13807 lines
No EOL
578 KiB
JSON
13807 lines
No EOL
578 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--5acdb4d0-b534-4713-9612-4a1d950d210f",
|
|
"objects": [
|
|
{
|
|
"type": "identity",
|
|
"spec_version": "2.1",
|
|
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-16T07:53:56.000Z",
|
|
"modified": "2018-04-16T07:53:56.000Z",
|
|
"name": "CIRCL",
|
|
"identity_class": "organization"
|
|
},
|
|
{
|
|
"type": "report",
|
|
"spec_version": "2.1",
|
|
"id": "report--5acdb4d0-b534-4713-9612-4a1d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-16T07:53:56.000Z",
|
|
"modified": "2018-04-16T07:53:56.000Z",
|
|
"name": "OSINT - Forgot About Default Accounts? No Worries, GoScanSSH Didn\u00e2\u20ac\u2122t",
|
|
"published": "2018-04-16T07:54:52Z",
|
|
"object_refs": [
|
|
"observed-data--5acdb52b-c658-4f45-b74b-4f82950d210f",
|
|
"url--5acdb52b-c658-4f45-b74b-4f82950d210f",
|
|
"observed-data--5acdb52b-44a0-49ef-8dd8-486b950d210f",
|
|
"url--5acdb52b-44a0-49ef-8dd8-486b950d210f",
|
|
"x-misp-attribute--5acdb559-0430-41bf-bb5f-418f950d210f",
|
|
"indicator--5acdb5b3-efe4-49c9-b1b2-460b950d210f",
|
|
"indicator--5acdb5b3-0f94-4dd3-8d2d-49cc950d210f",
|
|
"indicator--5acdb5b4-c5ec-4554-aa80-41da950d210f",
|
|
"indicator--5acdb5b4-f19c-412b-b5dc-4a58950d210f",
|
|
"indicator--5acdb5b5-18a8-4cdd-990e-44e6950d210f",
|
|
"indicator--5acdb5b5-7430-4703-9127-469d950d210f",
|
|
"indicator--5acdb64e-53b8-4225-b81f-4f9e950d210f",
|
|
"indicator--5acdb64f-b970-4223-a088-40c3950d210f",
|
|
"indicator--5acdb64f-80a4-4c9b-a060-492e950d210f",
|
|
"indicator--5acdb650-da90-4f02-acb6-4391950d210f",
|
|
"indicator--5acdb650-b340-4b8f-a656-4fd4950d210f",
|
|
"indicator--5acdb651-62ec-43f5-9792-49d1950d210f",
|
|
"indicator--5acdb651-ba20-49b6-84d5-4ada950d210f",
|
|
"indicator--5acdb651-1494-466b-94fe-436a950d210f",
|
|
"indicator--5acdb652-2cd8-4f03-b634-4cfc950d210f",
|
|
"indicator--5acdb652-5f4c-4500-b94c-4166950d210f",
|
|
"indicator--5acdb653-5348-4036-8e70-4204950d210f",
|
|
"indicator--5acdb653-df08-403b-9e78-40ed950d210f",
|
|
"indicator--5acdb654-5c28-4f12-9658-48bc950d210f",
|
|
"indicator--5acdb654-6ed4-4efd-bd23-4962950d210f",
|
|
"indicator--5acdb654-3460-447c-a723-453f950d210f",
|
|
"indicator--5acdb655-3678-492f-8a80-4380950d210f",
|
|
"indicator--5acdb655-f360-4516-9cfc-424a950d210f",
|
|
"indicator--5acdb656-32b4-4f2c-9b7f-4c71950d210f",
|
|
"indicator--5acdb656-6070-4a8f-a280-43e3950d210f",
|
|
"indicator--5acdb657-d340-448b-8522-4e5a950d210f",
|
|
"indicator--5acdb657-12e8-43e3-86f3-4add950d210f",
|
|
"indicator--5acdb657-bb5c-4f8b-88bf-48a9950d210f",
|
|
"indicator--5acdb658-628c-4670-b40c-4aee950d210f",
|
|
"indicator--5acdb658-dfe0-4c52-af91-4d6a950d210f",
|
|
"indicator--5acdb659-b424-4689-a966-41e4950d210f",
|
|
"indicator--5acdb659-dd2c-4c34-a1ac-46a3950d210f",
|
|
"indicator--5acdb659-e09c-47e2-b8fc-4c2f950d210f",
|
|
"indicator--5acdb65a-3b20-434a-a8f9-4ed8950d210f",
|
|
"indicator--5acdb65a-bf38-4792-bfa7-4f73950d210f",
|
|
"indicator--5acdb65b-6c18-427f-aa53-4836950d210f",
|
|
"indicator--5acdb65b-54d8-4e8a-ab45-4793950d210f",
|
|
"indicator--5acdb65b-4038-4d57-a020-46fd950d210f",
|
|
"indicator--5acdb65c-7fb0-4467-942b-4a09950d210f",
|
|
"indicator--5acdb65c-4a18-4c02-86e0-47eb950d210f",
|
|
"indicator--5acdb65d-4c70-43f8-a88b-422f950d210f",
|
|
"indicator--5acdb65d-1d68-4227-84aa-4bce950d210f",
|
|
"indicator--5acdb65e-7650-41c1-b7b6-4527950d210f",
|
|
"indicator--5acdb65e-36e8-4837-bdfc-4ec5950d210f",
|
|
"indicator--5acdb65f-3868-4b8e-b422-4c9a950d210f",
|
|
"indicator--5acdb65f-84f8-4070-8052-42a3950d210f",
|
|
"indicator--5acdb65f-bd78-4ace-8505-4b4c950d210f",
|
|
"indicator--5acdb660-4ea4-43a3-b360-4245950d210f",
|
|
"indicator--5acdb660-d110-4bc7-bec1-46e2950d210f",
|
|
"indicator--5acdb661-0bcc-4db2-9cc9-450a950d210f",
|
|
"indicator--5acdb661-cfb4-418a-bb48-46cf950d210f",
|
|
"indicator--5acdb661-c1f8-48bb-8823-4bb2950d210f",
|
|
"indicator--5acdb662-6488-4731-9486-4917950d210f",
|
|
"indicator--5acdb662-5c48-414d-bed9-4bf8950d210f",
|
|
"indicator--5acdb663-8e04-4157-b2ce-407f950d210f",
|
|
"indicator--5acdb663-1cfc-4a4e-925b-4d5c950d210f",
|
|
"indicator--5acdb664-3b1c-41bc-906c-4e79950d210f",
|
|
"indicator--5acdb664-994c-4138-96a0-46f5950d210f",
|
|
"indicator--5acdb664-49ac-4682-a7bd-4d65950d210f",
|
|
"indicator--5acdb665-8b78-479a-83f4-4f65950d210f",
|
|
"indicator--5acdb665-12c8-4794-b0d9-43de950d210f",
|
|
"indicator--5acdb666-11d8-4d24-a679-40e2950d210f",
|
|
"indicator--5acdb666-cc4c-4252-8d79-4142950d210f",
|
|
"indicator--5acdb666-f2c8-4faa-8644-4a88950d210f",
|
|
"indicator--5acdb667-1870-49ed-afa2-44ff950d210f",
|
|
"indicator--5acdb667-2ee4-41f1-a088-44a6950d210f",
|
|
"indicator--5acdb668-9b98-4d1d-a741-4520950d210f",
|
|
"indicator--5acdb668-411c-46e1-b31b-4cf0950d210f",
|
|
"indicator--5acdb668-e598-44cd-995c-447c950d210f",
|
|
"indicator--5acdb669-ee10-40a4-811e-4717950d210f",
|
|
"indicator--5acdb669-aafc-4ee8-ae63-417c950d210f",
|
|
"indicator--5acdb66a-3ae4-4abb-922f-4f18950d210f",
|
|
"indicator--5acdb66a-8860-49d8-8296-4b19950d210f",
|
|
"indicator--5acdb66a-9a00-4a23-9939-4ad8950d210f",
|
|
"indicator--5acdb66b-142c-408e-83c0-41ad950d210f",
|
|
"indicator--5acdb66b-b070-40d5-8767-47cc950d210f",
|
|
"indicator--5acdb66c-f614-4b90-98b4-4a63950d210f",
|
|
"indicator--5acdb66c-aec0-4b32-97d4-42d6950d210f",
|
|
"indicator--5acdb66c-4fac-40f3-b063-4b60950d210f",
|
|
"indicator--5acdb66d-5928-4c61-984e-45c4950d210f",
|
|
"indicator--5acdb66d-3c6c-43cf-b6da-4db6950d210f",
|
|
"indicator--5acdb75b-0f4c-49c0-b0fa-4bd7950d210f",
|
|
"indicator--5acdb75b-6500-4acb-be39-40a7950d210f",
|
|
"indicator--5acdb75c-ed48-4329-9434-430e950d210f",
|
|
"indicator--5acdb75c-9940-4460-a098-42ff950d210f",
|
|
"indicator--5acdb75d-4afc-406a-bd6b-483e950d210f",
|
|
"indicator--5acdb75d-8f3c-40f3-ad71-4a4b950d210f",
|
|
"indicator--5acdb75d-d8a8-45eb-988c-4167950d210f",
|
|
"indicator--5acdb75e-afac-4976-a9f4-4de8950d210f",
|
|
"indicator--5acdb75e-4ef0-4b78-a698-4d13950d210f",
|
|
"indicator--5acdb75f-fdb0-4d76-9856-4cda950d210f",
|
|
"indicator--5acdb75f-f3ec-48a4-9349-45b4950d210f",
|
|
"indicator--5acdb75f-7900-4328-8d8c-45fb950d210f",
|
|
"indicator--5acdb760-23e0-4d9e-8315-40a5950d210f",
|
|
"indicator--5acdb760-c580-416c-872e-4dd5950d210f",
|
|
"indicator--5acdb761-f400-477b-9cd1-4d08950d210f",
|
|
"indicator--5acdb761-6a40-45d2-b3b1-49db950d210f",
|
|
"indicator--5acdb762-0e08-4710-96a6-45fc950d210f",
|
|
"indicator--5acdb762-96a4-4ba4-8375-4f3a950d210f",
|
|
"indicator--5acdb762-cc00-4db9-a845-4c9e950d210f",
|
|
"indicator--5acdb763-8fe0-473d-aacf-461c950d210f",
|
|
"indicator--5acdb763-2370-4f1d-bf55-4add950d210f",
|
|
"indicator--5acdb764-8b48-4946-9658-4c6b950d210f",
|
|
"indicator--5acdb764-92f4-4267-9f39-444a950d210f",
|
|
"indicator--5acdb764-9654-45a8-8fc1-49f8950d210f",
|
|
"indicator--5acdb765-29dc-4104-a4fa-4b5e950d210f",
|
|
"indicator--5acdb765-8358-451e-b98c-4bc4950d210f",
|
|
"indicator--5acdb766-3704-4511-9d81-4283950d210f",
|
|
"indicator--5acdb766-47c0-4e20-94c0-4de3950d210f",
|
|
"indicator--5acdb766-f9e0-4345-8835-4f11950d210f",
|
|
"indicator--5acdb767-7664-483b-a94e-4ef9950d210f",
|
|
"indicator--5acdb767-0800-49c3-a7b8-4c80950d210f",
|
|
"indicator--5acdb768-4958-4471-a13f-4e03950d210f",
|
|
"indicator--5acdb768-fb98-4ecb-b7a5-4a35950d210f",
|
|
"indicator--5acdb768-6a4c-4107-85c4-4659950d210f",
|
|
"indicator--5acdb769-55e4-4661-9dec-41f6950d210f",
|
|
"indicator--5acdb769-2598-408b-bbed-494b950d210f",
|
|
"indicator--5acdb76a-415c-4b5c-8c50-4f23950d210f",
|
|
"indicator--5acdb76a-0e58-4e66-a52f-4ce2950d210f",
|
|
"indicator--5acdb76a-3c00-4f03-84c4-4bd2950d210f",
|
|
"indicator--5acdb76b-0cb4-4f6f-b0a3-4755950d210f",
|
|
"indicator--5acdb76b-ddb4-4054-be7c-47cd950d210f",
|
|
"indicator--5acdb76c-6e8c-4721-9221-496d950d210f",
|
|
"indicator--5acdb76c-9aec-49d4-9090-48b2950d210f",
|
|
"indicator--5acdb76c-3f78-4e58-9ad3-460a950d210f",
|
|
"indicator--5acdb76d-51c4-4c6e-84fe-41aa950d210f",
|
|
"indicator--5acdb76d-17b8-4985-b883-419a950d210f",
|
|
"indicator--5acdb76e-b2d4-492d-95c9-49fe950d210f",
|
|
"indicator--5acdb76e-3e34-490a-90dc-4e81950d210f",
|
|
"indicator--5acdb76f-0660-472d-8f75-4991950d210f",
|
|
"indicator--5acdb76f-134c-4069-b60c-493d950d210f",
|
|
"indicator--5acdb76f-b5e4-4a7b-8709-41df950d210f",
|
|
"indicator--5acdb770-ff84-45b8-9615-4b8b950d210f",
|
|
"indicator--5acdb770-f950-4001-9e8d-4b82950d210f",
|
|
"indicator--5acdb771-724c-4ff7-a084-4a6e950d210f",
|
|
"indicator--5acdb771-875c-433d-b9f2-4a7c950d210f",
|
|
"indicator--5acdb771-8a44-4b4c-a7b2-4332950d210f",
|
|
"indicator--5acdb772-3668-4931-92b0-409a950d210f",
|
|
"indicator--5acdb772-37c8-4751-a214-4d4d950d210f",
|
|
"indicator--5acdb773-1c1c-458e-98c6-4b2b950d210f",
|
|
"indicator--5acdb773-1420-4c1d-b10f-454b950d210f",
|
|
"indicator--5acdb773-accc-4500-998a-4972950d210f",
|
|
"indicator--5acdb774-f8f4-4509-8ff5-4c17950d210f",
|
|
"indicator--5acdb774-8e64-4d70-9533-43d7950d210f",
|
|
"indicator--5acdb775-6608-41fe-94b0-4ed7950d210f",
|
|
"indicator--5acdb775-66e8-4579-97d2-4b88950d210f",
|
|
"indicator--5acdb775-ede0-4291-9fe7-470f950d210f",
|
|
"indicator--5acdb776-f7d0-4d6d-8066-4dc6950d210f",
|
|
"indicator--5acdb776-e64c-43a6-bb3d-4d03950d210f",
|
|
"indicator--5acdb777-f914-44d5-9c9d-496c950d210f",
|
|
"indicator--5acdb777-7f58-44a0-8108-45c1950d210f",
|
|
"indicator--5acdb778-504c-47df-a46c-443b950d210f",
|
|
"indicator--5acdb778-77c0-4c66-9ea7-486a950d210f",
|
|
"indicator--5acdb778-4b9c-4033-b7eb-4792950d210f",
|
|
"indicator--5acdb779-0218-44ea-aa53-4992950d210f",
|
|
"indicator--5acdb779-a244-4a2d-9cfc-4cd6950d210f",
|
|
"indicator--5acdb779-d368-4c1f-a4b1-4a94950d210f",
|
|
"indicator--5acdb77a-5f58-47f5-8709-4e08950d210f",
|
|
"indicator--5acdb77a-2584-462b-8afb-4c29950d210f",
|
|
"indicator--5acdb77b-6740-44d5-95f5-4b39950d210f",
|
|
"indicator--5acdb77b-2b3c-4caa-9745-4722950d210f",
|
|
"indicator--5acdb77b-09bc-4f81-82e0-429e950d210f",
|
|
"indicator--5acdb77c-2d04-4328-bff8-4601950d210f",
|
|
"indicator--5acdb77c-6178-4ee8-8843-4bed950d210f",
|
|
"indicator--5acdb77d-1288-4b53-9ea3-4cab950d210f",
|
|
"indicator--5acdb77d-17dc-4d4c-80a1-496b950d210f",
|
|
"indicator--5acdb77d-12d0-4e6f-ad6a-4d61950d210f",
|
|
"indicator--5acdb77e-f2d4-404c-93f8-4af0950d210f",
|
|
"indicator--5acdb77e-c790-40ed-8017-46ec950d210f",
|
|
"indicator--5acdb77f-cec4-4c51-9d0a-4603950d210f",
|
|
"indicator--5acdb77f-d910-4f52-bf66-4e54950d210f",
|
|
"indicator--5acdb77f-74ac-47c3-ade1-443f950d210f",
|
|
"indicator--5acdb780-8b1c-484f-a75e-48ed950d210f",
|
|
"indicator--5acdb780-1e54-4f03-9549-4f7d950d210f",
|
|
"indicator--5acdb781-4a98-4d01-8ec0-47dc950d210f",
|
|
"indicator--5acdb781-cd30-4446-8bc5-4b23950d210f",
|
|
"indicator--5acdb781-7ab4-4b13-847d-42a9950d210f",
|
|
"indicator--5acdb782-f0a8-4965-9227-421f950d210f",
|
|
"indicator--5acdb782-142c-427d-b102-455a950d210f",
|
|
"indicator--5acdb783-9f5c-4f84-8752-4591950d210f",
|
|
"indicator--5acdb783-6bb4-4ae6-990d-4f7e950d210f",
|
|
"indicator--5acdb783-64f8-4893-8d87-4a45950d210f",
|
|
"indicator--5acdb784-11d8-45f1-9cbe-4f9c950d210f",
|
|
"indicator--5acdb784-37ac-491d-8ce4-414c950d210f",
|
|
"indicator--5acdb785-ed44-483a-b72a-4d31950d210f",
|
|
"indicator--5acdb785-78bc-496f-82c8-4469950d210f",
|
|
"indicator--5acdb785-2fb0-470b-b0a2-4cfd950d210f",
|
|
"indicator--5acdb786-7d08-427e-8290-4afb950d210f",
|
|
"indicator--5acdb786-0aec-4d53-b35e-4586950d210f",
|
|
"indicator--5acdb787-2c44-4ba5-a606-4e23950d210f",
|
|
"indicator--5acdb787-18a8-4c68-8a4d-413b950d210f",
|
|
"indicator--5acdb787-24b0-4ba5-b6d6-49ec950d210f",
|
|
"indicator--5acdb788-9f64-4c46-a20e-40d0950d210f",
|
|
"indicator--5acdb788-1f90-4e83-b9a0-4de9950d210f",
|
|
"indicator--5acdb789-18a0-47f8-8a49-464e950d210f",
|
|
"indicator--5acdb789-48bc-4b07-a465-40a8950d210f",
|
|
"indicator--5acdb789-ce44-4c9f-9362-40d3950d210f",
|
|
"indicator--5acdb78a-e6b0-40ac-9881-4cc7950d210f",
|
|
"indicator--5acdb78a-7874-46d1-ad6d-4d5f950d210f",
|
|
"indicator--5acdb78b-2c60-49fe-8522-47a1950d210f",
|
|
"indicator--5acdb78b-4abc-4e25-af12-4f30950d210f",
|
|
"indicator--5acdb78b-d0a8-4529-9fc8-46e6950d210f",
|
|
"indicator--5acdb78c-8e20-4c18-8940-41f6950d210f",
|
|
"indicator--5acdb78c-94e4-4c54-9ee9-4f2a950d210f",
|
|
"indicator--5acdb78d-3400-40c1-bbc1-4c3e950d210f",
|
|
"indicator--5acdb78d-5864-4b7e-80b0-4edc950d210f",
|
|
"indicator--5acdb78d-efc8-42a3-92f0-4549950d210f",
|
|
"indicator--5acdb78e-6ff4-4dce-b423-440f950d210f",
|
|
"indicator--5acdb78e-c638-4995-ab40-42c0950d210f",
|
|
"indicator--5acdb78f-e790-407b-8393-49f9950d210f",
|
|
"indicator--5acdb78f-afc4-40e6-a6ea-4ba2950d210f",
|
|
"indicator--5acdb78f-95a4-409c-bc2f-4d9f950d210f",
|
|
"indicator--5acdb790-3f68-492f-b2b4-4a68950d210f",
|
