-41ff-b179-4c50950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41f8-91fc-41ff-b179-4c50950d210f",
"dst_ref": "ipv4-addr--593a41f8-91fc-41ff-b179-4c50950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41f8-91fc-41ff-b179-4c50950d210f",
"value": "184.154.159.194"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f8-1f4c-4dc2-8cfa-45b9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:40.000Z",
"modified": "2017-06-09T06:36:40.000Z",
"pattern": "[url:value = 'http://oneby1.jp/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:40Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41f9-44c4-4867-9586-8bcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:41.000Z",
"modified": "2017-06-09T06:36:41.000Z",
"pattern": "[domain-name:value = 'oneby1.jp']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:41Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41fd-a310-48f6-ad1e-8bcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:45.000Z",
"modified": "2017-06-09T06:36:45.000Z",
"pattern": "[url:value = 'http://rhiannonwrites.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:45Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41fe-32fc-4dd0-89c3-8a4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:46.000Z",
"modified": "2017-06-09T06:36:46.000Z",
"pattern": "[domain-name:value = 'rhiannonwrites.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:46Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a41fe-82e4-4500-a84d-4b3b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:46.000Z",
"modified": "2017-06-09T06:36:46.000Z",
"first_observed": "2017-06-09T06:36:46Z",
"last_observed": "2017-06-09T06:36:46Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a41fe-82e4-4500-a84d-4b3b950d210f",
"ipv4-addr--593a41fe-82e4-4500-a84d-4b3b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a41fe-82e4-4500-a84d-4b3b950d210f",
"dst_ref": "ipv4-addr--593a41fe-82e4-4500-a84d-4b3b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a41fe-82e4-4500-a84d-4b3b950d210f",
"value": "192.124.249.5"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a41ff-e3ac-460e-a28d-40c1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:47.000Z",
"modified": "2017-06-09T06:36:47.000Z",
"pattern": "[url:value = 'http://sdmqgg.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:47Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4200-03f4-4f0c-80e9-40f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:48.000Z",
"modified": "2017-06-09T06:36:48.000Z",
"pattern": "[domain-name:value = 'sdmqgg.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:48Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a4201-af84-4092-9bdb-4d80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:49.000Z",
"modified": "2017-06-09T06:36:49.000Z",
"first_observed": "2017-06-09T06:36:49Z",
"last_observed": "2017-06-09T06:36:49Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a4201-af84-4092-9bdb-4d80950d210f",
"ipv4-addr--593a4201-af84-4092-9bdb-4d80950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a4201-af84-4092-9bdb-4d80950d210f",
"dst_ref": "ipv4-addr--593a4201-af84-4092-9bdb-4d80950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a4201-af84-4092-9bdb-4d80950d210f",
"value": "120.76.113.75"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4201-c300-4406-a2af-4728950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:49.000Z",
"modified": "2017-06-09T06:36:49.000Z",
"pattern": "[url:value = 'http://sextoygay.be/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:49Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4202-1d84-4de9-8ccc-4133950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:50.000Z",
"modified": "2017-06-09T06:36:50.000Z",
"pattern": "[domain-name:value = 'sextoygay.be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:50Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a4202-6a18-4cfb-b20f-46f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:50.000Z",
"modified": "2017-06-09T06:36:50.000Z",
"first_observed": "2017-06-09T06:36:50Z",
"last_observed": "2017-06-09T06:36:50Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a4202-6a18-4cfb-b20f-46f4950d210f",
"ipv4-addr--593a4202-6a18-4cfb-b20f-46f4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a4202-6a18-4cfb-b20f-46f4950d210f",
"dst_ref": "ipv4-addr--593a4202-6a18-4cfb-b20f-46f4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a4202-6a18-4cfb-b20f-46f4950d210f",
"value": "178.237.37.39"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4203-81bc-4008-b72c-4e80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:51.000Z",
"modified": "2017-06-09T06:36:51.000Z",
"pattern": "[url:value = 'http://siddhashrampatrika.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4203-9ad4-4b5a-8f60-42f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:51.000Z",
"modified": "2017-06-09T06:36:51.000Z",
"pattern": "[domain-name:value = 'siddhashrampatrika.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:51Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a4204-5334-48e9-a9ff-422a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:52.000Z",
"modified": "2017-06-09T06:36:52.000Z",
"first_observed": "2017-06-09T06:36:52Z",
"last_observed": "2017-06-09T06:36:52Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a4204-5334-48e9-a9ff-422a950d210f",
"ipv4-addr--593a4204-5334-48e9-a9ff-422a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a4204-5334-48e9-a9ff-422a950d210f",
"dst_ref": "ipv4-addr--593a4204-5334-48e9-a9ff-422a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a4204-5334-48e9-a9ff-422a950d210f",
"value": "103.53.43.45"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4204-0918-4fcd-a404-4f24950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:52.000Z",
"modified": "2017-06-09T06:36:52.000Z",
