misp-circl-feed/feeds/circl/misp/55355951-0354-4d8a-8148-1bf9950d210b.json

915 lines
No EOL
36 KiB
JSON

{
"type": "bundle",
"id": "bundle--55355951-0354-4d8a-8148-1bf9950d210b",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2017-06-22T20:24:39.000Z",
"modified": "2017-06-22T20:24:39.000Z",
"name": "CthulhuSPRL.be",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--55355951-0354-4d8a-8148-1bf9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2017-06-22T20:24:39.000Z",
"modified": "2017-06-22T20:24:39.000Z",
"name": "OSINT The Sofacy plot thickens by PwC",
"published": "2017-06-22T20:26:14Z",
"object_refs": [
"observed-data--5535596a-ad38-49dd-8ee3-470a950d210b",
"url--5535596a-ad38-49dd-8ee3-470a950d210b",
"observed-data--5535596a-b970-4b6d-906a-429f950d210b",
"url--5535596a-b970-4b6d-906a-429f950d210b",
"x-misp-attribute--5535597a-8fc8-4e9f-a990-95bb950d210b",
"x-misp-attribute--5535597a-0d70-4c4f-b300-95bb950d210b",
"x-misp-attribute--5535597a-3fe0-4cb3-94ba-95bb950d210b",
"indicator--553559ad-b664-40c6-b5b2-411e950d210b",
"indicator--553559ad-e74c-4b25-8f15-47fd950d210b",
"indicator--553559ad-39e8-4ff5-a962-4915950d210b",
"indicator--553559ad-0f44-4d29-8730-4ba3950d210b",
"indicator--553559ad-6b58-4add-9404-45ae950d210b",
"indicator--553559ad-3250-41cf-9e91-41e3950d210b",
"indicator--553559ad-5a30-420f-8ab2-4690950d210b",
"indicator--553559ae-a054-4826-a9a5-4c2d950d210b",
"indicator--553559ae-e928-4930-9a31-41aa950d210b",
"indicator--553559ae-2e84-461e-811e-4ac5950d210b",
"indicator--553559ae-1340-46c7-9f90-4f53950d210b",
"indicator--553559ae-2198-405e-949f-43e9950d210b",
"indicator--553559ae-120c-46a9-bca1-42e3950d210b",
"indicator--553559ae-dd68-462e-b9f6-4e8f950d210b",
"indicator--553559ae-e834-4ab1-ae31-4102950d210b",
"indicator--553559ae-dfa0-4d16-85fa-4aea950d210b",
"indicator--553559af-29e8-4256-a07d-4444950d210b",
"indicator--553559af-c1b8-4589-ad23-41e4950d210b",
"indicator--553559af-0178-466c-b7d6-4bda950d210b",
"indicator--553559af-c894-4e3d-a609-4db6950d210b",
"indicator--553559af-d82c-4b09-9db4-450d950d210b",
"indicator--553559af-a39c-4c80-b33c-4d12950d210b",
"indicator--553559af-943c-47fa-ab66-4e90950d210b",
"indicator--553559af-6a60-495f-a53a-4555950d210b",
"indicator--553559af-2c68-45e3-8103-4173950d210b",
"indicator--553559b0-af44-4289-b549-4427950d210b",
"indicator--553559b0-7c90-4822-a2e3-46cb950d210b",
"indicator--553559b0-8848-41b2-aab1-4f82950d210b",
"indicator--553559b0-bdcc-4295-a93c-427b950d210b",
"indicator--553559b0-fd58-4754-b02a-46d3950d210b",
"indicator--553559b0-fbc0-4d32-ab05-4617950d210b",
"indicator--553559b0-e838-4a20-be30-4bf3950d210b"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"type:OSINT",
"misp-galaxy:threat-actor=\"Sofacy\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5535596a-ad38-49dd-8ee3-470a950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:54:18.000Z",
"modified": "2015-04-20T19:54:18.000Z",
"first_observed": "2015-04-20T19:54:18Z",
"last_observed": "2015-04-20T19:54:18Z",
"number_observed": 1,
"object_refs": [
"url--5535596a-ad38-49dd-8ee3-470a950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5535596a-ad38-49dd-8ee3-470a950d210b",
"value": "http://pwc.blogs.com/cyber_security_updates/2015/04/the-sofacy-plot-thickens.html"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5535596a-b970-4b6d-906a-429f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:54:18.000Z",
"modified": "2015-04-20T19:54:18.000Z",
"first_observed": "2015-04-20T19:54:18Z",
"last_observed": "2015-04-20T19:54:18Z",
"number_observed": 1,
"object_refs": [
"url--5535596a-b970-4b6d-906a-429f950d210b"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5535596a-b970-4b6d-906a-429f950d210b",
"value": "http://pwc.blogs.com/files/cto-tib-20150420-01a.pdf"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5535597a-8fc8-4e9f-a990-95bb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:54:34.000Z",
"modified": "2015-04-20T19:54:34.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Sofacy"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5535597a-0d70-4c4f-b300-95bb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:54:34.000Z",
"modified": "2015-04-20T19:54:34.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "APT28"
},
{
"type": "x-misp-attribute",
"spec_version": "2.1",
"id": "x-misp-attribute--5535597a-3fe0-4cb3-94ba-95bb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:54:34.000Z",
"modified": "2015-04-20T19:54:34.000Z",
"labels": [
"misp:type=\"text\"",
"misp:category=\"External analysis\""
],
"x_misp_category": "External analysis",
"x_misp_type": "text",
"x_misp_value": "Sednit"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ad-b664-40c6-b5b2-411e950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:25.000Z",
"modified": "2015-04-20T19:55:25.000Z",
"pattern": "[domain-name:value = 'defencereview.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ad-e74c-4b25-8f15-47fd950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:25.000Z",
"modified": "2015-04-20T19:55:25.000Z",
"pattern": "[domain-name:value = 'brnlv-gv.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ad-39e8-4ff5-a962-4915950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:25.000Z",
"modified": "2015-04-20T19:55:25.000Z",
"pattern": "[domain-name:value = 'militaryobserver.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ad-0f44-4d29-8730-4ba3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:25.000Z",
"modified": "2015-04-20T19:55:25.000Z",