|
"indicator--5acdb790-3cf8-4f80-bd9f-462b950d210f",
|
|
"indicator--5acdb791-b1d8-48da-a553-4941950d210f",
|
|
"indicator--5acdb791-4d90-484b-921f-4c33950d210f",
|
|
"indicator--5acdb791-2460-49bb-8286-4e6b950d210f",
|
|
"indicator--5acdb792-7188-4ebd-b358-40c6950d210f",
|
|
"indicator--5acdb792-a568-4ff4-befa-4077950d210f",
|
|
"indicator--5acdb792-01c8-40d6-85a0-4bbf950d210f",
|
|
"indicator--5acdb793-0f1c-407e-82fb-4eaa950d210f",
|
|
"indicator--5acdb793-9438-40d9-aebb-4f29950d210f",
|
|
"indicator--5acdb794-5de8-40cb-b099-4a96950d210f",
|
|
"indicator--5acdb794-73d0-429e-acd6-44a6950d210f",
|
|
"indicator--5acdb794-5d28-4025-93aa-47e3950d210f",
|
|
"indicator--5acdb795-58f8-4ed2-b97c-46e0950d210f",
|
|
"indicator--5acdb795-7ed8-484b-9f01-45a0950d210f",
|
|
"indicator--5acdb796-3700-42bd-bb3f-40a8950d210f",
|
|
"indicator--5acdb796-767c-44ee-a7d9-448f950d210f",
|
|
"indicator--5acdb796-46c0-4edd-beb9-4070950d210f",
|
|
"indicator--5acdb797-4b84-4eea-8b4c-4518950d210f",
|
|
"indicator--5acdb797-cf40-42dc-aa80-4fa0950d210f",
|
|
"indicator--5acdb798-95b8-492a-a773-4af8950d210f",
|
|
"indicator--5acdb798-47d4-4acc-9c44-4cfc950d210f",
|
|
"indicator--5acdb799-2d0c-4521-b40e-4a2c950d210f",
|
|
"indicator--5acdb799-bf8c-40da-a3fb-46bf950d210f",
|
|
"indicator--5acdb799-6d54-4696-9a0b-496b950d210f",
|
|
"indicator--5acdb79a-ecf8-4355-82da-49c1950d210f",
|
|
"indicator--5acdb79a-00e0-42b3-a122-463e950d210f",
|
|
"indicator--5acdb79b-7de8-4172-b5b6-4421950d210f",
|
|
"indicator--5acdb79b-fbf8-49cb-8b31-4e82950d210f",
|
|
"indicator--5acdb79b-2dd8-4bec-8881-443b950d210f",
|
|
"indicator--5acdb79c-d52c-4f5d-adee-4e88950d210f",
|
|
"indicator--5acdb79c-d440-49c1-b4ab-47cd950d210f",
|
|
"indicator--5acdb79c-9854-471b-a213-41cc950d210f",
|
|
"indicator--5acdb79d-1504-4bb5-86ca-4564950d210f",
|
|
"indicator--5acdb79d-99e0-4d25-9e1d-4960950d210f",
|
|
"indicator--5acdb79e-ee90-42fb-bfe8-4241950d210f",
|
|
"indicator--5acdb79e-88f4-4a18-b517-4c50950d210f",
|
|
"indicator--5acdb79e-ebd4-4148-be26-4829950d210f",
|
|
"indicator--5acdb79f-ef04-4702-ba1b-4ec8950d210f",
|
|
"indicator--5acdb79f-6ff4-4b62-935c-4763950d210f",
|
|
"indicator--5acdb7a0-4494-411a-98f3-4488950d210f",
|
|
"indicator--5acdb7a0-b0d0-4f13-bb7e-40df950d210f",
|
|
"indicator--5acdb7a0-5d04-4252-8df7-4ddd950d210f",
|
|
"indicator--5acdb7a1-7f98-489f-a856-4deb950d210f",
|
|
"indicator--5acdb7a1-6fa8-4593-93d9-4794950d210f",
|
|
"indicator--5acdb7a2-a11c-413c-8666-4861950d210f",
|
|
"indicator--5acdb7a2-6948-4969-8aaf-4882950d210f",
|
|
"indicator--5acdb7a2-bc84-4354-bd2e-4980950d210f",
|
|
"indicator--5acdb7a3-b85c-45d8-81c3-48f2950d210f",
|
|
"indicator--5acdb7a3-3c38-4e40-bfe1-4ae3950d210f",
|
|
"indicator--5acdb7a4-6ba8-463e-a313-460d950d210f",
|
|
"indicator--5acdb7a4-b434-441e-bef2-4c9e950d210f",
|
|
"indicator--5acdb7a4-1c78-4f13-ae16-45ac950d210f",
|
|
"indicator--5acdb7a5-1758-4610-8b4d-4cb3950d210f",
|
|
"indicator--5acdb7a5-5edc-4f04-b605-470e950d210f",
|
|
"indicator--5acdb7a6-7850-493c-b801-4e63950d210f",
|
|
"indicator--5acdb7a6-a7c0-4ead-8d24-44b2950d210f",
|
|
"indicator--5acdb7a6-cadc-423b-a132-4baa950d210f",
|
|
"indicator--5acdb7a7-0a98-45de-9660-44da950d210f",
|
|
"indicator--5acdb7a7-ffd4-4374-bdc4-40be950d210f",
|
|
"indicator--5acdb7a8-21c0-4ef0-92af-4c68950d210f",
|
|
"indicator--5acdb7a8-93b8-4339-b0ca-4cfd950d210f",
|
|
"indicator--5acdb7a8-dad4-4042-9cc8-4b52950d210f",
|
|
"indicator--5acdb7a9-9cb4-40fd-b42f-47e6950d210f",
|
|
"indicator--5acdb7a9-f70c-476d-a890-4ef6950d210f",
|
|
"indicator--5acdb7aa-2b58-4695-ae98-4840950d210f",
|
|
"indicator--5acdb7aa-e100-490a-a450-43bf950d210f",
|
|
"indicator--5acdb7aa-bc38-4199-8340-4c68950d210f",
|
|
"indicator--5acdb7ab-7c1c-4a68-a8c4-424f950d210f",
|
|
"indicator--5acdb7ab-7cb0-475d-91ad-40b3950d210f",
|
|
"indicator--5acdb7ab-7e00-4dfb-818b-4cfd950d210f",
|
|
"indicator--5acdb7ac-8b68-463d-bda8-48fa950d210f",
|
|
"indicator--5acdb7ac-db8c-42f9-8b4c-482f950d210f",
|
|
"indicator--5acdb7ad-e100-4a0b-8fc4-4f1f950d210f",
|
|
"indicator--5acdb7ad-2aa8-414f-9602-4f90950d210f",
|
|
"indicator--5acdb7ad-f3d8-49a4-a18f-4683950d210f",
|
|
"indicator--5acdb7ae-53b8-4246-805e-4825950d210f",
|
|
"indicator--5acdb7ae-b714-4600-9ba8-4b9a950d210f",
|
|
"indicator--5acdb7af-3fb8-4cfb-babb-4d41950d210f",
|
|
"indicator--5acdb7af-0324-4b25-a663-421f950d210f",
|
|
"indicator--5acdb7af-e13c-4eb5-8e09-45f4950d210f",
|
|
"indicator--5acdb7b0-a2f4-4c69-ba56-41a1950d210f",
|
|
"indicator--5acdb7b0-b540-4a96-8083-438c950d210f",
|
|
"observed-data--5acdba56-4be0-4d6d-8f5d-409b950d210f",
|
|
"network-traffic--5acdba56-4be0-4d6d-8f5d-409b950d210f",
|
|
"ipv4-addr--5acdba56-4be0-4d6d-8f5d-409b950d210f",
|
|
"observed-data--5acdba56-f2c8-410c-ba73-4ede950d210f",
|
|
"network-traffic--5acdba56-f2c8-410c-ba73-4ede950d210f",
|
|
"ipv4-addr--5acdba56-f2c8-410c-ba73-4ede950d210f",
|
|
"observed-data--5acdba57-a410-4f9d-acf6-4472950d210f",
|
|
"network-traffic--5acdba57-a410-4f9d-acf6-4472950d210f",
|
|
"ipv4-addr--5acdba57-a410-4f9d-acf6-4472950d210f",
|
|
"observed-data--5acdba57-821c-4d1f-b8c5-4a18950d210f",
|
|
"network-traffic--5acdba57-821c-4d1f-b8c5-4a18950d210f",
|
|
"ipv4-addr--5acdba57-821c-4d1f-b8c5-4a18950d210f",
|
|
"observed-data--5acdba57-b4dc-4fa0-a475-44c1950d210f",
|
|
"network-traffic--5acdba57-b4dc-4fa0-a475-44c1950d210f",
|
|
"ipv4-addr--5acdba57-b4dc-4fa0-a475-44c1950d210f",
|
|
"observed-data--5acdba58-2220-4253-b12c-4b39950d210f",
|
|
"network-traffic--5acdba58-2220-4253-b12c-4b39950d210f",
|
|
"ipv4-addr--5acdba58-2220-4253-b12c-4b39950d210f",
|
|
"observed-data--5acdba58-3070-443a-9b3e-4c7f950d210f",
|
|
"network-traffic--5acdba58-3070-443a-9b3e-4c7f950d210f",
|
|
"ipv4-addr--5acdba58-3070-443a-9b3e-4c7f950d210f",
|
|
"observed-data--5acdba59-7f90-4abc-95a3-4a66950d210f",
|
|
"network-traffic--5acdba59-7f90-4abc-95a3-4a66950d210f",
|
|
"ipv4-addr--5acdba59-7f90-4abc-95a3-4a66950d210f",
|
|
"observed-data--5acdba59-d8b4-449e-96e8-4349950d210f",
|
|
"network-traffic--5acdba59-d8b4-449e-96e8-4349950d210f",
|
|
"ipv4-addr--5acdba59-d8b4-449e-96e8-4349950d210f",
|
|
"observed-data--5acdba5a-ae9c-4851-aad5-483d950d210f",
|
|
"network-traffic--5acdba5a-ae9c-4851-aad5-483d950d210f",
|
|
"ipv4-addr--5acdba5a-ae9c-4851-aad5-483d950d210f",
|
|
"observed-data--5acdba5a-4adc-4e6e-a065-4456950d210f",
|
|
"network-traffic--5acdba5a-4adc-4e6e-a065-4456950d210f",
|
|
"ipv4-addr--5acdba5a-4adc-4e6e-a065-4456950d210f",
|
|
"observed-data--5acdba5b-7c74-4ccf-905d-445e950d210f",
|
|
"network-traffic--5acdba5b-7c74-4ccf-905d-445e950d210f",
|
|
"ipv4-addr--5acdba5b-7c74-4ccf-905d-445e950d210f",
|
|
"observed-data--5acdba5b-ba80-4585-b492-4e76950d210f",
|
|
"network-traffic--5acdba5b-ba80-4585-b492-4e76950d210f",
|
|
"ipv4-addr--5acdba5b-ba80-4585-b492-4e76950d210f",
|
|
"observed-data--5acdba5c-733c-4daf-af73-4350950d210f",
|
|
"network-traffic--5acdba5c-733c-4daf-af73-4350950d210f",
|
|
"ipv4-addr--5acdba5c-733c-4daf-af73-4350950d210f",
|
|
"observed-data--5acdba5c-e0e4-4342-affc-46e3950d210f",
|
|
"network-traffic--5acdba5c-e0e4-4342-affc-46e3950d210f",
|
|
"ipv4-addr--5acdba5c-e0e4-4342-affc-46e3950d210f",
|
|
"observed-data--5acdba5d-8230-4916-ab3c-45f6950d210f",
|
|
"network-traffic--5acdba5d-8230-4916-ab3c-45f6950d210f",
|
|
"ipv4-addr--5acdba5d-8230-4916-ab3c-45f6950d210f",
|
|
"observed-data--5acdba5d-5c9c-448c-9c09-4f62950d210f",
|
|
"network-traffic--5acdba5d-5c9c-448c-9c09-4f62950d210f",
|
|
"ipv4-addr--5acdba5d-5c9c-448c-9c09-4f62950d210f",
|
|
"observed-data--5acdba5d-a28c-445a-bad0-43f0950d210f",
|
|
"network-traffic--5acdba5d-a28c-445a-bad0-43f0950d210f",
|
|
"ipv4-addr--5acdba5d-a28c-445a-bad0-43f0950d210f",
|
|
"observed-data--5acdba5e-2cb4-454a-bfe6-4665950d210f",
|
|
"network-traffic--5acdba5e-2cb4-454a-bfe6-4665950d210f",
|
|
"ipv4-addr--5acdba5e-2cb4-454a-bfe6-4665950d210f",
|
|
"observed-data--5acdba5e-d0b8-4d72-af64-47a6950d210f",
|
|
"network-traffic--5acdba5e-d0b8-4d72-af64-47a6950d210f",
|
|
"ipv4-addr--5acdba5e-d0b8-4d72-af64-47a6950d210f",
|
|
"observed-data--5acdba5f-95cc-46ca-ae9e-40f1950d210f",
|
|
"network-traffic--5acdba5f-95cc-46ca-ae9e-40f1950d210f",
|
|
"ipv4-addr--5acdba5f-95cc-46ca-ae9e-40f1950d210f",
|
|
"observed-data--5acdba5f-312c-456f-9bb1-4d3b950d210f",
|
|
"network-traffic--5acdba5f-312c-456f-9bb1-4d3b950d210f",
|
|
"ipv4-addr--5acdba5f-312c-456f-9bb1-4d3b950d210f",
|
|
"observed-data--5acdba60-0c9c-4ccb-8478-408f950d210f",
|
|
"network-traffic--5acdba60-0c9c-4ccb-8478-408f950d210f",
|
|
"ipv4-addr--5acdba60-0c9c-4ccb-8478-408f950d210f",
|
|
"observed-data--5acdba60-2f4c-4f1c-a9e2-4251950d210f",
|
|
"network-traffic--5acdba60-2f4c-4f1c-a9e2-4251950d210f",
|
|
"ipv4-addr--5acdba60-2f4c-4f1c-a9e2-4251950d210f",
|
|
"observed-data--5acdba60-d9e0-4615-a51c-4376950d210f",
|
|
"network-traffic--5acdba60-d9e0-4615-a51c-4376950d210f",
|
|
"ipv4-addr--5acdba60-d9e0-4615-a51c-4376950d210f",
|
|
"observed-data--5acdba61-0334-4b29-bd1d-4ed0950d210f",
|
|
"network-traffic--5acdba61-0334-4b29-bd1d-4ed0950d210f",
|
|
"ipv4-addr--5acdba61-0334-4b29-bd1d-4ed0950d210f",
|
|
"observed-data--5acdba61-20d0-42ac-8e46-435e950d210f",
|
|
"network-traffic--5acdba61-20d0-42ac-8e46-435e950d210f",
|
|
"ipv4-addr--5acdba61-20d0-42ac-8e46-435e950d210f",
|
|
"observed-data--5acdba62-d81c-4f2a-a16b-45b0950d210f",
|
|
"network-traffic--5acdba62-d81c-4f2a-a16b-45b0950d210f",
|
|
"ipv4-addr--5acdba62-d81c-4f2a-a16b-45b0950d210f",
|
|
"observed-data--5acdba62-d044-4ade-ba71-425c950d210f",
|
|
"network-traffic--5acdba62-d044-4ade-ba71-425c950d210f",
|
|
"ipv4-addr--5acdba62-d044-4ade-ba71-425c950d210f",
|
|
"observed-data--5acdba63-97bc-4fae-a37f-4269950d210f",
|
|
"network-traffic--5acdba63-97bc-4fae-a37f-4269950d210f",
|
|
"ipv4-addr--5acdba63-97bc-4fae-a37f-4269950d210f",
|
|
"x-misp-attribute--5acdc567-8d48-446e-b313-0cbd950d210f",
|
|
"indicator--6fd1f6c4-6029-4413-a667-95fa38366b69",
|
|
"x-misp-object--5e8c12ae-9a16-463d-a46b-070b4d2c8404",
|
|
"indicator--7864e29b-4460-44d5-8445-c6e55d7bfb47",
|
|
"x-misp-object--a91fd6bd-7284-480c-b15f-770ceb7c5609",
|
|
"indicator--08c3c62d-16f6-466c-a9c2-d56a58ab1c8d",
|
|
"x-misp-object--121a2ad2-8376-4e4c-b79a-b9776b93b362",
|
|
"indicator--df8a81ab-a86d-4b49-899d-583d01f7e42a",
|
|
"x-misp-object--ee503918-62a7-4cbd-99f0-e6560f3f1c59",
|
|
"indicator--1b83320b-4534-4616-9aa9-70d6e85c6d60",
|
|
"x-misp-object--4576e70d-c44d-44b0-82d9-b3ce92b2598a",
|
|
"indicator--2bfcf16d-2469-4c81-a60b-22eadcf925ed",
|
|
"x-misp-object--7e0dacb4-2576-45f2-91a3-65538610cc63",
|
|
"indicator--514262f4-2286-4596-8c79-b3a456c9baff",
|
|
"x-misp-object--5ffafb99-cb1e-458b-928a-6d3aa9811fc3",
|
|
"indicator--649a8ee3-1a45-423c-9972-ba281c297b7d",
|
|
"x-misp-object--8f63a85e-59e1-4425-9445-b5e64b9bd1b2",
|
|
"indicator--1cb85eed-35dd-4bbb-b639-d61d5a823d36",
|
|
"x-misp-object--fcc24e56-64af-4519-836e-7f93f17919d5",
|
|
"indicator--fc5a5102-440d-44b8-9614-b8bb931ca691",
|
|
"x-misp-object--b1f95800-22c5-4f98-b39e-44349c73ab63",
|
|
"indicator--670be7cf-f56d-484e-9318-4fe35253b9ba",
|
|
"x-misp-object--69b4c9a5-28e0-45a6-95b6-18b5ca7da196",
|
|
"indicator--5fec434e-324b-4dad-aa82-e6ad17c0e0f8",
|
|
"x-misp-object--1a98676b-2f5a-4be2-a77f-deafa4758761",
|
|
"indicator--569b47dd-ba9a-4aa6-b523-c71a31015c49",
|
|
"x-misp-object--be3c9538-4a98-4de3-860c-73c802c0c8d4",
|
|
"indicator--b28fcc17-afc6-4000-880f-f7f4664cdf18",
|
|
"x-misp-object--36fb41f1-dd51-478d-9a5c-d2394244c276",
|
|
"indicator--1ee29d84-1bdb-49ff-b0fe-cb71a1521342",
|
|
"x-misp-object--d7689172-d391-4ead-8c93-18d916e9a26b",
|
|
"indicator--c70c7655-b077-48ea-a19a-19aa83b65ba0",
|
|
"x-misp-object--15fc4652-6ed8-48af-8df9-a547c4802b5e",
|
|
"indicator--8c0a1b0d-015c-4b5d-aeda-17b5feb31793",
|
|
"x-misp-object--85efbc12-c49e-49ba-83a4-cd4447430b05",
|
|
"indicator--19505524-eba9-4389-a278-051643434566",
|
|
"x-misp-object--cdfd5826-0868-4cea-81e7-3a80c9a9c8e1",
|
|
"indicator--8c7228c1-273a-40a9-ab02-7c5e6db55e76",
|
|
"x-misp-object--ff8406f0-04d0-4c53-a9db-570be4189af2",
|
|
"indicator--e824c85f-bca5-4369-ad9d-a1805bfb347e",
|
|
"x-misp-object--3a55b7bd-0af8-49ad-bcd2-213316797c0f",
|
|
"indicator--1a0d6b30-172d-4360-840a-7c88a597c7da",
|
|
"x-misp-object--893c1da4-0b5e-4e3f-90aa-1a3ba8934bdd",
|
|
"indicator--54e685d2-efde-462d-9b5d-91e46a602e24",
|
|
"x-misp-object--8cb10bc6-6621-4c81-9706-5a46e96af99d",
|
|
"indicator--2de23e77-a74a-473a-af66-8e6c4641f205",
|
|
"x-misp-object--b3f9b50d-d863-49be-9193-fd9a153cbdbe",
|
|
"indicator--b4fdc7bd-9e3a-4e74-9f8f-68ac2ed3e3e7",
|
|
"x-misp-object--0099e9c5-b34d-4198-82e9-3a60a3a9c3e4",
|
|
"indicator--a9949693-96bb-4c93-95a6-e1e52d1ac7f4",
|
|
"x-misp-object--c26ae926-e5ba-4a95-b4e0-3c84e11e5c05",
|
|
"indicator--dfb21745-c073-4d36-a458-3e62ccd7cad0",
|
|
"x-misp-object--083729f8-2bb5-455c-b8c1-2868188241fd",