"pattern": "[url:value = 'http://stlawyers.ca/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:52Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4205-ef04-433f-9cc8-42c5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:53.000Z",
"modified": "2017-06-09T06:36:53.000Z",
"pattern": "[domain-name:value = 'stlawyers.ca']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:53Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a4206-8cac-4b75-b731-4f3e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:54.000Z",
"modified": "2017-06-09T06:36:54.000Z",
"first_observed": "2017-06-09T06:36:54Z",
"last_observed": "2017-06-09T06:36:54Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a4206-8cac-4b75-b731-4f3e950d210f",
"ipv4-addr--593a4206-8cac-4b75-b731-4f3e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a4206-8cac-4b75-b731-4f3e950d210f",
"dst_ref": "ipv4-addr--593a4206-8cac-4b75-b731-4f3e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a4206-8cac-4b75-b731-4f3e950d210f",
"value": "107.154.105.172"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a4206-b69c-4f87-99df-418e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:54.000Z",
"modified": "2017-06-09T06:36:54.000Z",
"first_observed": "2017-06-09T06:36:54Z",
"last_observed": "2017-06-09T06:36:54Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a4206-b69c-4f87-99df-418e950d210f",
"ipv4-addr--593a4206-b69c-4f87-99df-418e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a4206-b69c-4f87-99df-418e950d210f",
"dst_ref": "ipv4-addr--593a4206-b69c-4f87-99df-418e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a4206-b69c-4f87-99df-418e950d210f",
"value": "107.154.106.172"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4206-88e8-47ba-8457-4218950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:54.000Z",
"modified": "2017-06-09T06:36:54.000Z",
"pattern": "[url:value = 'http://studyonazar.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:54Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4207-fa80-4507-bfc3-4007950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:55.000Z",
"modified": "2017-06-09T06:36:55.000Z",
"pattern": "[domain-name:value = 'studyonazar.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:55Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a4207-efdc-4da7-898a-46f4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:55.000Z",
"modified": "2017-06-09T06:36:55.000Z",
"first_observed": "2017-06-09T06:36:55Z",
"last_observed": "2017-06-09T06:36:55Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a4207-efdc-4da7-898a-46f4950d210f",
"ipv4-addr--593a4207-efdc-4da7-898a-46f4950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a4207-efdc-4da7-898a-46f4950d210f",
"dst_ref": "ipv4-addr--593a4207-efdc-4da7-898a-46f4950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a4207-efdc-4da7-898a-46f4950d210f",
"value": "94.102.7.15"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4208-2e20-4c1a-972e-4d9a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:56.000Z",
"modified": "2017-06-09T06:36:56.000Z",
"pattern": "[url:value = 'http://supplementsandfitness.com/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a4208-db38-4951-a9cf-47b6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:56.000Z",
"modified": "2017-06-09T06:36:56.000Z",
"pattern": "[domain-name:value = 'supplementsandfitness.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:56Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a4209-3180-4269-bc68-8bcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:57.000Z",
"modified": "2017-06-09T06:36:57.000Z",
"first_observed": "2017-06-09T06:36:57Z",
"last_observed": "2017-06-09T06:36:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a4209-3180-4269-bc68-8bcc950d210f",
"ipv4-addr--593a4209-3180-4269-bc68-8bcc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a4209-3180-4269-bc68-8bcc950d210f",
"dst_ref": "ipv4-addr--593a4209-3180-4269-bc68-8bcc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a4209-3180-4269-bc68-8bcc950d210f",
"value": "103.211.216.130"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a420a-d21c-42ca-b992-8a4b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:58.000Z",
"modified": "2017-06-09T06:36:58.000Z",
"pattern": "[url:value = 'http://zechsal.pl/jt7677g6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a420a-e9a0-4cb6-bf22-45c8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:58.000Z",
"modified": "2017-06-09T06:36:58.000Z",
"pattern": "[domain-name:value = 'zechsal.pl']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--593a420b-7c7c-46a4-834d-4a3a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:59.000Z",
"modified": "2017-06-09T06:36:59.000Z",
"first_observed": "2017-06-09T06:36:59Z",
"last_observed": "2017-06-09T06:36:59Z",
"number_observed": 1,
"object_refs": [
"network-traffic--593a420b-7c7c-46a4-834d-4a3a950d210f",
"ipv4-addr--593a420b-7c7c-46a4-834d-4a3a950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--593a420b-7c7c-46a4-834d-4a3a950d210f",
"dst_ref": "ipv4-addr--593a420b-7c7c-46a4-834d-4a3a950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--593a420b-7c7c-46a4-834d-4a3a950d210f",
"value": "193.70.95.56"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a420b-b8ac-49a0-88cb-46e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:36:59.000Z",
"modified": "2017-06-09T06:36:59.000Z",
"pattern": "[url:value = 'http://whoisfoxxrobiouy.net/a5/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:36:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--593a420c-72a0-44d7-8112-48f1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-09T06:37:00.000Z",
"modified": "2017-06-09T06:37:00.000Z",
"pattern": "[domain-name:value = 'whoisfoxxrobiouy.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-09T06:37:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}