"pattern": "[domain-name:value = 'netassistcache.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ad-6b58-4add-9404-45ae950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:25.000Z",
"modified": "2015-04-20T19:55:25.000Z",
"pattern": "[domain-name:value = 'asus-service.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ad-3250-41cf-9e91-41e3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:25.000Z",
"modified": "2015-04-20T19:55:25.000Z",
"pattern": "[domain-name:value = 'aolnets.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ad-5a30-420f-8ab2-4690950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:25.000Z",
"modified": "2015-04-20T19:55:25.000Z",
"pattern": "[domain-name:value = 'natopress.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:25Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-a054-4826-a9a5-4c2d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'natopress.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-e928-4930-9a31-41aa950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'defencereview.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-2e84-461e-811e-4ac5950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'intelsupport.net']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-1340-46c7-9f90-4f53950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'globalnewsweekly.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-2198-405e-949f-43e9950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'osce-oscc.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-120c-46a9-bca1-42e3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'enisa-europa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-dd68-462e-b9f6-4e8f950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'enisa-europa.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-e834-4ab1-ae31-4102950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'techcruncln.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559ae-dfa0-4d16-85fa-4aea950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:26.000Z",
"modified": "2015-04-20T19:55:26.000Z",
"pattern": "[domain-name:value = 'nato-hq.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:26Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-29e8-4256-a07d-4444950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'iacr-tcc.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-c1b8-4589-ad23-41e4950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'nato-int.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-0178-466c-b7d6-4bda950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'nato-info.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-c894-4e3d-a609-4db6950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'bmlv-gv.eu']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-d82c-4b09-9db4-450d950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'foreignreview.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-a39c-4c80-b33c-4d12950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'mediarea.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-943c-47fa-ab66-4e90950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'osce-military.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-6a60-495f-a53a-4555950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'europeanda.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559af-2c68-45e3-8103-4173950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:27.000Z",
"modified": "2015-04-20T19:55:27.000Z",
"pattern": "[domain-name:value = 'softupdates.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:27Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559b0-af44-4289-b549-4427950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:28.000Z",
"modified": "2015-04-20T19:55:28.000Z",
"pattern": "[domain-name:value = 'settings-yahoo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559b0-7c90-4822-a2e3-46cb950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:28.000Z",
"modified": "2015-04-20T19:55:28.000Z",
"pattern": "[domain-name:value = 'settings-live.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559b0-8848-41b2-aab1-4f82950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:28.000Z",
"modified": "2015-04-20T19:55:28.000Z",
"pattern": "[domain-name:value = 'delivery-yahoo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559b0-bdcc-4295-a93c-427b950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:28.000Z",
"modified": "2015-04-20T19:55:28.000Z",
"pattern": "[domain-name:value = 'privacy-yahoo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559b0-fd58-4754-b02a-46d3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:28.000Z",
"modified": "2015-04-20T19:55:28.000Z",
"pattern": "[domain-name:value = 'privacy-live.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559b0-fbc0-4d32-ab05-4617950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:55:28.000Z",
"modified": "2015-04-20T19:55:28.000Z",
"pattern": "[domain-name:value = 'westinqhousenuclear.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:55:28Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"domain\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--553559b0-e838-4a20-be30-4bf3950d210b",
"created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
"created": "2015-04-20T19:56:00.000Z",
"modified": "2015-04-20T19:56:00.000Z",
"pattern": "[domain-name:value = 'webmail.westinqhousenuclear.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2015-04-20T19:56:00Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}