|
|
"indicator--3e5fe7a0-96a2-46ef-a61d-711ac87e00ac",
|
|
"x-misp-object--4eb2c901-dd7f-4a0a-99e4-03ca9f2d5f52",
|
|
"indicator--a37518e3-debb-4ade-b4ae-12858dec51b1",
|
|
"x-misp-object--eac0c6e1-cec8-4926-b444-cefe74fedeba",
|
|
"indicator--ed0d0b60-aea2-4fe9-81c4-e53e51f2c2bb",
|
|
"x-misp-object--1f77679b-1e65-404f-b403-929329a35a52",
|
|
"indicator--5f13df23-d28b-4187-b4c6-f962b2f8ef50",
|
|
"x-misp-object--b9cb07c2-ef54-46c9-afb2-c797997d80f4",
|
|
"indicator--d788ae85-ff85-4bf2-9a82-c320e2b3a3df",
|
|
"x-misp-object--8b3e44b9-e78b-4bbc-976d-278f8f6b60da",
|
|
"indicator--01c46b2c-5585-4f00-9e62-41872a575449",
|
|
"x-misp-object--fe71bf2f-a017-4ec3-b42e-0cd2623c68d3",
|
|
"indicator--a51025f7-d4ef-4f51-ad7d-de03abc3366f",
|
|
"x-misp-object--8a4216a6-f1d7-406b-a354-05bd0f85e6e9",
|
|
"indicator--c38c5804-df8e-41fa-9b7f-31e3544fe566",
|
|
"x-misp-object--4b0a8942-7f6f-4905-8919-faf340b2eef6",
|
|
"indicator--38b67aab-e80d-4134-8010-151ff4ae082f",
|
|
"x-misp-object--0b7254b0-949e-43a1-ac8c-2965ac1b87bf",
|
|
"indicator--a7b3ca08-23d1-4d80-b790-156e3b13ffd3",
|
|
"x-misp-object--57815c25-9ff4-4f89-b156-44265ffe0be5",
|
|
"indicator--7300363a-ef3a-42b7-bc3c-1d815b936cbd",
|
|
"x-misp-object--bb04e39c-e560-4fcb-9ddf-59d2319cd87d",
|
|
"indicator--da2ba542-2c80-4b59-885d-a5afbef0db51",
|
|
"x-misp-object--2a402b12-d1da-4439-bf12-bc00bc885f3f",
|
|
"indicator--8cb6abf5-0f5c-44fb-9629-14b2bcc84f41",
|
|
"x-misp-object--d3ea91b4-6c64-44b3-b437-1105518923c7",
|
|
"indicator--0d1e2f73-9439-4cfb-978b-dbe3b4d918e3",
|
|
"x-misp-object--cbbed67a-4d47-4f49-94da-1fef681147a1",
|
|
"indicator--d51b2874-5f95-4a5e-bbd9-c5a6614b0445",
|
|
"x-misp-object--5fbe35d8-d4d7-4e49-95d1-88772b043d59",
|
|
"indicator--f6776a76-229f-49a7-af38-ac58159887c2",
|
|
"x-misp-object--2fee7173-ec60-4011-8f48-4a75451d9bb6",
|
|
"indicator--98e4250a-3b95-448b-9c41-f42259e241ee",
|
|
"x-misp-object--1a524806-b60c-4d1a-844a-b96792b52515",
|
|
"indicator--bee48029-445e-439f-a8dc-286e41b7c723",
|
|
"x-misp-object--cc6eba97-a713-4f1f-ae25-2d67407de9e1",
|
|
"indicator--b14052c8-614a-4fdc-a621-00e499b0bfb6",
|
|
"x-misp-object--01811029-dcab-45f1-8f10-5e0afe8e1dbc",
|
|
"indicator--ebef05ee-7e49-4e93-b78e-6b66204c3bc1",
|
|
"x-misp-object--a7312d1a-3bc8-49c2-82ee-93c8c891e905",
|
|
"indicator--d4903005-b4ba-4612-a302-b8f440d0cae2",
|
|
"x-misp-object--6d0d2417-94d9-49e1-84b5-61f6742e5c80",
|
|
"indicator--c97555de-fce4-49b8-a245-485465edbbdf",
|
|
"x-misp-object--b445bded-0b5d-46d7-aa14-6f3fa4db52bf",
|
|
"indicator--03888f87-e431-4ab7-b5b6-d4155dad9716",
|
|
"x-misp-object--88133967-798f-4161-9dcb-95d458be530c",
|
|
"indicator--6c91ea71-1f01-42d9-a956-ba1a299be4c2",
|
|
"x-misp-object--d9499e1b-4086-467a-9ce8-93492a379bd3",
|
|
"indicator--4716d1d3-14f5-4ed0-ac6f-e3a13b400464",
|
|
"x-misp-object--362ca7c9-4be6-4252-b96c-3542a75ead4c",
|
|
"indicator--0ff124a2-4515-4f8f-954d-c39d1931093f",
|
|
"x-misp-object--fe05211f-0e4e-409c-b996-f62d185247fa",
|
|
"indicator--ab96f97c-11b9-4614-84e6-3106a0c4a792",
|
|
"x-misp-object--bc6587cf-35aa-408c-9a88-e34b5c94e1d6",
|
|
"indicator--daea0da5-5674-4d9a-99b9-a6dd5e69361a",
|
|
"x-misp-object--cd8ee169-6a3c-4d0c-b7d5-2bd070398734",
|
|
"indicator--1cff9c3a-d6e2-4cac-b1b8-161ff93dd2e6",
|
|
"x-misp-object--11b77879-a359-4744-a0d1-fddc267ca6b1",
|
|
"indicator--317c60b6-8524-4b43-ab79-1f366915c2e7",
|
|
"x-misp-object--02460375-4dcb-47c7-9c8c-3b131201385b",
|
|
"indicator--5642efac-135e-4519-b97c-0f980d195cf8",
|
|
"x-misp-object--a352aa3f-8855-40e0-a7b4-c593f679812d",
|
|
"indicator--57ebbd65-ce89-4eef-8998-312be2bcb349",
|
|
"x-misp-object--33123089-008e-45a5-92e8-96addd26dd71",
|
|
"indicator--53affc4d-60a8-4c6d-9405-1c21638010d7",
|
|
"x-misp-object--7f42d82a-5805-411b-803f-bbca82cd3c56",
|
|
"indicator--cc4e3e77-cf17-4278-912f-71bf1eec703d",
|
|
"x-misp-object--0b592a97-493a-4d25-934a-72abd4a11e8b",
|
|
"indicator--6e59fe57-f683-49fe-98c2-d2392248d076",
|
|
"x-misp-object--00284e3a-3d9f-4738-8d39-be39d6c7cfe3",
|
|
"indicator--05722d72-0046-46b9-8b0c-6e179dfa6edc",
|
|
"x-misp-object--34798e8d-f8f5-4862-9d49-9686048cbd25",
|
|
"indicator--1a2a899d-365d-4f83-90c4-f281e025fbfd",
|
|
"x-misp-object--4ccad6b1-b442-4943-a1bb-632367243e3a",
|
|
"indicator--02025dde-85dd-472c-9488-ac230d1088c2",
|
|
"x-misp-object--6c418d1a-3c22-40b3-b3d3-bce332bfdfb7",
|
|
"indicator--4f831bd7-482b-480d-be4c-d77ea1295e06",
|
|
"x-misp-object--5a6facbc-62b0-424a-8e54-15005ffecb38",
|
|
"indicator--a71784ec-09bd-456f-bce5-802fcc90eaaf",
|
|
"x-misp-object--31d88e38-4b3d-4d9f-9b12-97aefb81c305",
|
|
"indicator--1a1a63ec-d0d6-4c5d-bc59-a9d412f974ad",
|
|
"x-misp-object--f0574f28-a59b-4e7c-ad4c-a5ba3abe37e6",
|
|
"indicator--b91b3267-943b-4cc4-98dd-7af83efcd364",
|
|
"x-misp-object--a83e5ba7-27a2-430a-a85d-cc35b63edb7a",
|
|
"indicator--ae1251c0-4384-489a-9722-e6d0b463a9ee",
|
|
"x-misp-object--90e00ed6-1a34-4d05-8c46-6321ab2254c0",
|
|
"indicator--79bfebb0-0515-4253-b628-8d0247f1f64d",
|
|
"x-misp-object--ba146153-fb1e-4862-8fb2-de42c7bbb407",
|
|
"indicator--2e74e9bf-2116-499a-8664-85a8190ccc01",
|
|
"x-misp-object--c751b343-f407-41bf-abae-34482ededd19",
|
|
"indicator--2e231b46-7588-4a55-bca9-121895c6998d",
|
|
"x-misp-object--605c6785-5aa7-4507-a1e8-263319975111",
|
|
"indicator--c35fd8ca-1584-477b-aa6c-79ec4094bf8d",
|
|
"x-misp-object--9af3e13e-1a66-4d0f-b609-fb329f31ef50",
|
|
"indicator--5ba0cf41-2b85-4acf-99db-059e0e799f94",
|
|
"x-misp-object--beb61c2e-cc01-4cf3-aa10-bac84dd682e5",
|
|
"indicator--989183ae-e288-435c-96ed-b4177a99a8af",
|
|
"x-misp-object--d80d7f6e-5f4d-4350-9780-597d916c5861",
|
|
"relationship--564d5c77-d40e-4556-8ac7-86d14433230c",
|
|
"relationship--5fe8d2d5-014e-494e-bfd0-cc112c2f311d",
|
|
"relationship--1f22bda5-72eb-4c78-a199-6d1f40930472",
|
|
"relationship--64bc4879-5ff3-4203-a9af-da71da6003d8",
|
|
"relationship--315b2000-34ae-469b-a91d-6816120b0d13",
|
|
"relationship--bbb09164-e4ff-4414-b288-fcde71297963",
|
|
"relationship--b925c4f7-ee2f-4fb3-a3a6-f66db486dd9a",
|
|
"relationship--7fc56f9f-ac9a-4356-bd6c-116517a97679",
|
|
"relationship--af41dc6f-433b-4ffa-95e1-a7b821357611",
|
|
"relationship--e109078f-c174-4306-972d-73a9c7a32d8d",
|
|
"relationship--f6c4b84a-1735-42c6-bbf7-6b08511a696f",
|
|
"relationship--f52cf45d-86f5-4582-99de-b0e0ec0ace40",
|
|
"relationship--aa9d249f-6cde-4fe5-ac1f-938e689180a4",
|
|
"relationship--2827b0be-697c-49d6-ae73-c0cb32eb726c",
|
|
"relationship--1530e6de-b1e1-4cdf-b70c-0ba4779f062d",
|
|
"relationship--b1f38cbf-a0ec-4352-ba85-873d800c7e7d",
|
|
"relationship--9251da73-0693-450b-9d1c-6385878a3cab",
|
|
"relationship--493e52c0-3c24-45a8-a111-eed5628155b2",
|
|
"relationship--20bdbc30-bc90-4baa-ad3d-d2b8d9e0e4c4",
|
|
"relationship--458c965a-3e40-47b7-9ba3-9a2fcde0ae2d",
|
|
"relationship--c15cbecd-4ec1-40f7-b7ae-9c8fc69e63b3",
|
|
"relationship--1b9b045c-eab0-44cc-acaa-807c67ce8e27",
|
|
"relationship--beadd988-ce4b-4d82-8c00-feb56a63ec52",
|
|
"relationship--f8b4b1fb-7b78-470e-9c4a-d258b9ed28b4",
|
|
"relationship--b52794ef-9a6e-4265-8584-f5b0a1f3d925",
|
|
"relationship--c2d0a043-70f9-40db-8caa-7dd7395cf000",
|
|
"relationship--3274e6fe-9e3e-4293-8c7d-6bdfea3fd30f",
|
|
"relationship--2618eaf8-669d-471c-b825-5a43b3b7aede",
|
|
"relationship--ec15723f-470e-4f3a-b93b-e2d73a9f8813",
|
|
"relationship--ac2c551b-9288-45a3-b0b0-a2dc6ad33e6f",
|
|
"relationship--615c265a-050f-4f6f-8ced-24d1081c5560",
|
|
"relationship--ad88e654-94b1-4f25-be6e-4a3c7c895790",
|
|
"relationship--1d6ad613-3a80-4406-8226-db695222fb18",
|
|
"relationship--8a60d2b0-9fe8-4182-b393-6f5b8ec2d60f",
|
|
"relationship--2b3fe3f0-8909-49cc-8c9b-bb0adb97983b",
|
|
"relationship--2c3baa02-452c-4f68-a93e-29bed46929da",
|
|
"relationship--cfbecb8e-8d53-4070-b3da-e2fd25807726",
|
|
"relationship--64f51c64-7122-4a5b-8d4e-a426bcc12b3e",
|
|
"relationship--e572659b-29a6-4ba7-8672-7adc5791c6ab",
|
|
"relationship--4abc51b1-9f55-4e6d-bbb6-3f11bfe6c49c",
|
|
"relationship--2723780b-44a4-410a-99dc-3553a77ef8d1",
|
|
"relationship--cfb4a007-5756-4cfd-a92a-ccdc0cef313c",
|
|
"relationship--4faf245a-1638-493e-b245-8589cacdfeda",
|
|
"relationship--fc2d989c-9d3b-4203-9cb8-be33a3f2fa06",
|
|
"relationship--e5e3cbdb-4d17-4345-8768-f5565b12590e",
|
|
"relationship--a536c5b3-220c-4dfe-8dbc-7e6c5e1c5d6f",
|
|
"relationship--0a76d691-7a50-4461-889c-b02dd6579889",
|
|
"relationship--05baa671-7131-4be6-b154-456857aa111d",
|
|
"relationship--72434925-8a51-4796-9922-eab8d141636d",
|
|
"relationship--fe17d835-8903-4ca4-9b44-25c31cb9eacb",
|
|
"relationship--db18ea6e-b7bd-4564-89ed-0346b8fffe31",
|
|
"relationship--88451326-3e8e-4ebb-bd58-c16890cc6f8f",
|
|
"relationship--c3fad106-224f-4577-8d71-edf5fc9f21a8",
|
|
"relationship--89770004-7842-4668-a677-18544193005b",
|
|
"relationship--fcf00a09-0f42-44e1-a552-0d1f94d350f7",
|
|
"relationship--6361cd29-1be8-4d56-8284-f6bd1d4c4984",
|
|
"relationship--bb354d38-061e-4ea7-a79f-68680dcff454",
|
|
"relationship--1f2b1dc1-a55e-473d-81aa-88f7f4a7d421",
|
|
"relationship--68a4b700-2246-4a2b-9d3a-6bab5cef4082",
|
|
"relationship--181c077b-486c-4ddd-8906-43aaeb2e22ac",
|
|
"relationship--4052b4ae-0dd1-406f-8214-a483223f3b49",
|
|
"relationship--2c4850dc-0f25-41d9-9d77-170bbc7f914a",
|
|
"relationship--6008e8b4-b6bd-4cfe-af0b-fff03946ac7a",
|
|
"relationship--ecd94894-0e3d-4b24-8c11-e1ed9d426f4a",
|
|
"relationship--5312d303-b399-449f-9ab5-bec6086122a3",
|
|
"relationship--c78ac336-7cf5-4b84-98c8-0001731c5142",
|
|
"relationship--91ba9299-9055-44b6-853c-6badc17f7052",
|
|
"relationship--201c5ddd-218a-49eb-b6f7-ee0f27fd10d5",
|
|
"relationship--c1cc3082-96b5-433f-b2c0-12ea1b019360",
|
|
"relationship--e94772e7-7f69-4e00-8c47-3eb62869046d",
|
|
"relationship--1b18cdd9-745c-4599-9eb8-f8e99b5cbeb4",
|
|
"relationship--5108b0ab-ec84-4fdf-b76d-43a138491627",
|
|
"relationship--a052141e-f28c-469d-ac74-87bcdf2196e1",
|
|
"relationship--eca32deb-8f7b-4e8a-adf3-4b8014922551",
|
|
"relationship--f1eeaefc-3785-4d03-acf0-0789336d96a3"
|
|
],
|
|
"labels": [
|
|
"Threat-Report",
|
|
"misp:tool=\"MISP-STIX-Converter\"",
|
|
"circl:incident-classification=\"malware\"",
|
|
"osint:source-type=\"blog-post\"",
|
|
"misp-galaxy:tool=\"GoScanSSH\""
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdb52b-c658-4f45-b74b-4f82950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:19.000Z",
|
|
"modified": "2018-04-11T14:49:19.000Z",
|
|
"first_observed": "2018-04-11T14:49:19Z",
|
|
"last_observed": "2018-04-11T14:49:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5acdb52b-c658-4f45-b74b-4f82950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"osint:source-type=\"blog-post\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5acdb52b-c658-4f45-b74b-4f82950d210f",
|
|
"value": "https://www.bleepingcomputer.com/news/security/goscanssh-malware-avoids-government-and-military-servers/"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdb52b-44a0-49ef-8dd8-486b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:19.000Z",
|
|
"modified": "2018-04-11T14:49:19.000Z",
|
|
"first_observed": "2018-04-11T14:49:19Z",
|
|
"last_observed": "2018-04-11T14:49:19Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"url--5acdb52b-44a0-49ef-8dd8-486b950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"link\"",
|
|
"misp:category=\"External analysis\"",
|
|
"osint:source-type=\"blog-post\""
|
|
]
|
|
},
|
|
{
|
|
"type": "url",
|
|
"spec_version": "2.1",
|
|
"id": "url--5acdb52b-44a0-49ef-8dd8-486b950d210f",
|
|
"value": "http://blog.talosintelligence.com/2018/03/goscanssh-analysis.html"
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5acdb559-0430-41bf-bb5f-418f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:20.000Z",
|
|
"modified": "2018-04-11T14:49:20.000Z",
|
|
"labels": [
|
|
"misp:type=\"comment\"",
|
|
"misp:category=\"External analysis\"",
|
|
"osint:source-type=\"blog-post\""
|
|
],
|
|
"x_misp_category": "External analysis",
|
|
"x_misp_type": "comment",
|
|
"x_misp_value": "During a recent Incident Response (IR) engagement, Talos identified a new malware family that was being used to compromise SSH servers exposed to the internet. This malware, which we have named GoScanSSH, was written using the Go programming language, and exhibited several interesting characteristics. This is not the first malware family that Talos has observed that was written using Go. However, it is relatively uncommon to see malware written in this programming language. In this particular case, we also observed that the attacker created unique malware binaries for each host that was infected with the GoScanSSH malware. Additionally, the GoScanSSH command and control (C2) infrastructure was observed leveraging the Tor2Web proxy service in an attempt to make tracking the attacker-controlled infrastructure more difficult and resilient to takedowns."
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb5b3-efe4-49c9-b1b2-460b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:20.000Z",
|
|
"modified": "2018-04-11T14:49:20.000Z",
|
|
"description": "C2 domain",
|
|
"pattern": "[url:value = 'http://5z5zt3qzyp6j4bda.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb5b3-0f94-4dd3-8d2d-49cc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:20.000Z",
|
|
"modified": "2018-04-11T14:49:20.000Z",
|
|
"description": "C2 domain",
|
|
"pattern": "[url:value = 'http://5z5zt3qzyp6j4bda.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb5b4-c5ec-4554-aa80-41da950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:21.000Z",
|
|
"modified": "2018-04-11T14:49:21.000Z",
|
|
"description": "C2 domain",
|
|
"pattern": "[url:value = 'http://3xjj3i6rv3bdxd6p.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb5b4-f19c-412b-b5dc-4a58950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:21.000Z",
|
|
"modified": "2018-04-11T14:49:21.000Z",
|
|
"description": "C2 domain",
|
|
"pattern": "[url:value = 'http://3xjj3i6rv3bdxd6p.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb5b5-18a8-4cdd-990e-44e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:22.000Z",
|
|
"modified": "2018-04-11T14:49:22.000Z",
|
|
"description": "C2 domain",
|
|
"pattern": "[url:value = 'http://b4l7gbnyduslzhq4.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb5b5-7430-4703-9127-469d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:22.000Z",
|
|
"modified": "2018-04-11T14:49:22.000Z",
|
|
"description": "C2 domain",
|
|
"pattern": "[url:value = 'http://b4l7gbnyduslzhq4.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"url\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb64e-53b8-4225-b81f-4f9e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:30.000Z",
|
|
"modified": "2018-04-11T07:16:30.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '0159c232e9bdd983f8280211c6a4b23a83d735dabc768022876b44dbbf17c482']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb64f-b970-4223-a088-40c3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:31.000Z",
|
|
"modified": "2018-04-11T07:16:31.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '05477a397d57099b6f1e5b5da9248598ead9813890fb1622652f01bdf8e07cd3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb64f-80a4-4c9b-a060-492e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:31.000Z",
|
|
"modified": "2018-04-11T07:16:31.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '05a9635c4fa2ae030d0f01964aa75f343e223af778aff9d73174875bebfda8de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb650-da90-4f02-acb6-4391950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:32.000Z",
|
|
"modified": "2018-04-11T07:16:32.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '0f4c051987a8470289060e8556911a9bc0f22da863f3d50851b27bdb2cb80da4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb650-b340-4b8f-a656-4fd4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:32.000Z",
|
|
"modified": "2018-04-11T07:16:32.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '102ab656a6da5d29e284e53f3038863d99058e39e3ca005d3168ad7dfbf354c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb651-62ec-43f5-9792-49d1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:33.000Z",
|
|
"modified": "2018-04-11T07:16:33.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '1545a65c6b8564cbf26b399286a3b32ce204c6f650dbc4a5a64a6505f87cc723']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb651-ba20-49b6-84d5-4ada950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:33.000Z",
|
|
"modified": "2018-04-11T07:16:33.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '157942e817f4b619aa0f5445ccdab220e9d2548307c85cee3e8700f220cac999']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb651-1494-466b-94fe-436a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:33.000Z",
|
|
"modified": "2018-04-11T07:16:33.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '2020b8e5ff85854c603c41cad47061a3bf69b2b7a3c53b564b7119c2e17438df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb652-2cd8-4f03-b634-4cfc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:34.000Z",
|
|
"modified": "2018-04-11T07:16:34.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '20377bfd2f040c8e0a8742be4f5ed122986dd71f0a6acf803ee2817d96f92a15']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb652-5f4c-4500-b94c-4166950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:34.000Z",
|
|
"modified": "2018-04-11T07:16:34.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '282ca732c011f3d1fc426718b99acd38f55ffe43cd6763c0b98e31a933976622']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb653-5348-4036-8e70-4204950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:35.000Z",
|
|
"modified": "2018-04-11T07:16:35.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '2f55acaf0cb8c21d121434e69214a3ccdbc64c46126083fa2d390131772453ea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb653-df08-403b-9e78-40ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:35.000Z",
|
|
"modified": "2018-04-11T07:16:35.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '32ae1154fb9459ef1f2b217cc49756cf38b641b035ab9365229b94a0b7352551']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb654-5c28-4f12-9658-48bc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:36.000Z",
|
|
"modified": "2018-04-11T07:16:36.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '370dea1cc8500ca3d649df5308af03613dad1f40199500cb735b85e0e673bd0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb654-6ed4-4efd-bd23-4962950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:36.000Z",
|
|
"modified": "2018-04-11T07:16:36.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '37df296572dce29c84898dc3f187fc7304a278730e825b9923412b867a88ac11']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb654-3460-447c-a723-453f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:36.000Z",
|
|
"modified": "2018-04-11T07:16:36.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '3b49e25e161538baac3babce8755ec45245bec7a80ff5465c7b0838c4ebae19f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb655-3678-492f-8a80-4380950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:37.000Z",
|
|
"modified": "2018-04-11T07:16:37.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '41d221b2cdb475db89d3f9786952d09c9d407716ae329899f0b2d774f5ce1704']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb655-f360-4516-9cfc-424a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:37.000Z",
|
|
"modified": "2018-04-11T07:16:37.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '4b888de7d81be5c58943d99df42685c8b1597a3dd20462b392a9662484ea2dac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb656-32b4-4f2c-9b7f-4c71950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:38.000Z",
|
|
"modified": "2018-04-11T07:16:38.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '50cb04006874e95adb659a1a3bbe8b2dbb3dbb15ea2f5438148f5560ef61e258']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb656-6070-4a8f-a280-43e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:38.000Z",
|
|
"modified": "2018-04-11T07:16:38.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '546af611540e98482b3726781826cccae7ffa6da87be1876521110780a623b6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb657-d340-448b-8522-4e5a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:39.000Z",
|
|
"modified": "2018-04-11T07:16:39.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '5b390b7f2e6be69866acd57209002c087876b9f4e2b8bdcd281c671c4a9a80a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb657-12e8-43e3-86f3-4add950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:39.000Z",
|
|
"modified": "2018-04-11T07:16:39.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '5bf3918a124b61a166d31d654b7cb0ab412dda5f1f600f29aa07974e782764f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb657-bb5c-4f8b-88bf-48a9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:39.000Z",
|
|
"modified": "2018-04-11T07:16:39.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '5d62839bd76383c43eca681d9abc6ec4b0df9ae7deadc4ac23bf4d38f4b0b17d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb658-628c-4670-b40c-4aee950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:40.000Z",
|
|
"modified": "2018-04-11T07:16:40.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '60de5a8a9cb0d935a57ad8c60943fc711630232ec2564b496c043419ee3eb6a9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb658-dfe0-4c52-af91-4d6a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:40.000Z",
|
|
"modified": "2018-04-11T07:16:40.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '6154b14bb4d7c682262c6e343bf162954cc3bafbbc719b660f8a081b24281a02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb659-b424-4689-a966-41e4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:41.000Z",
|
|
"modified": "2018-04-11T07:16:41.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '66ff80b4341b706f8d3b7bbc3082348d669c0103187d68f0be9dee47c4c617ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb659-dd2c-4c34-a1ac-46a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:41.000Z",
|
|
"modified": "2018-04-11T07:16:41.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '67ad6f0cee01cd991880d0756175e49d35ea52e19517f7b2f9941a2269d25cb7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb659-e09c-47e2-b8fc-4c2f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:41.000Z",
|
|
"modified": "2018-04-11T07:16:41.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '68af89221274b2b8686c2d62ab2f003f028cf5959adda44ac1f897d42387df20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65a-3b20-434a-a8f9-4ed8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:42.000Z",
|
|
"modified": "2018-04-11T07:16:42.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '6fec415bf926c0ea5b672d693a671435c6798c8deeed462da3221ab3d6cbee39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65a-bf38-4792-bfa7-4f73950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:42.000Z",
|
|
"modified": "2018-04-11T07:16:42.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '77f074a736244a304de87987ae8ca9f292545e910abaaf5d0a256a8a67fbc1f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65b-6c18-427f-aa53-4836950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:43.000Z",
|
|
"modified": "2018-04-11T07:16:43.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '7e11c4178ddfaae2d03fbd35b6048f58d5a479179e562ea9a03dbbe3c71dd721']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65b-54d8-4e8a-ab45-4793950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:43.000Z",
|
|
"modified": "2018-04-11T07:16:43.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '81b248ce7a75a6eb4d9af35bdf993eaf29a51d428942a76772f4b85f203d53cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65b-4038-4d57-a020-46fd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:43.000Z",
|
|
"modified": "2018-04-11T07:16:43.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '837f3d4de8c3e0b409fa52939b8e1bc5c4ebe559c270247ecfad94428b4c5e76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65c-7fb0-4467-942b-4a09950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:44.000Z",
|
|
"modified": "2018-04-11T07:16:44.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '8844afa5245635ab4f32f598ff28ba63d13d0b31a1eecd36c7ce16bd2c1317c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65c-4a18-4c02-86e0-47eb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:44.000Z",
|
|
"modified": "2018-04-11T07:16:44.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '88c6b832ecd365f23d8076eba0ad8a7f661963f6c7bc9afb82ab1170261e3631']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65d-4c70-43f8-a88b-422f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:45.000Z",
|
|
"modified": "2018-04-11T07:16:45.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '896aee2d759e31c71e4b5e4b69a3470e0b97897399060bab4c3d2d955661129c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65d-1d68-4227-84aa-4bce950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:45.000Z",
|
|
"modified": "2018-04-11T07:16:45.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '8d9dd4f611e7d66769f44877b95f4b387c093bc58d701b1695e2b75fc5ce178b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65e-7650-41c1-b7b6-4527950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:46.000Z",
|
|
"modified": "2018-04-11T07:16:46.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '912558c5614e392fdafd2c80eb52a7e58ef4b87e40c3972ff436f8af7c3afacf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65e-36e8-4837-bdfc-4ec5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:46.000Z",
|
|
"modified": "2018-04-11T07:16:46.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '9148a7caa1734ef58bb220706c446e7283e11678817d58c87f533497f8941b82']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65f-3868-4b8e-b422-4c9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:47.000Z",
|
|
"modified": "2018-04-11T07:16:47.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '9208b28c196686be62bb3d95df858f755af0c279e280dee294067cb783395844']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65f-84f8-4070-8052-42a3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:47.000Z",
|
|
"modified": "2018-04-11T07:16:47.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '97b397da7e73f51f3db3accee40ceb45516cce3e4f749f9013501f0679c5e6c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb65f-bd78-4ace-8505-4b4c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:47.000Z",
|
|
"modified": "2018-04-11T07:16:47.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '982ca85a519bc7dfb9cf0cadd8d30194dcb7628e7efdf6b668ca461a0b7aeb0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb660-4ea4-43a3-b360-4245950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:48.000Z",
|
|
"modified": "2018-04-11T07:16:48.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '9d6809571bec7429098bcb7ca0b12f8cb094d9079c6765b10a9c90b881ee9d37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb660-d110-4bc7-bec1-46e2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:48.000Z",
|
|
"modified": "2018-04-11T07:16:48.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '9ddefdb78069404dd8581e9b46e9fb7a19509cb3000a02cd5e4ce9e2da744857']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb661-0bcc-4db2-9cc9-450a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:49.000Z",
|
|
"modified": "2018-04-11T07:16:49.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '9e52fece2e0fa2fbcd3a39a5c75888d5257f6ac6a07ac514ad398d6d1f33385f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb661-cfb4-418a-bb48-46cf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:49.000Z",
|
|
"modified": "2018-04-11T07:16:49.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'a390df91a70c6d745ec1ee660008964a476e0bb9f1e4e15314ab7117221f3832']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb661-c1f8-48bb-8823-4bb2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:49.000Z",
|
|
"modified": "2018-04-11T07:16:49.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'a6e8437bb7b154bf3302f8d808decf713e853b7aecf45ff2e86edd0352892161']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb662-6488-4731-9486-4917950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:50.000Z",
|
|
"modified": "2018-04-11T07:16:50.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'a7f2a6e8c4101736de31d09b6fb195e022e52486712fac1bd8deb6f8712b7072']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb662-5c48-414d-bed9-4bf8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:50.000Z",
|
|
"modified": "2018-04-11T07:16:50.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'a85ce26f3739e133e0d2331313a5d5d617e41efc208e78e850adbc21b8897182']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb663-8e04-4157-b2ce-407f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:51.000Z",
|
|
"modified": "2018-04-11T07:16:51.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'a93f64c8ab09872d430dd8c2518b0d790b75fab9f26e2e554a8c30d96f8d1ab9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb663-1cfc-4a4e-925b-4d5c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:51.000Z",
|
|
"modified": "2018-04-11T07:16:51.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'b06aa98ade6380dd2a622b68c16459158d509b288831715568f9807efa271eb8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb664-3b1c-41bc-906c-4e79950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:52.000Z",
|
|
"modified": "2018-04-11T07:16:52.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'b494725f1ea82048a1aa257d60bb81d879fb13bb3774eb4e2351bf2d4a202342']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb664-994c-4138-96a0-46f5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:52.000Z",
|
|
"modified": "2018-04-11T07:16:52.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'b4ce75d44dd898704101516b1d4bf2abcbbea206984efc6bbf46917f5c1cfa3f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb664-49ac-4682-a7bd-4d65950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:52.000Z",
|
|
"modified": "2018-04-11T07:16:52.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'b5ae73e8f9cdf7f3f17769f6b8e3f4b0a997bd93298761f9dd42e01bbde0d537']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb665-8b78-479a-83f4-4f65950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:53.000Z",
|
|
"modified": "2018-04-11T07:16:53.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'bbe27921800f4e478d27655caa83f7f34abcd0f3575cd708cc4bba5d6ada3c17']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb665-12c8-4794-b0d9-43de950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:53.000Z",
|
|
"modified": "2018-04-11T07:16:53.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'bc009d455e2b74ebbe5e3d7efe90f547fa493ad35d9e0261b99bf21edeae33ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb666-11d8-4d24-a679-40e2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:54.000Z",
|
|
"modified": "2018-04-11T07:16:54.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'c016e87dc135ba1311f5fd10ae8592ff8c89fb1cb6f6fb96285a0db911ac58e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb666-cc4c-4252-8d79-4142950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:54.000Z",
|
|
"modified": "2018-04-11T07:16:54.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'c25d0f9c58ebf44f312482f4fa3674bd3c0c1d4c1337bf8051ceb1e9661dce02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb666-f2c8-4faa-8644-4a88950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:54.000Z",
|
|
"modified": "2018-04-11T07:16:54.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'c29687a47fcfff0242094020710757dc2c6d7f9bea029dbf1bb8167189800ad9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb667-1870-49ed-afa2-44ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:55.000Z",
|
|
"modified": "2018-04-11T07:16:55.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'c38c609a0ec13ee3bb30baf9d33eebd8fe585812711d36124acf0ae582767289']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb667-2ee4-41f1-a088-44a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:55.000Z",
|
|
"modified": "2018-04-11T07:16:55.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'cb4ae6533cdacae7c37fd04d2dbe5017cf2be82c94cfa531781c5ecc3a4c2953']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb668-9b98-4d1d-a741-4520950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:56.000Z",
|
|
"modified": "2018-04-11T07:16:56.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'ce1d62490554e11c791665ee52b0a54b2cc81c5f3626741b6fab42cae561bfc5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb668-411c-46e1-b31b-4cf0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:56.000Z",
|
|
"modified": "2018-04-11T07:16:56.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'd08615d6c29ea77526bf7284fcff19110879347b59f74c06a4f488297c28f127']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb668-e598-44cd-995c-447c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:56.000Z",
|
|
"modified": "2018-04-11T07:16:56.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'd5013d60114db31814c879c530875ae4753f5b1b34b47f8efda0a0bbf25288a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb669-ee10-40a4-811e-4717950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:57.000Z",
|
|
"modified": "2018-04-11T07:16:57.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'd571ab0754b54ad07029a678f925227f287589cd07759461fc54dba76ef38eeb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb669-aafc-4ee8-ae63-417c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:57.000Z",
|
|
"modified": "2018-04-11T07:16:57.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'dcad1128bef3f0f530b5870c2c6d648a8dc009126cdd63ce183ee96c708d4c39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66a-3ae4-4abb-922f-4f18950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:58.000Z",
|
|
"modified": "2018-04-11T07:16:58.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'e75a98818efbb849bbfa97850f84803fbad0f22b5c2d8062a88515bdcf90d6f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66a-8860-49d8-8296-4b19950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:58.000Z",
|
|
"modified": "2018-04-11T07:16:58.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'eac274621506fed73f513cf220bd26b78b570e9cea2c341a24aba1392b539440']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66a-9a00-4a23-9939-4ad8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:58.000Z",
|
|
"modified": "2018-04-11T07:16:58.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'ece6d98c65b072efc44f062710faf35c640ba6d33c60beb0d329637a9efdc38e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66b-142c-408e-83c0-41ad950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:59.000Z",
|
|
"modified": "2018-04-11T07:16:59.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'f3ba8ef1b7623ac310841b8ddc02324f5955df2ec0b1f9e692cea425d1b45553']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66b-b070-40d5-8767-47cc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:16:59.000Z",
|
|
"modified": "2018-04-11T07:16:59.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'f4f6f6dc40190af6bcd10fa7b84c2c1b8208e6c8db9c7de6bdd3e86a73d360eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:16:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66c-f614-4b90-98b4-4a63950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:17:00.000Z",
|
|
"modified": "2018-04-11T07:17:00.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'f5cd4a9dcd92a517ab05fb75af3ff9e8d86ccdf72185a6b9a1eade28d2f54d61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:17:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66c-aec0-4b32-97d4-42d6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:17:00.000Z",
|
|
"modified": "2018-04-11T07:17:00.000Z",
|
|
"pattern": "[file:hashes.SHA256 = 'f7b468fe1612da9b4fbf1a60532a4d3977fca23594a5336dcb5e0084c6567d1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:17:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66c-4fac-40f3-b063-4b60950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:17:00.000Z",
|
|
"modified": "2018-04-11T07:17:00.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '501d7c038988baff6658e4b7059cc470a7a18388780d6a7dd047adb341374bb3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:17:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66d-5928-4c61-984e-45c4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:17:01.000Z",
|
|
"modified": "2018-04-11T07:17:01.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '805f7cf6f4a5c737ea3a816d630a507f560ea93b3fa8bc9161cb23b4277e4d2f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:17:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb66d-3c6c-43cf-b6da-4db6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T07:17:01.000Z",
|
|
"modified": "2018-04-11T07:17:01.000Z",
|
|
"pattern": "[file:hashes.SHA256 = '5d2d2a744f3accfe16c8796568895f7f6aeb3b05860bf236dce7efd30e477fab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T07:17:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Payload delivery"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"sha256\"",
|
|
"misp:category=\"Payload delivery\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75b-0f4c-49c0-b0fa-4bd7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:23.000Z",
|
|
"modified": "2018-04-11T14:49:23.000Z",
|
|
"pattern": "[domain-name:value = '2fclss34f34vds3g.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75b-6500-4acb-be39-40a7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:23.000Z",
|
|
"modified": "2018-04-11T14:49:23.000Z",
|
|
"pattern": "[domain-name:value = '2fclss34f34vds3g.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75c-ed48-4329-9434-430e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:24.000Z",
|
|
"modified": "2018-04-11T14:49:24.000Z",
|
|
"pattern": "[domain-name:value = '2fclss34f34vds3g.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75c-9940-4460-a098-42ff950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:24.000Z",
|
|
"modified": "2018-04-11T14:49:24.000Z",
|
|
"pattern": "[domain-name:value = '2fclss34f34vds3g.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75d-4afc-406a-bd6b-483e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:25.000Z",
|
|
"modified": "2018-04-11T14:49:25.000Z",
|
|
"pattern": "[domain-name:value = '2ornw2576l5x6qbd.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75d-8f3c-40f3-ad71-4a4b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:25.000Z",
|
|
"modified": "2018-04-11T14:49:25.000Z",
|
|
"pattern": "[domain-name:value = '2ornw2576l5x6qbd.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75d-d8a8-45eb-988c-4167950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:26.000Z",
|
|
"modified": "2018-04-11T14:49:26.000Z",
|
|
"pattern": "[domain-name:value = '2wffry2tf7fgieoe.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75e-afac-4976-a9f4-4de8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:26.000Z",
|
|
"modified": "2018-04-11T14:49:26.000Z",
|
|
"pattern": "[domain-name:value = '2wffry2tf7fgieoe.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75e-4ef0-4b78-a698-4d13950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:27.000Z",
|
|
"modified": "2018-04-11T14:49:27.000Z",
|
|
"pattern": "[domain-name:value = '2xbjijexwh3kzucz.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75f-fdb0-4d76-9856-4cda950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:27.000Z",
|
|
"modified": "2018-04-11T14:49:27.000Z",
|
|
"pattern": "[domain-name:value = '2xbjijexwh3kzucz.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75f-f3ec-48a4-9349-45b4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:28.000Z",
|
|
"modified": "2018-04-11T14:49:28.000Z",
|
|
"pattern": "[domain-name:value = '36ogjlk2a4cj2kkq.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb75f-7900-4328-8d8c-45fb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:28.000Z",
|
|
"modified": "2018-04-11T14:49:28.000Z",
|
|
"pattern": "[domain-name:value = '36ogjlk2a4cj2kkq.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb760-23e0-4d9e-8315-40a5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:29.000Z",
|
|
"modified": "2018-04-11T14:49:29.000Z",
|
|
"pattern": "[domain-name:value = '36ogjlk2a4cj2kkq.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb760-c580-416c-872e-4dd5950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:29.000Z",
|
|
"modified": "2018-04-11T14:49:29.000Z",
|
|
"pattern": "[domain-name:value = '36ogjlk2a4cj2kkq.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb761-f400-477b-9cd1-4d08950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:30.000Z",
|
|
"modified": "2018-04-11T14:49:30.000Z",
|
|
"pattern": "[domain-name:value = '37kcwpfxuftyiyie.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb761-6a40-45d2-b3b1-49db950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:30.000Z",
|
|
"modified": "2018-04-11T14:49:30.000Z",
|
|
"pattern": "[domain-name:value = '37kcwpfxuftyiyie.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb762-0e08-4710-96a6-45fc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:31.000Z",
|
|
"modified": "2018-04-11T14:49:31.000Z",
|
|
"pattern": "[domain-name:value = '3dpiqdi3ht6rt6ar.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb762-96a4-4ba4-8375-4f3a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:31.000Z",
|
|
"modified": "2018-04-11T14:49:31.000Z",
|
|
"pattern": "[domain-name:value = '3dpiqdi3ht6rt6ar.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb762-cc00-4db9-a845-4c9e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:32.000Z",
|
|
"modified": "2018-04-11T14:49:32.000Z",
|
|
"pattern": "[domain-name:value = '3dpiqdi3ht6rt6ar.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb763-8fe0-473d-aacf-461c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:32.000Z",
|
|
"modified": "2018-04-11T14:49:32.000Z",
|
|
"pattern": "[domain-name:value = '3dpiqdi3ht6rt6ar.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb763-2370-4f1d-bf55-4add950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:33.000Z",
|
|
"modified": "2018-04-11T14:49:33.000Z",
|
|
"pattern": "[domain-name:value = '3o4iasq44nln3gl6.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb764-8b48-4946-9658-4c6b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:33.000Z",
|
|
"modified": "2018-04-11T14:49:33.000Z",
|
|
"pattern": "[domain-name:value = '3o4iasq44nln3gl6.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb764-92f4-4267-9f39-444a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:34.000Z",
|
|
"modified": "2018-04-11T14:49:34.000Z",
|
|
"pattern": "[domain-name:value = '3oomttogcy5xt6yh.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb764-9654-45a8-8fc1-49f8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:34.000Z",
|
|
"modified": "2018-04-11T14:49:34.000Z",
|
|
"pattern": "[domain-name:value = '3oomttogcy5xt6yh.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb765-29dc-4104-a4fa-4b5e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:35.000Z",
|
|
"modified": "2018-04-11T14:49:35.000Z",
|
|
"pattern": "[domain-name:value = '3xjj3i6rv3bdxd6p.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb765-8358-451e-b98c-4bc4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:35.000Z",
|
|
"modified": "2018-04-11T14:49:35.000Z",
|
|
"pattern": "[domain-name:value = '3xjj3i6rv3bdxd6p.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb766-3704-4511-9d81-4283950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:36.000Z",
|
|
"modified": "2018-04-11T14:49:36.000Z",
|
|
"pattern": "[domain-name:value = '4i6fo2azfebgx5zf.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb766-47c0-4e20-94c0-4de3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:36.000Z",
|
|
"modified": "2018-04-11T14:49:36.000Z",
|
|
"pattern": "[domain-name:value = '4i6fo2azfebgx5zf.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb766-f9e0-4345-8835-4f11950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:36.000Z",
|
|
"modified": "2018-04-11T14:49:36.000Z",
|
|
"pattern": "[domain-name:value = '4styaskxqsfqkhza.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb767-7664-483b-a94e-4ef9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:37.000Z",
|
|
"modified": "2018-04-11T14:49:37.000Z",
|
|
"pattern": "[domain-name:value = '4styaskxqsfqkhza.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb767-0800-49c3-a7b8-4c80950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:37.000Z",
|
|
"modified": "2018-04-11T14:49:37.000Z",
|
|
"pattern": "[domain-name:value = '4styaskxqsfqkhza.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb768-4958-4471-a13f-4e03950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:38.000Z",
|
|
"modified": "2018-04-11T14:49:38.000Z",
|
|
"pattern": "[domain-name:value = '4styaskxqsfqkhza.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb768-fb98-4ecb-b7a5-4a35950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:38.000Z",
|
|
"modified": "2018-04-11T14:49:38.000Z",
|
|
"pattern": "[domain-name:value = '57auvhrf64spdrne.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb768-6a4c-4107-85c4-4659950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:39.000Z",
|
|
"modified": "2018-04-11T14:49:39.000Z",
|
|
"pattern": "[domain-name:value = '57auvhrf64spdrne.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb769-55e4-4661-9dec-41f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:39.000Z",
|
|
"modified": "2018-04-11T14:49:39.000Z",
|
|
"pattern": "[domain-name:value = '57auvhrf64spdrne.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb769-2598-408b-bbed-494b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:40.000Z",
|
|
"modified": "2018-04-11T14:49:40.000Z",
|
|
"pattern": "[domain-name:value = '57auvhrf64spdrne.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76a-415c-4b5c-8c50-4f23950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:40.000Z",
|
|
"modified": "2018-04-11T14:49:40.000Z",
|
|
"pattern": "[domain-name:value = '5qyytvlb4gujxuhg.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76a-0e58-4e66-a52f-4ce2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:41.000Z",
|
|
"modified": "2018-04-11T14:49:41.000Z",
|
|
"pattern": "[domain-name:value = '5qyytvlb4gujxuhg.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76a-3c00-4f03-84c4-4bd2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:41.000Z",
|
|
"modified": "2018-04-11T14:49:41.000Z",
|
|
"pattern": "[domain-name:value = '5ss5uibr5nmok3yp.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76b-0cb4-4f6f-b0a3-4755950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:42.000Z",
|
|
"modified": "2018-04-11T14:49:42.000Z",
|
|
"pattern": "[domain-name:value = '5ss5uibr5nmok3yp.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76b-ddb4-4054-be7c-47cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:42.000Z",
|
|
"modified": "2018-04-11T14:49:42.000Z",
|
|
"pattern": "[domain-name:value = '5x6leiiycwoetn7u.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76c-6e8c-4721-9221-496d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:43.000Z",
|
|
"modified": "2018-04-11T14:49:43.000Z",
|
|
"pattern": "[domain-name:value = '5x6leiiycwoetn7u.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76c-9aec-49d4-9090-48b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:43.000Z",
|
|
"modified": "2018-04-11T14:49:43.000Z",
|
|
"pattern": "[domain-name:value = '5z5zt3qzyp6j4bda.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76c-3f78-4e58-9ad3-460a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:44.000Z",
|
|
"modified": "2018-04-11T14:49:44.000Z",
|
|
"pattern": "[domain-name:value = '5z5zt3qzyp6j4bda.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76d-51c4-4c6e-84fe-41aa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:44.000Z",
|
|
"modified": "2018-04-11T14:49:44.000Z",
|
|
"pattern": "[domain-name:value = '6ppk2oii4hsweqb7.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76d-17b8-4985-b883-419a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:45.000Z",
|
|
"modified": "2018-04-11T14:49:45.000Z",
|
|
"pattern": "[domain-name:value = '6ppk2oii4hsweqb7.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76e-b2d4-492d-95c9-49fe950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:45.000Z",
|
|
"modified": "2018-04-11T14:49:45.000Z",
|
|
"pattern": "[domain-name:value = '6ppk2oii4hsweqb7.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76e-3e34-490a-90dc-4e81950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:45.000Z",
|
|
"modified": "2018-04-11T14:49:45.000Z",
|
|
"pattern": "[domain-name:value = '6ppk2oii4hsweqb7.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76f-0660-472d-8f75-4991950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:46.000Z",
|
|
"modified": "2018-04-11T14:49:46.000Z",
|
|
"pattern": "[domain-name:value = '6vncblhu2qbt7jo6.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76f-134c-4069-b60c-493d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:46.000Z",
|
|
"modified": "2018-04-11T14:49:46.000Z",
|
|
"pattern": "[domain-name:value = '6vncblhu2qbt7jo6.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb76f-b5e4-4a7b-8709-41df950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:47.000Z",
|
|
"modified": "2018-04-11T14:49:47.000Z",
|
|
"pattern": "[domain-name:value = '7ks52yjrg75l4a7a.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb770-ff84-45b8-9615-4b8b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:47.000Z",
|
|
"modified": "2018-04-11T14:49:47.000Z",
|
|
"pattern": "[domain-name:value = '7ks52yjrg75l4a7a.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb770-f950-4001-9e8d-4b82950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:48.000Z",
|
|
"modified": "2018-04-11T14:49:48.000Z",
|
|
"pattern": "[domain-name:value = '7ks52yjrg75l4a7a.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb771-724c-4ff7-a084-4a6e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:48.000Z",
|
|
"modified": "2018-04-11T14:49:48.000Z",
|
|
"pattern": "[domain-name:value = '7ks52yjrg75l4a7a.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb771-875c-433d-b9f2-4a7c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:49.000Z",
|
|
"modified": "2018-04-11T14:49:49.000Z",
|
|
"pattern": "[domain-name:value = 'ah5oaxc2b3gog5tv.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb771-8a44-4b4c-a7b2-4332950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:49.000Z",
|
|
"modified": "2018-04-11T14:49:49.000Z",
|
|
"pattern": "[domain-name:value = 'ah5oaxc2b3gog5tv.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb772-3668-4931-92b0-409a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:50.000Z",
|
|
"modified": "2018-04-11T14:49:50.000Z",
|
|
"pattern": "[domain-name:value = 'ah5oaxc2b3gog5tv.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb772-37c8-4751-a214-4d4d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:50.000Z",
|
|
"modified": "2018-04-11T14:49:50.000Z",
|
|
"pattern": "[domain-name:value = 'ah5oaxc2b3gog5tv.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb773-1c1c-458e-98c6-4b2b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:50.000Z",
|
|
"modified": "2018-04-11T14:49:50.000Z",
|
|
"pattern": "[domain-name:value = 'aoj2cxd562rzm6b4.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb773-1420-4c1d-b10f-454b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:51.000Z",
|
|
"modified": "2018-04-11T14:49:51.000Z",
|
|
"pattern": "[domain-name:value = 'aoj2cxd562rzm6b4.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb773-accc-4500-998a-4972950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:51.000Z",
|
|
"modified": "2018-04-11T14:49:51.000Z",
|
|
"pattern": "[domain-name:value = 'aoj2cxd562rzm6b4.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb774-f8f4-4509-8ff5-4c17950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:52.000Z",
|
|
"modified": "2018-04-11T14:49:52.000Z",
|
|
"pattern": "[domain-name:value = 'aoj2cxd562rzm6b4.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb774-8e64-4d70-9533-43d7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:52.000Z",
|
|
"modified": "2018-04-11T14:49:52.000Z",
|
|
"pattern": "[domain-name:value = 'b4l7gbnyduslzhq4.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb775-6608-41fe-94b0-4ed7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:52.000Z",
|
|
"modified": "2018-04-11T14:49:52.000Z",
|
|
"pattern": "[domain-name:value = 'b4l7gbnyduslzhq4.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb775-66e8-4579-97d2-4b88950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:53.000Z",
|
|
"modified": "2018-04-11T14:49:53.000Z",
|
|
"pattern": "[domain-name:value = 'biu7giko4sisp4lw.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb775-ede0-4291-9fe7-470f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:53.000Z",
|
|
"modified": "2018-04-11T14:49:53.000Z",
|
|
"pattern": "[domain-name:value = 'biu7giko4sisp4lw.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb776-f7d0-4d6d-8066-4dc6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:54.000Z",
|
|
"modified": "2018-04-11T14:49:54.000Z",
|
|
"pattern": "[domain-name:value = 'c2ycqnwhj6yqhhai.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb776-e64c-43a6-bb3d-4d03950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:54.000Z",
|
|
"modified": "2018-04-11T14:49:54.000Z",
|
|
"pattern": "[domain-name:value = 'c2ycqnwhj6yqhhai.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb777-f914-44d5-9c9d-496c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:54.000Z",
|
|
"modified": "2018-04-11T14:49:54.000Z",
|
|
"pattern": "[domain-name:value = 'coaeeaer3pqcks7m.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb777-7f58-44a0-8108-45c1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:55.000Z",
|
|
"modified": "2018-04-11T14:49:55.000Z",
|
|
"pattern": "[domain-name:value = 'coaeeaer3pqcks7m.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb778-504c-47df-a46c-443b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:55.000Z",
|
|
"modified": "2018-04-11T14:49:55.000Z",
|
|
"pattern": "[domain-name:value = 'cve637cartfax7ev.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb778-77c0-4c66-9ea7-486a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:56.000Z",
|
|
"modified": "2018-04-11T14:49:56.000Z",
|
|
"pattern": "[domain-name:value = 'cve637cartfax7ev.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb778-4b9c-4033-b7eb-4792950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:56.000Z",
|
|
"modified": "2018-04-11T14:49:56.000Z",
|
|
"pattern": "[domain-name:value = 'dzzh6qcw6keale7n.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb779-0218-44ea-aa53-4992950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:57.000Z",
|
|
"modified": "2018-04-11T14:49:57.000Z",
|
|
"pattern": "[domain-name:value = 'dzzh6qcw6keale7n.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb779-a244-4a2d-9cfc-4cd6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:57.000Z",
|
|
"modified": "2018-04-11T14:49:57.000Z",
|
|
"pattern": "[domain-name:value = 'e57u4nkwgrqshb65.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb779-d368-4c1f-a4b1-4a94950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:58.000Z",
|
|
"modified": "2018-04-11T14:49:58.000Z",
|
|
"pattern": "[domain-name:value = 'e57u4nkwgrqshb65.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77a-5f58-47f5-8709-4e08950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:58.000Z",
|
|
"modified": "2018-04-11T14:49:58.000Z",
|
|
"pattern": "[domain-name:value = 'exzifjjxhvj7k4af.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:58Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77a-2584-462b-8afb-4c29950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:59.000Z",
|
|
"modified": "2018-04-11T14:49:59.000Z",
|
|
"pattern": "[domain-name:value = 'exzifjjxhvj7k4af.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77b-6740-44d5-95f5-4b39950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:59.000Z",
|
|
"modified": "2018-04-11T14:49:59.000Z",
|
|
"pattern": "[domain-name:value = 'f334jtfk2ujzsh55.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77b-2b3c-4caa-9745-4722950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:49:59.000Z",
|
|
"modified": "2018-04-11T14:49:59.000Z",
|
|
"pattern": "[domain-name:value = 'f334jtfk2ujzsh55.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:49:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77b-09bc-4f81-82e0-429e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:00.000Z",
|
|
"modified": "2018-04-11T14:50:00.000Z",
|
|
"pattern": "[domain-name:value = 'f334jtfk2ujzsh55.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77c-2d04-4328-bff8-4601950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:00.000Z",
|
|
"modified": "2018-04-11T14:50:00.000Z",
|
|
"pattern": "[domain-name:value = 'f334jtfk2ujzsh55.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77c-6178-4ee8-8843-4bed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:01.000Z",
|
|
"modified": "2018-04-11T14:50:01.000Z",
|
|
"pattern": "[domain-name:value = 'fqxxtwzobjd2wmll.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77d-1288-4b53-9ea3-4cab950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:01.000Z",
|
|
"modified": "2018-04-11T14:50:01.000Z",
|
|
"pattern": "[domain-name:value = 'fqxxtwzobjd2wmll.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77d-17dc-4d4c-80a1-496b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:02.000Z",
|
|
"modified": "2018-04-11T14:50:02.000Z",
|
|
"pattern": "[domain-name:value = 'ga7kdyiq5dxxl7x6.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77d-12d0-4e6f-ad6a-4d61950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:02.000Z",
|
|
"modified": "2018-04-11T14:50:02.000Z",
|
|
"pattern": "[domain-name:value = 'ga7kdyiq5dxxl7x6.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77e-f2d4-404c-93f8-4af0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:03.000Z",
|
|
"modified": "2018-04-11T14:50:03.000Z",
|
|
"pattern": "[domain-name:value = 'gmpsfqrlquaokfl5.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77e-c790-40ed-8017-46ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:03.000Z",
|
|
"modified": "2018-04-11T14:50:03.000Z",
|
|
"pattern": "[domain-name:value = 'gmpsfqrlquaokfl5.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77f-cec4-4c51-9d0a-4603950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:04.000Z",
|
|
"modified": "2018-04-11T14:50:04.000Z",
|
|
"pattern": "[domain-name:value = 'gmpsfqrlquaokfl5.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77f-d910-4f52-bf66-4e54950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:04.000Z",
|
|
"modified": "2018-04-11T14:50:04.000Z",
|
|
"pattern": "[domain-name:value = 'gmpsfqrlquaokfl5.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb77f-74ac-47c3-ade1-443f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:05.000Z",
|
|
"modified": "2018-04-11T14:50:05.000Z",
|
|
"pattern": "[domain-name:value = 'grux7gzs5fbppkjo.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb780-8b1c-484f-a75e-48ed950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:05.000Z",
|
|
"modified": "2018-04-11T14:50:05.000Z",
|
|
"pattern": "[domain-name:value = 'grux7gzs5fbppkjo.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:05Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb780-1e54-4f03-9549-4f7d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:06.000Z",
|
|
"modified": "2018-04-11T14:50:06.000Z",
|
|
"pattern": "[domain-name:value = 'h5mxnmeitj4vvrkd.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb781-4a98-4d01-8ec0-47dc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:06.000Z",
|
|
"modified": "2018-04-11T14:50:06.000Z",
|
|
"pattern": "[domain-name:value = 'h5mxnmeitj4vvrkd.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb781-cd30-4446-8bc5-4b23950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:07.000Z",
|
|
"modified": "2018-04-11T14:50:07.000Z",
|
|
"pattern": "[domain-name:value = 'hdbfosorb4txoemn.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb781-7ab4-4b13-847d-42a9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:07.000Z",
|
|
"modified": "2018-04-11T14:50:07.000Z",
|
|
"pattern": "[domain-name:value = 'hdbfosorb4txoemn.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb782-f0a8-4965-9227-421f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:07.000Z",
|
|
"modified": "2018-04-11T14:50:07.000Z",
|
|
"pattern": "[domain-name:value = 'hdbfosorb4txoemn.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:07Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb782-142c-427d-b102-455a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:08.000Z",
|
|
"modified": "2018-04-11T14:50:08.000Z",
|
|
"pattern": "[domain-name:value = 'hdbfosorb4txoemn.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb783-9f5c-4f84-8752-4591950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:08.000Z",
|
|
"modified": "2018-04-11T14:50:08.000Z",
|
|
"pattern": "[domain-name:value = 'hlpdosr7bjcnwffq.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb783-6bb4-4ae6-990d-4f7e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:09.000Z",
|
|
"modified": "2018-04-11T14:50:09.000Z",
|
|
"pattern": "[domain-name:value = 'hlpdosr7bjcnwffq.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb783-64f8-4893-8d87-4a45950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:09.000Z",
|
|
"modified": "2018-04-11T14:50:09.000Z",
|
|
"pattern": "[domain-name:value = 'hz4eks3znb6yjkne.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb784-11d8-45f1-9cbe-4f9c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:10.000Z",
|
|
"modified": "2018-04-11T14:50:10.000Z",
|
|
"pattern": "[domain-name:value = 'hz4eks3znb6yjkne.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb784-37ac-491d-8ce4-414c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:10.000Z",
|
|
"modified": "2018-04-11T14:50:10.000Z",
|
|
"pattern": "[domain-name:value = 'hz4eks3znb6yjkne.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:10Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb785-ed44-483a-b72a-4d31950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:11.000Z",
|
|
"modified": "2018-04-11T14:50:11.000Z",
|
|
"pattern": "[domain-name:value = 'hz4eks3znb6yjkne.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb785-78bc-496f-82c8-4469950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:11.000Z",
|
|
"modified": "2018-04-11T14:50:11.000Z",
|
|
"pattern": "[domain-name:value = 'igxhhnue75hvk5yc.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb785-2fb0-470b-b0a2-4cfd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:11.000Z",
|
|
"modified": "2018-04-11T14:50:11.000Z",
|
|
"pattern": "[domain-name:value = 'igxhhnue75hvk5yc.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb786-7d08-427e-8290-4afb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:12.000Z",
|
|
"modified": "2018-04-11T14:50:12.000Z",
|
|
"pattern": "[domain-name:value = 'igxhhnue75hvk5yc.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb786-0aec-4d53-b35e-4586950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:12.000Z",
|
|
"modified": "2018-04-11T14:50:12.000Z",
|
|
"pattern": "[domain-name:value = 'igxhhnue75hvk5yc.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:12Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb787-2c44-4ba5-a606-4e23950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:13.000Z",
|
|
"modified": "2018-04-11T14:50:13.000Z",
|
|
"pattern": "[domain-name:value = 'j3hicblskgzmtn57.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb787-18a8-4c68-8a4d-413b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:13.000Z",
|
|
"modified": "2018-04-11T14:50:13.000Z",
|
|
"pattern": "[domain-name:value = 'j3hicblskgzmtn57.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb787-24b0-4ba5-b6d6-49ec950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:14.000Z",
|
|
"modified": "2018-04-11T14:50:14.000Z",
|
|
"pattern": "[domain-name:value = 'j6cwasvq7u25xllt.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb788-9f64-4c46-a20e-40d0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:14.000Z",
|
|
"modified": "2018-04-11T14:50:14.000Z",
|
|
"pattern": "[domain-name:value = 'j6cwasvq7u25xllt.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb788-1f90-4e83-b9a0-4de9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:15.000Z",
|
|
"modified": "2018-04-11T14:50:15.000Z",
|
|
"pattern": "[domain-name:value = 'js2dqordly7dh5pe.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb789-18a0-47f8-8a49-464e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:15.000Z",
|
|
"modified": "2018-04-11T14:50:15.000Z",
|
|
"pattern": "[domain-name:value = 'js2dqordly7dh5pe.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb789-48bc-4b07-a465-40a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:16.000Z",
|
|
"modified": "2018-04-11T14:50:16.000Z",
|
|
"pattern": "[domain-name:value = 'lmco62zvt7fnezd5.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb789-ce44-4c9f-9362-40d3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:16.000Z",
|
|
"modified": "2018-04-11T14:50:16.000Z",
|
|
"pattern": "[domain-name:value = 'lmco62zvt7fnezd5.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78a-e6b0-40ac-9881-4cc7950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:17.000Z",
|
|
"modified": "2018-04-11T14:50:17.000Z",
|
|
"pattern": "[domain-name:value = 'lmco62zvt7fnezd5.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78a-7874-46d1-ad6d-4d5f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:17.000Z",
|
|
"modified": "2018-04-11T14:50:17.000Z",
|
|
"pattern": "[domain-name:value = 'lmco62zvt7fnezd5.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78b-2c60-49fe-8522-47a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:18.000Z",
|
|
"modified": "2018-04-11T14:50:18.000Z",
|
|
"pattern": "[domain-name:value = 'lmco62zvt7fnezd5.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78b-4abc-4e25-af12-4f30950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:18.000Z",
|
|
"modified": "2018-04-11T14:50:18.000Z",
|
|
"pattern": "[domain-name:value = 'lmco62zvt7fnezd5.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78b-d0a8-4529-9fc8-46e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:18.000Z",
|
|
"modified": "2018-04-11T14:50:18.000Z",
|
|
"pattern": "[domain-name:value = 'lmco62zvt7fnezd5.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78c-8e20-4c18-8940-41f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:19.000Z",
|
|
"modified": "2018-04-11T14:50:19.000Z",
|
|
"pattern": "[domain-name:value = 'lt7n4primhnggubc.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78c-94e4-4c54-9ee9-4f2a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:19.000Z",
|
|
"modified": "2018-04-11T14:50:19.000Z",
|
|
"pattern": "[domain-name:value = 'lt7n4primhnggubc.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78d-3400-40c1-bbc1-4c3e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:20.000Z",
|
|
"modified": "2018-04-11T14:50:20.000Z",
|
|
"pattern": "[domain-name:value = 'lzmy7ihwtp3sk7zy.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78d-5864-4b7e-80b0-4edc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:20.000Z",
|
|
"modified": "2018-04-11T14:50:20.000Z",
|
|
"pattern": "[domain-name:value = 'lzmy7ihwtp3sk7zy.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78d-efc8-42a3-92f0-4549950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:21.000Z",
|
|
"modified": "2018-04-11T14:50:21.000Z",
|
|
"pattern": "[domain-name:value = 'lzmy7ihwtp3sk7zy.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78e-6ff4-4dce-b423-440f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:21.000Z",
|
|
"modified": "2018-04-11T14:50:21.000Z",
|
|
"pattern": "[domain-name:value = 'lzmy7ihwtp3sk7zy.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78e-c638-4995-ab40-42c0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:21.000Z",
|
|
"modified": "2018-04-11T14:50:21.000Z",
|
|
"pattern": "[domain-name:value = 'm2262t2gm3hjchwq.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78f-e790-407b-8393-49f9950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:22.000Z",
|
|
"modified": "2018-04-11T14:50:22.000Z",
|
|
"pattern": "[domain-name:value = 'm2262t2gm3hjchwq.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78f-afc4-40e6-a6ea-4ba2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:22.000Z",
|
|
"modified": "2018-04-11T14:50:22.000Z",
|
|
"pattern": "[domain-name:value = 'oaqwipugt3j76uh3.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb78f-95a4-409c-bc2f-4d9f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:23.000Z",
|
|
"modified": "2018-04-11T14:50:23.000Z",
|
|
"pattern": "[domain-name:value = 'oaqwipugt3j76uh3.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb790-3f68-492f-b2b4-4a68950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:23.000Z",
|
|
"modified": "2018-04-11T14:50:23.000Z",
|
|
"pattern": "[domain-name:value = 'oaqwipugt3j76uh3.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb790-3cf8-4f80-bd9f-462b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:24.000Z",
|
|
"modified": "2018-04-11T14:50:24.000Z",
|
|
"pattern": "[domain-name:value = 'oaqwipugt3j76uh3.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb791-b1d8-48da-a553-4941950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:24.000Z",
|
|
"modified": "2018-04-11T14:50:24.000Z",
|
|
"pattern": "[domain-name:value = 'ood234tvqvwgyhyc.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb791-4d90-484b-921f-4c33950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:24.000Z",
|
|
"modified": "2018-04-11T14:50:24.000Z",
|
|
"pattern": "[domain-name:value = 'ood234tvqvwgyhyc.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:24Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb791-2460-49bb-8286-4e6b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:25.000Z",
|
|
"modified": "2018-04-11T14:50:25.000Z",
|
|
"pattern": "[domain-name:value = 'oplrj4fkrttdb73g.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb792-7188-4ebd-b358-40c6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:25.000Z",
|
|
"modified": "2018-04-11T14:50:25.000Z",
|
|
"pattern": "[domain-name:value = 'oplrj4fkrttdb73g.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb792-a568-4ff4-befa-4077950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:26.000Z",
|
|
"modified": "2018-04-11T14:50:26.000Z",
|
|
"pattern": "[domain-name:value = 'oplrj4fkrttdb73g.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb792-01c8-40d6-85a0-4bbf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:26.000Z",
|
|
"modified": "2018-04-11T14:50:26.000Z",
|
|
"pattern": "[domain-name:value = 'oplrj4fkrttdb73g.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb793-0f1c-407e-82fb-4eaa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:27.000Z",
|
|
"modified": "2018-04-11T14:50:27.000Z",
|
|
"pattern": "[domain-name:value = 'os753ef6bou7d23c.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb793-9438-40d9-aebb-4f29950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:27.000Z",
|
|
"modified": "2018-04-11T14:50:27.000Z",
|
|
"pattern": "[domain-name:value = 'os753ef6bou7d23c.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb794-5de8-40cb-b099-4a96950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:27.000Z",
|
|
"modified": "2018-04-11T14:50:27.000Z",
|
|
"pattern": "[domain-name:value = 'os753ef6bou7d23c.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb794-73d0-429e-acd6-44a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:28.000Z",
|
|
"modified": "2018-04-11T14:50:28.000Z",
|
|
"pattern": "[domain-name:value = 'os753ef6bou7d23c.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb794-5d28-4025-93aa-47e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:28.000Z",
|
|
"modified": "2018-04-11T14:50:28.000Z",
|
|
"pattern": "[domain-name:value = 'q5qfxjzckoclzk2y.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb795-58f8-4ed2-b97c-46e0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:29.000Z",
|
|
"modified": "2018-04-11T14:50:29.000Z",
|
|
"pattern": "[domain-name:value = 'q5qfxjzckoclzk2y.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb795-7ed8-484b-9f01-45a0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:29.000Z",
|
|
"modified": "2018-04-11T14:50:29.000Z",
|
|
"pattern": "[domain-name:value = 'q5qfxjzckoclzk2y.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb796-3700-42bd-bb3f-40a8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:29.000Z",
|
|
"modified": "2018-04-11T14:50:29.000Z",
|
|
"pattern": "[domain-name:value = 'q5qfxjzckoclzk2y.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb796-767c-44ee-a7d9-448f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:30.000Z",
|
|
"modified": "2018-04-11T14:50:30.000Z",
|
|
"pattern": "[domain-name:value = 'qcuifb2klqqkwc5q.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb796-46c0-4edd-beb9-4070950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:30.000Z",
|
|
"modified": "2018-04-11T14:50:30.000Z",
|
|
"pattern": "[domain-name:value = 'qcuifb2klqqkwc5q.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb797-4b84-4eea-8b4c-4518950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:31.000Z",
|
|
"modified": "2018-04-11T14:50:31.000Z",
|
|
"pattern": "[domain-name:value = 'qcuifb2klqqkwc5q.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb797-cf40-42dc-aa80-4fa0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:31.000Z",
|
|
"modified": "2018-04-11T14:50:31.000Z",
|
|
"pattern": "[domain-name:value = 'qcuifb2klqqkwc5q.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb798-95b8-492a-a773-4af8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:31.000Z",
|
|
"modified": "2018-04-11T14:50:31.000Z",
|
|
"pattern": "[domain-name:value = 'qcuifb2klqqkwc5q.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb798-47d4-4acc-9c44-4cfc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:32.000Z",
|
|
"modified": "2018-04-11T14:50:32.000Z",
|
|
"pattern": "[domain-name:value = 'qcuifb2klqqkwc5q.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb799-2d0c-4521-b40e-4a2c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:32.000Z",
|
|
"modified": "2018-04-11T14:50:32.000Z",
|
|
"pattern": "[domain-name:value = 'qcuifb2klqqkwc5q.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb799-bf8c-40da-a3fb-46bf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:33.000Z",
|
|
"modified": "2018-04-11T14:50:33.000Z",
|
|
"pattern": "[domain-name:value = 'r5phdthf46spnmuq.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb799-6d54-4696-9a0b-496b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:33.000Z",
|
|
"modified": "2018-04-11T14:50:33.000Z",
|
|
"pattern": "[domain-name:value = 'r5phdthf46spnmuq.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79a-ecf8-4355-82da-49c1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:33.000Z",
|
|
"modified": "2018-04-11T14:50:33.000Z",
|
|
"pattern": "[domain-name:value = 'renwpgvrkmauxfws.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:33Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79a-00e0-42b3-a122-463e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:34.000Z",
|
|
"modified": "2018-04-11T14:50:34.000Z",
|
|
"pattern": "[domain-name:value = 'renwpgvrkmauxfws.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79b-7de8-4172-b5b6-4421950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:34.000Z",
|
|
"modified": "2018-04-11T14:50:34.000Z",
|
|
"pattern": "[domain-name:value = 's2bn3jdxpqx5gslq.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79b-fbf8-49cb-8b31-4e82950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:35.000Z",
|
|
"modified": "2018-04-11T14:50:35.000Z",
|
|
"pattern": "[domain-name:value = 's2bn3jdxpqx5gslq.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79b-2dd8-4bec-8881-443b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:35.000Z",
|
|
"modified": "2018-04-11T14:50:35.000Z",
|
|
"pattern": "[domain-name:value = 's4k4gzygl3qit5qk.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79c-d52c-4f5d-adee-4e88950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:35.000Z",
|
|
"modified": "2018-04-11T14:50:35.000Z",
|
|
"pattern": "[domain-name:value = 's4k4gzygl3qit5qk.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:35Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79c-d440-49c1-b4ab-47cd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:36.000Z",
|
|
"modified": "2018-04-11T14:50:36.000Z",
|
|
"pattern": "[domain-name:value = 'sovszfviiaaqjm4s.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79c-9854-471b-a213-41cc950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:36.000Z",
|
|
"modified": "2018-04-11T14:50:36.000Z",
|
|
"pattern": "[domain-name:value = 'sovszfviiaaqjm4s.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79d-1504-4bb5-86ca-4564950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:37.000Z",
|
|
"modified": "2018-04-11T14:50:37.000Z",
|
|
"pattern": "[domain-name:value = 'sozqqiqwlodbkdvk.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79d-99e0-4d25-9e1d-4960950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:37.000Z",
|
|
"modified": "2018-04-11T14:50:37.000Z",
|
|
"pattern": "[domain-name:value = 'sozqqiqwlodbkdvk.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79e-ee90-42fb-bfe8-4241950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:37.000Z",
|
|
"modified": "2018-04-11T14:50:37.000Z",
|
|
"pattern": "[domain-name:value = 'sozqqiqwlodbkdvk.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:37Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79e-88f4-4a18-b517-4c50950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:38.000Z",
|
|
"modified": "2018-04-11T14:50:38.000Z",
|
|
"pattern": "[domain-name:value = 'sozqqiqwlodbkdvk.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79e-ebd4-4148-be26-4829950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:38.000Z",
|
|
"modified": "2018-04-11T14:50:38.000Z",
|
|
"pattern": "[domain-name:value = 't4njhv4d25qyck67.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:38Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79f-ef04-4702-ba1b-4ec8950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:39.000Z",
|
|
"modified": "2018-04-11T14:50:39.000Z",
|
|
"pattern": "[domain-name:value = 't4njhv4d25qyck67.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb79f-6ff4-4b62-935c-4763950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:39.000Z",
|
|
"modified": "2018-04-11T14:50:39.000Z",
|
|
"pattern": "[domain-name:value = 'tqz3y4w3eq4wi2ay.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a0-4494-411a-98f3-4488950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:39.000Z",
|
|
"modified": "2018-04-11T14:50:39.000Z",
|
|
"pattern": "[domain-name:value = 'tqz3y4w3eq4wi2ay.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a0-b0d0-4f13-bb7e-40df950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:40.000Z",
|
|
"modified": "2018-04-11T14:50:40.000Z",
|
|
"pattern": "[domain-name:value = 'tqz3y4w3eq4wi2ay.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a0-5d04-4252-8df7-4ddd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:40.000Z",
|
|
"modified": "2018-04-11T14:50:40.000Z",
|
|
"pattern": "[domain-name:value = 'tqz3y4w3eq4wi2ay.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:40Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a1-7f98-489f-a856-4deb950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:41.000Z",
|
|
"modified": "2018-04-11T14:50:41.000Z",
|
|
"pattern": "[domain-name:value = 'tqz3y4w3eq4wi2ay.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a1-6fa8-4593-93d9-4794950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:41.000Z",
|
|
"modified": "2018-04-11T14:50:41.000Z",
|
|
"pattern": "[domain-name:value = 'tqz3y4w3eq4wi2ay.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a2-a11c-413c-8666-4861950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:42.000Z",
|
|
"modified": "2018-04-11T14:50:42.000Z",
|
|
"pattern": "[domain-name:value = 'tqz3y4w3eq4wi2ay.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a2-6948-4969-8aaf-4882950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:42.000Z",
|
|
"modified": "2018-04-11T14:50:42.000Z",
|
|
"pattern": "[domain-name:value = 'txbm7renwofrtddr.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a2-bc84-4354-bd2e-4980950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:42.000Z",
|
|
"modified": "2018-04-11T14:50:42.000Z",
|
|
"pattern": "[domain-name:value = 'txbm7renwofrtddr.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:42Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a3-b85c-45d8-81c3-48f2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:43.000Z",
|
|
"modified": "2018-04-11T14:50:43.000Z",
|
|
"pattern": "[domain-name:value = 'txbm7renwofrtddr.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a3-3c38-4e40-bfe1-4ae3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:43.000Z",
|
|
"modified": "2018-04-11T14:50:43.000Z",
|
|
"pattern": "[domain-name:value = 'txbm7renwofrtddr.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a4-6ba8-463e-a313-460d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:44.000Z",
|
|
"modified": "2018-04-11T14:50:44.000Z",
|
|
"pattern": "[domain-name:value = 'w4gfzjunvynjhpj6.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a4-b434-441e-bef2-4c9e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:44.000Z",
|
|
"modified": "2018-04-11T14:50:44.000Z",
|
|
"pattern": "[domain-name:value = 'w4gfzjunvynjhpj6.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:44Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a4-1c78-4f13-ae16-45ac950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:45.000Z",
|
|
"modified": "2018-04-11T14:50:45.000Z",
|
|
"pattern": "[domain-name:value = 'w4gfzjunvynjhpj6.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a5-1758-4610-8b4d-4cb3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:45.000Z",
|
|
"modified": "2018-04-11T14:50:45.000Z",
|
|
"pattern": "[domain-name:value = 'w4gfzjunvynjhpj6.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a5-5edc-4f04-b605-470e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:45.000Z",
|
|
"modified": "2018-04-11T14:50:45.000Z",
|
|
"pattern": "[domain-name:value = 'w4gfzjunvynjhpj6.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a6-7850-493c-b801-4e63950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:46.000Z",
|
|
"modified": "2018-04-11T14:50:46.000Z",
|
|
"pattern": "[domain-name:value = 'w4gfzjunvynjhpj6.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a6-a7c0-4ead-8d24-44b2950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:46.000Z",
|
|
"modified": "2018-04-11T14:50:46.000Z",
|
|
"pattern": "[domain-name:value = 'w4gfzjunvynjhpj6.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a6-cadc-423b-a132-4baa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:47.000Z",
|
|
"modified": "2018-04-11T14:50:47.000Z",
|
|
"pattern": "[domain-name:value = 'xphkxaiz233pjoto.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a7-0a98-45de-9660-44da950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:47.000Z",
|
|
"modified": "2018-04-11T14:50:47.000Z",
|
|
"pattern": "[domain-name:value = 'xphkxaiz233pjoto.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a7-ffd4-4374-bdc4-40be950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:48.000Z",
|
|
"modified": "2018-04-11T14:50:48.000Z",
|
|
"pattern": "[domain-name:value = 'xphkxaiz233pjoto.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a8-21c0-4ef0-92af-4c68950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:48.000Z",
|
|
"modified": "2018-04-11T14:50:48.000Z",
|
|
"pattern": "[domain-name:value = 'xphkxaiz233pjoto.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a8-93b8-4339-b0ca-4cfd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:48.000Z",
|
|
"modified": "2018-04-11T14:50:48.000Z",
|
|
"pattern": "[domain-name:value = 'y57obpv3ukywc4xs.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a8-dad4-4042-9cc8-4b52950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:49.000Z",
|
|
"modified": "2018-04-11T14:50:49.000Z",
|
|
"pattern": "[domain-name:value = 'y57obpv3ukywc4xs.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a9-9cb4-40fd-b42f-47e6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:49.000Z",
|
|
"modified": "2018-04-11T14:50:49.000Z",
|
|
"pattern": "[domain-name:value = 'y57obpv3ukywc4xs.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7a9-f70c-476d-a890-4ef6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:50.000Z",
|
|
"modified": "2018-04-11T14:50:50.000Z",
|
|
"pattern": "[domain-name:value = 'y57obpv3ukywc4xs.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7aa-2b58-4695-ae98-4840950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:50.000Z",
|
|
"modified": "2018-04-11T14:50:50.000Z",
|
|
"pattern": "[domain-name:value = 'zhtwwpqt6ci62n5o.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7aa-e100-490a-a450-43bf950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:51.000Z",
|
|
"modified": "2018-04-11T14:50:51.000Z",
|
|
"pattern": "[domain-name:value = 'zhtwwpqt6ci62n5o.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7aa-bc38-4199-8340-4c68950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:51.000Z",
|
|
"modified": "2018-04-11T14:50:51.000Z",
|
|
"pattern": "[domain-name:value = 'zhtwwpqt6ci62n5o.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:51Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ab-7c1c-4a68-a8c4-424f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:52.000Z",
|
|
"modified": "2018-04-11T14:50:52.000Z",
|
|
"pattern": "[domain-name:value = 'zhtwwpqt6ci62n5o.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ab-7cb0-475d-91ad-40b3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:52.000Z",
|
|
"modified": "2018-04-11T14:50:52.000Z",
|
|
"pattern": "[domain-name:value = 'zhtwwpqt6ci62n5o.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ab-7e00-4dfb-818b-4cfd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:53.000Z",
|
|
"modified": "2018-04-11T14:50:53.000Z",
|
|
"pattern": "[domain-name:value = 'zhtwwpqt6ci62n5o.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ac-8b68-463d-bda8-48fa950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:53.000Z",
|
|
"modified": "2018-04-11T14:50:53.000Z",
|
|
"pattern": "[domain-name:value = 'zhtwwpqt6ci62n5o.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ac-db8c-42f9-8b4c-482f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:53.000Z",
|
|
"modified": "2018-04-11T14:50:53.000Z",
|
|
"pattern": "[domain-name:value = 'zlha65umg7qmprg6.onion.cab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:53Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ad-e100-4a0b-8fc4-4f1f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:54.000Z",
|
|
"modified": "2018-04-11T14:50:54.000Z",
|
|
"pattern": "[domain-name:value = 'zlha65umg7qmprg6.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ad-2aa8-414f-9602-4f90950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:54.000Z",
|
|
"modified": "2018-04-11T14:50:54.000Z",
|
|
"pattern": "[domain-name:value = 'zlha65umg7qmprg6.onion.link']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ad-f3d8-49a4-a18f-4683950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:55.000Z",
|
|
"modified": "2018-04-11T14:50:55.000Z",
|
|
"pattern": "[domain-name:value = 'zlha65umg7qmprg6.onion.nu']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ae-53b8-4246-805e-4825950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:55.000Z",
|
|
"modified": "2018-04-11T14:50:55.000Z",
|
|
"pattern": "[domain-name:value = 'zlha65umg7qmprg6.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7ae-b714-4600-9ba8-4b9a950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:55.000Z",
|
|
"modified": "2018-04-11T14:50:55.000Z",
|
|
"pattern": "[domain-name:value = 'zlha65umg7qmprg6.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:55Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7af-3fb8-4cfb-babb-4d41950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:56.000Z",
|
|
"modified": "2018-04-11T14:50:56.000Z",
|
|
"pattern": "[domain-name:value = 'zlha65umg7qmprg6.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7af-0324-4b25-a663-421f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:56.000Z",
|
|
"modified": "2018-04-11T14:50:56.000Z",
|
|
"pattern": "[domain-name:value = 'znhp4s7aywntpjnm.onion.guide']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7af-e13c-4eb5-8e09-45f4950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:57.000Z",
|
|
"modified": "2018-04-11T14:50:57.000Z",
|
|
"pattern": "[domain-name:value = 'znhp4s7aywntpjnm.onion.plus']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7b0-a2f4-4c69-ba56-41a1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:57.000Z",
|
|
"modified": "2018-04-11T14:50:57.000Z",
|
|
"pattern": "[domain-name:value = 'znhp4s7aywntpjnm.onion.to']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5acdb7b0-b540-4a96-8083-438c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:50:57.000Z",
|
|
"modified": "2018-04-11T14:50:57.000Z",
|
|
"pattern": "[domain-name:value = 'znhp4s7aywntpjnm.onion.top']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:50:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "Network activity"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:type=\"domain\"",
|
|
"misp:category=\"Network activity\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba56-4be0-4d6d-8f5d-409b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba56-4be0-4d6d-8f5d-409b950d210f",
|
|
"ipv4-addr--5acdba56-4be0-4d6d-8f5d-409b950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba56-4be0-4d6d-8f5d-409b950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba56-4be0-4d6d-8f5d-409b950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba56-4be0-4d6d-8f5d-409b950d210f",
|
|
"value": "0.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba56-f2c8-410c-ba73-4ede950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba56-f2c8-410c-ba73-4ede950d210f",
|
|
"ipv4-addr--5acdba56-f2c8-410c-ba73-4ede950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba56-f2c8-410c-ba73-4ede950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba56-f2c8-410c-ba73-4ede950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba56-f2c8-410c-ba73-4ede950d210f",
|
|
"value": "10.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba57-a410-4f9d-acf6-4472950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba57-a410-4f9d-acf6-4472950d210f",
|
|
"ipv4-addr--5acdba57-a410-4f9d-acf6-4472950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba57-a410-4f9d-acf6-4472950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba57-a410-4f9d-acf6-4472950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba57-a410-4f9d-acf6-4472950d210f",
|
|
"value": "100.64.0.0/10"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba57-821c-4d1f-b8c5-4a18950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba57-821c-4d1f-b8c5-4a18950d210f",
|
|
"ipv4-addr--5acdba57-821c-4d1f-b8c5-4a18950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba57-821c-4d1f-b8c5-4a18950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba57-821c-4d1f-b8c5-4a18950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba57-821c-4d1f-b8c5-4a18950d210f",
|
|
"value": "127.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba57-b4dc-4fa0-a475-44c1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba57-b4dc-4fa0-a475-44c1950d210f",
|
|
"ipv4-addr--5acdba57-b4dc-4fa0-a475-44c1950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba57-b4dc-4fa0-a475-44c1950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba57-b4dc-4fa0-a475-44c1950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba57-b4dc-4fa0-a475-44c1950d210f",
|
|
"value": "169.254.0.0/16"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba58-2220-4253-b12c-4b39950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba58-2220-4253-b12c-4b39950d210f",
|
|
"ipv4-addr--5acdba58-2220-4253-b12c-4b39950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba58-2220-4253-b12c-4b39950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba58-2220-4253-b12c-4b39950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba58-2220-4253-b12c-4b39950d210f",
|
|
"value": "172.16.0.0/12"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba58-3070-443a-9b3e-4c7f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba58-3070-443a-9b3e-4c7f950d210f",
|
|
"ipv4-addr--5acdba58-3070-443a-9b3e-4c7f950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba58-3070-443a-9b3e-4c7f950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba58-3070-443a-9b3e-4c7f950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba58-3070-443a-9b3e-4c7f950d210f",
|
|
"value": "192.0.0.0/24"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba59-7f90-4abc-95a3-4a66950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba59-7f90-4abc-95a3-4a66950d210f",
|
|
"ipv4-addr--5acdba59-7f90-4abc-95a3-4a66950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba59-7f90-4abc-95a3-4a66950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba59-7f90-4abc-95a3-4a66950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba59-7f90-4abc-95a3-4a66950d210f",
|
|
"value": "192.0.2.0/24"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba59-d8b4-449e-96e8-4349950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba59-d8b4-449e-96e8-4349950d210f",
|
|
"ipv4-addr--5acdba59-d8b4-449e-96e8-4349950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba59-d8b4-449e-96e8-4349950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba59-d8b4-449e-96e8-4349950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba59-d8b4-449e-96e8-4349950d210f",
|
|
"value": "192.88.99.0/24"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5a-ae9c-4851-aad5-483d950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5a-ae9c-4851-aad5-483d950d210f",
|
|
"ipv4-addr--5acdba5a-ae9c-4851-aad5-483d950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5a-ae9c-4851-aad5-483d950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5a-ae9c-4851-aad5-483d950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5a-ae9c-4851-aad5-483d950d210f",
|
|
"value": "192.168.0.0/16"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5a-4adc-4e6e-a065-4456950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5a-4adc-4e6e-a065-4456950d210f",
|
|
"ipv4-addr--5acdba5a-4adc-4e6e-a065-4456950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5a-4adc-4e6e-a065-4456950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5a-4adc-4e6e-a065-4456950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5a-4adc-4e6e-a065-4456950d210f",
|
|
"value": "198.18.0.0/15"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5b-7c74-4ccf-905d-445e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5b-7c74-4ccf-905d-445e950d210f",
|
|
"ipv4-addr--5acdba5b-7c74-4ccf-905d-445e950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5b-7c74-4ccf-905d-445e950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5b-7c74-4ccf-905d-445e950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5b-7c74-4ccf-905d-445e950d210f",
|
|
"value": "198.51.100.0/24"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5b-ba80-4585-b492-4e76950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5b-ba80-4585-b492-4e76950d210f",
|
|
"ipv4-addr--5acdba5b-ba80-4585-b492-4e76950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5b-ba80-4585-b492-4e76950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5b-ba80-4585-b492-4e76950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5b-ba80-4585-b492-4e76950d210f",
|
|
"value": "203.0.113.0/24"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5c-733c-4daf-af73-4350950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5c-733c-4daf-af73-4350950d210f",
|
|
"ipv4-addr--5acdba5c-733c-4daf-af73-4350950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5c-733c-4daf-af73-4350950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5c-733c-4daf-af73-4350950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5c-733c-4daf-af73-4350950d210f",
|
|
"value": "224.0.0.0/4"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5c-e0e4-4342-affc-46e3950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5c-e0e4-4342-affc-46e3950d210f",
|
|
"ipv4-addr--5acdba5c-e0e4-4342-affc-46e3950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5c-e0e4-4342-affc-46e3950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5c-e0e4-4342-affc-46e3950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5c-e0e4-4342-affc-46e3950d210f",
|
|
"value": "240.0.0.0/4"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5d-8230-4916-ab3c-45f6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5d-8230-4916-ab3c-45f6950d210f",
|
|
"ipv4-addr--5acdba5d-8230-4916-ab3c-45f6950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5d-8230-4916-ab3c-45f6950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5d-8230-4916-ab3c-45f6950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5d-8230-4916-ab3c-45f6950d210f",
|
|
"value": "255.255.255.255/32"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5d-5c9c-448c-9c09-4f62950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5d-5c9c-448c-9c09-4f62950d210f",
|
|
"ipv4-addr--5acdba5d-5c9c-448c-9c09-4f62950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5d-5c9c-448c-9c09-4f62950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5d-5c9c-448c-9c09-4f62950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5d-5c9c-448c-9c09-4f62950d210f",
|
|
"value": "6.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5d-a28c-445a-bad0-43f0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5d-a28c-445a-bad0-43f0950d210f",
|
|
"ipv4-addr--5acdba5d-a28c-445a-bad0-43f0950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5d-a28c-445a-bad0-43f0950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5d-a28c-445a-bad0-43f0950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5d-a28c-445a-bad0-43f0950d210f",
|
|
"value": "7.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5e-2cb4-454a-bfe6-4665950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5e-2cb4-454a-bfe6-4665950d210f",
|
|
"ipv4-addr--5acdba5e-2cb4-454a-bfe6-4665950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5e-2cb4-454a-bfe6-4665950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5e-2cb4-454a-bfe6-4665950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5e-2cb4-454a-bfe6-4665950d210f",
|
|
"value": "11.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5e-d0b8-4d72-af64-47a6950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5e-d0b8-4d72-af64-47a6950d210f",
|
|
"ipv4-addr--5acdba5e-d0b8-4d72-af64-47a6950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5e-d0b8-4d72-af64-47a6950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5e-d0b8-4d72-af64-47a6950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5e-d0b8-4d72-af64-47a6950d210f",
|
|
"value": "21.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5f-95cc-46ca-ae9e-40f1950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5f-95cc-46ca-ae9e-40f1950d210f",
|
|
"ipv4-addr--5acdba5f-95cc-46ca-ae9e-40f1950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5f-95cc-46ca-ae9e-40f1950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5f-95cc-46ca-ae9e-40f1950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5f-95cc-46ca-ae9e-40f1950d210f",
|
|
"value": "22.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba5f-312c-456f-9bb1-4d3b950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba5f-312c-456f-9bb1-4d3b950d210f",
|
|
"ipv4-addr--5acdba5f-312c-456f-9bb1-4d3b950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba5f-312c-456f-9bb1-4d3b950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba5f-312c-456f-9bb1-4d3b950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba5f-312c-456f-9bb1-4d3b950d210f",
|
|
"value": "26.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba60-0c9c-4ccb-8478-408f950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba60-0c9c-4ccb-8478-408f950d210f",
|
|
"ipv4-addr--5acdba60-0c9c-4ccb-8478-408f950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba60-0c9c-4ccb-8478-408f950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba60-0c9c-4ccb-8478-408f950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba60-0c9c-4ccb-8478-408f950d210f",
|
|
"value": "28.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba60-2f4c-4f1c-a9e2-4251950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba60-2f4c-4f1c-a9e2-4251950d210f",
|
|
"ipv4-addr--5acdba60-2f4c-4f1c-a9e2-4251950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba60-2f4c-4f1c-a9e2-4251950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba60-2f4c-4f1c-a9e2-4251950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba60-2f4c-4f1c-a9e2-4251950d210f",
|
|
"value": "29.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba60-d9e0-4615-a51c-4376950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba60-d9e0-4615-a51c-4376950d210f",
|
|
"ipv4-addr--5acdba60-d9e0-4615-a51c-4376950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba60-d9e0-4615-a51c-4376950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba60-d9e0-4615-a51c-4376950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba60-d9e0-4615-a51c-4376950d210f",
|
|
"value": "30.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba61-0334-4b29-bd1d-4ed0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba61-0334-4b29-bd1d-4ed0950d210f",
|
|
"ipv4-addr--5acdba61-0334-4b29-bd1d-4ed0950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba61-0334-4b29-bd1d-4ed0950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba61-0334-4b29-bd1d-4ed0950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba61-0334-4b29-bd1d-4ed0950d210f",
|
|
"value": "33.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba61-20d0-42ac-8e46-435e950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba61-20d0-42ac-8e46-435e950d210f",
|
|
"ipv4-addr--5acdba61-20d0-42ac-8e46-435e950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba61-20d0-42ac-8e46-435e950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba61-20d0-42ac-8e46-435e950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba61-20d0-42ac-8e46-435e950d210f",
|
|
"value": "55.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba62-d81c-4f2a-a16b-45b0950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba62-d81c-4f2a-a16b-45b0950d210f",
|
|
"ipv4-addr--5acdba62-d81c-4f2a-a16b-45b0950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba62-d81c-4f2a-a16b-45b0950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba62-d81c-4f2a-a16b-45b0950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba62-d81c-4f2a-a16b-45b0950d210f",
|
|
"value": "214.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba62-d044-4ade-ba71-425c950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba62-d044-4ade-ba71-425c950d210f",
|
|
"ipv4-addr--5acdba62-d044-4ade-ba71-425c950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba62-d044-4ade-ba71-425c950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba62-d044-4ade-ba71-425c950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba62-d044-4ade-ba71-425c950d210f",
|
|
"value": "215.0.0.0/8"
|
|
},
|
|
{
|
|
"type": "observed-data",
|
|
"spec_version": "2.1",
|
|
"id": "observed-data--5acdba63-97bc-4fae-a37f-4269950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-12T14:14:44.000Z",
|
|
"modified": "2018-04-12T14:14:44.000Z",
|
|
"first_observed": "2018-04-12T14:14:44Z",
|
|
"last_observed": "2018-04-12T14:14:44Z",
|
|
"number_observed": 1,
|
|
"object_refs": [
|
|
"network-traffic--5acdba63-97bc-4fae-a37f-4269950d210f",
|
|
"ipv4-addr--5acdba63-97bc-4fae-a37f-4269950d210f"
|
|
],
|
|
"labels": [
|
|
"misp:type=\"ip-dst\"",
|
|
"misp:category=\"Network activity\""
|
|
]
|
|
},
|
|
{
|
|
"type": "network-traffic",
|
|
"spec_version": "2.1",
|
|
"id": "network-traffic--5acdba63-97bc-4fae-a37f-4269950d210f",
|
|
"dst_ref": "ipv4-addr--5acdba63-97bc-4fae-a37f-4269950d210f",
|
|
"protocols": [
|
|
"tcp"
|
|
]
|
|
},
|
|
{
|
|
"type": "ipv4-addr",
|
|
"spec_version": "2.1",
|
|
"id": "ipv4-addr--5acdba63-97bc-4fae-a37f-4269950d210f",
|
|
"value": "211.238.159.0/24"
|
|
},
|
|
{
|
|
"type": "x-misp-attribute",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-attribute--5acdc567-8d48-446e-b313-0cbd950d210f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:10.000Z",
|
|
"modified": "2018-04-11T14:51:10.000Z",
|
|
"labels": [
|
|
"misp:type=\"comment\"",
|
|
"misp:category=\"External analysis\""
|
|
],
|
|
"x_misp_category": "External analysis",
|
|
"x_misp_comment": "Domain Blacklist used to determine based on the results of a reverse DNS lookup whether to continue attempting to compromise the system. If the domain is in the following list, it is discarded.",
|
|
"x_misp_type": "comment",
|
|
"x_misp_value": ".mil\r\n.gov\r\n.army\r\n.airforce\r\n.navy\r\n.gov.uk\r\n.mil.uk\r\n.govt.uk\r\n.mod.uk\r\n.gov.au\r\n.govt.nz\r\n.mil.nz\r\n.parliament.nz\r\n.gov.il\r\n.muni.il\r\n.idf.il\r\n.gov.za\r\n.mil.za\r\n.gob.es\r\n.police.uk"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6fd1f6c4-6029-4413-a667-95fa38366b69",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:13.000Z",
|
|
"modified": "2018-04-11T14:51:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c98a46fa574c352d4953d4a493cdbb06' AND file:hashes.SHA1 = '358f04ae7a3dbbd130b28d11b49abe946a21a7db' AND file:hashes.SHA256 = '805f7cf6f4a5c737ea3a816d630a507f560ea93b3fa8bc9161cb23b4277e4d2f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--5e8c12ae-9a16-463d-a46b-070b4d2c8404",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:11.000Z",
|
|
"modified": "2018-04-11T14:51:11.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:18",
|
|
"category": "Other",
|
|
"uuid": "5ace20df-b9ac-4231-9de8-423802de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/805f7cf6f4a5c737ea3a816d630a507f560ea93b3fa8bc9161cb23b4277e4d2f/analysis/1522942998/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20df-d960-4421-ab52-42b102de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "31/59",
|
|
"category": "Other",
|
|
"uuid": "5ace20e0-4784-4885-8bb6-468502de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--7864e29b-4460-44d5-8445-c6e55d7bfb47",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:15.000Z",
|
|
"modified": "2018-04-11T14:51:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = '25b358dc456ea5c591b303cb41df1fd6' AND file:hashes.SHA1 = '61a3aaaccb825020ed5cf10ee44609eeeca9e4e3' AND file:hashes.SHA256 = '982ca85a519bc7dfb9cf0cadd8d30194dcb7628e7efdf6b668ca461a0b7aeb0a']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--a91fd6bd-7284-480c-b15f-770ceb7c5609",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:13.000Z",
|
|
"modified": "2018-04-11T14:51:13.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:21:25",
|
|
"category": "Other",
|
|
"uuid": "5ace20e1-484c-4ae4-af8a-4ca602de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/982ca85a519bc7dfb9cf0cadd8d30194dcb7628e7efdf6b668ca461a0b7aeb0a/analysis/1522297285/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20e2-07cc-48f3-9608-42a402de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "31/57",
|
|
"category": "Other",
|
|
"uuid": "5ace20e2-36dc-44bf-8390-4ae102de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--08c3c62d-16f6-466c-a9c2-d56a58ab1c8d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:17.000Z",
|
|
"modified": "2018-04-11T14:51:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2fb2a753f36757e261bcd1f99d69e518' AND file:hashes.SHA1 = 'bf2454bf7c81ca6ab28ca9804537aa2ddbf30e9f' AND file:hashes.SHA256 = 'e75a98818efbb849bbfa97850f84803fbad0f22b5c2d8062a88515bdcf90d6f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--121a2ad2-8376-4e4c-b79a-b9776b93b362",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:15.000Z",
|
|
"modified": "2018-04-11T14:51:15.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:23",
|
|
"category": "Other",
|
|
"uuid": "5ace20e3-a7f8-44c3-a168-48c402de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/e75a98818efbb849bbfa97850f84803fbad0f22b5c2d8062a88515bdcf90d6f7/analysis/1522943003/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20e4-4f9c-493a-8dd6-466b02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "31/59",
|
|
"category": "Other",
|
|
"uuid": "5ace20e4-43d4-4373-9f30-4cab02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--df8a81ab-a86d-4b49-899d-583d01f7e42a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:19.000Z",
|
|
"modified": "2018-04-11T14:51:19.000Z",
|
|
"pattern": "[file:hashes.MD5 = '65e009cae27d879380bdba98725d9d1d' AND file:hashes.SHA1 = '7008eb51922f29da5841099f0da46588a789ed44' AND file:hashes.SHA256 = '3b49e25e161538baac3babce8755ec45245bec7a80ff5465c7b0838c4ebae19f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:19Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--ee503918-62a7-4cbd-99f0-e6560f3f1c59",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:17.000Z",
|
|
"modified": "2018-04-11T14:51:17.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:17:35",
|
|
"category": "Other",
|
|
"uuid": "5ace20e5-40e8-4205-bdef-460902de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/3b49e25e161538baac3babce8755ec45245bec7a80ff5465c7b0838c4ebae19f/analysis/1522297055/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20e6-5994-4833-8efc-4ec002de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/58",
|
|
"category": "Other",
|
|
"uuid": "5ace20e6-00a8-4dcd-ad9e-436d02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1b83320b-4534-4616-9aa9-70d6e85c6d60",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:21.000Z",
|
|
"modified": "2018-04-11T14:51:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = '600efb5668385a57959821761d404070' AND file:hashes.SHA1 = 'f445edab3d9f201d0853f1da286459ba41eb7e86' AND file:hashes.SHA256 = '77f074a736244a304de87987ae8ca9f292545e910abaaf5d0a256a8a67fbc1f6']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--4576e70d-c44d-44b0-82d9-b3ce92b2598a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:20.000Z",
|
|
"modified": "2018-04-11T14:51:20.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:19:34",
|
|
"category": "Other",
|
|
"uuid": "5ace20e8-0208-483c-b902-4f5902de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/77f074a736244a304de87987ae8ca9f292545e910abaaf5d0a256a8a67fbc1f6/analysis/1522297174/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20e8-1370-4f4c-ab06-40b802de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "25/58",
|
|
"category": "Other",
|
|
"uuid": "5ace20e8-6748-4966-8816-4e1a02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--2bfcf16d-2469-4c81-a60b-22eadcf925ed",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:23.000Z",
|
|
"modified": "2018-04-11T14:51:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = '162004e9b1ccc38bb7ef26968033b72d' AND file:hashes.SHA1 = 'df1ca8e5d83a7fb940e3cbcf38e25cc9eceb9461' AND file:hashes.SHA256 = '0159c232e9bdd983f8280211c6a4b23a83d735dabc768022876b44dbbf17c482']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--7e0dacb4-2576-45f2-91a3-65538610cc63",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:22.000Z",
|
|
"modified": "2018-04-11T14:51:22.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:13:13",
|
|
"category": "Other",
|
|
"uuid": "5ace20ea-a2f0-4162-9eb1-434d02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/0159c232e9bdd983f8280211c6a4b23a83d735dabc768022876b44dbbf17c482/analysis/1522296793/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20ea-2f54-4ca6-8150-491e02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/56",
|
|
"category": "Other",
|
|
"uuid": "5ace20ea-8068-404d-b192-48dc02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--514262f4-2286-4596-8c79-b3a456c9baff",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:26.000Z",
|
|
"modified": "2018-04-11T14:51:26.000Z",
|
|
"pattern": "[file:hashes.MD5 = '3dd6b0e28de4ec4cb62883c4c0d55513' AND file:hashes.SHA1 = 'd5e93b6781db2e719e71730a343115a494b27b2c' AND file:hashes.SHA256 = '8844afa5245635ab4f32f598ff28ba63d13d0b31a1eecd36c7ce16bd2c1317c2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:26Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--5ffafb99-cb1e-458b-928a-6d3aa9811fc3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:24.000Z",
|
|
"modified": "2018-04-11T14:51:24.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:05",
|
|
"category": "Other",
|
|
"uuid": "5ace20ec-3a88-4c31-8ecd-4d1502de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/8844afa5245635ab4f32f598ff28ba63d13d0b31a1eecd36c7ce16bd2c1317c2/analysis/1522943045/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20ec-ed64-4603-9b9a-41a802de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace20ed-dda8-476f-9eed-48c402de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--649a8ee3-1a45-423c-9972-ba281c297b7d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:28.000Z",
|
|
"modified": "2018-04-11T14:51:28.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2c6c16dbe30e85428ef172b8eb81cf9c' AND file:hashes.SHA1 = '9a549f25a4b343b3a82a3acd812d2eaeea63e8c2' AND file:hashes.SHA256 = '5bf3918a124b61a166d31d654b7cb0ab412dda5f1f600f29aa07974e782764f7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:28Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--8f63a85e-59e1-4425-9445-b5e64b9bd1b2",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:26.000Z",
|
|
"modified": "2018-04-11T14:51:26.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:18:29",
|
|
"category": "Other",
|
|
"uuid": "5ace20ee-226c-46f4-941e-4ff002de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/5bf3918a124b61a166d31d654b7cb0ab412dda5f1f600f29aa07974e782764f7/analysis/1522297109/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20ee-2a5c-4884-b2f1-48ef02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/57",
|
|
"category": "Other",
|
|
"uuid": "5ace20ef-5c9c-47d6-b5dc-45bd02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1cb85eed-35dd-4bbb-b639-d61d5a823d36",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:30.000Z",
|
|
"modified": "2018-04-11T14:51:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'bf163e52a74a3013673510b68ad85ead' AND file:hashes.SHA1 = 'a6b64194d1e24bc0e92e143b8a8d147a375ece94' AND file:hashes.SHA256 = 'f4f6f6dc40190af6bcd10fa7b84c2c1b8208e6c8db9c7de6bdd3e86a73d360eb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--fcc24e56-64af-4519-836e-7f93f17919d5",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:28.000Z",
|
|
"modified": "2018-04-11T14:51:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:19",
|
|
"category": "Other",
|
|
"uuid": "5ace20f0-322c-449e-91a9-4e5d02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/f4f6f6dc40190af6bcd10fa7b84c2c1b8208e6c8db9c7de6bdd3e86a73d360eb/analysis/1522942999/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20f0-ecdc-4525-8f10-4ff402de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace20f1-d058-4ac3-bf69-4a1a02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--fc5a5102-440d-44b8-9614-b8bb931ca691",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:32.000Z",
|
|
"modified": "2018-04-11T14:51:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0bb654df53af3044b67b65352b8ec775' AND file:hashes.SHA1 = '32316048fd1e469864992134259dbc24081d7c58' AND file:hashes.SHA256 = 'bbe27921800f4e478d27655caa83f7f34abcd0f3575cd708cc4bba5d6ada3c17']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--b1f95800-22c5-4f98-b39e-44349c73ab63",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:30.000Z",
|
|
"modified": "2018-04-11T14:51:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:28:02",
|
|
"category": "Other",
|
|
"uuid": "5ace20f2-fb70-44b3-ab71-4ded02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/bbe27921800f4e478d27655caa83f7f34abcd0f3575cd708cc4bba5d6ada3c17/analysis/1522297682/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20f3-2348-4e70-a4bb-413302de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "23/58",
|
|
"category": "Other",
|
|
"uuid": "5ace20f3-f864-4f15-8d7d-4c7402de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--670be7cf-f56d-484e-9318-4fe35253b9ba",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:34.000Z",
|
|
"modified": "2018-04-11T14:51:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = '925c84cc08e08ce07ec62ef94383156b' AND file:hashes.SHA1 = '03b7d8bb69c2d27d46212b00ab59d0d738683050' AND file:hashes.SHA256 = 'a85ce26f3739e133e0d2331313a5d5d617e41efc208e78e850adbc21b8897182']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--69b4c9a5-28e0-45a6-95b6-18b5ca7da196",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:32.000Z",
|
|
"modified": "2018-04-11T14:51:32.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:28",
|
|
"category": "Other",
|
|
"uuid": "5ace20f5-b2f8-4db9-8725-40d702de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/a85ce26f3739e133e0d2331313a5d5d617e41efc208e78e850adbc21b8897182/analysis/1522943008/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20f5-1928-4c43-8b2c-4bc902de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "28/58",
|
|
"category": "Other",
|
|
"uuid": "5ace20f5-1394-4e74-b27e-47b002de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5fec434e-324b-4dad-aa82-e6ad17c0e0f8",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:36.000Z",
|
|
"modified": "2018-04-11T14:51:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c7b9699f9d1186649b6ae875dbfdff51' AND file:hashes.SHA1 = 'a7aa4e1416948d27e9e3e2bb1dc146ec1e8226c7' AND file:hashes.SHA256 = '50cb04006874e95adb659a1a3bbe8b2dbb3dbb15ea2f5438148f5560ef61e258']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--1a98676b-2f5a-4be2-a77f-deafa4758761",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:35.000Z",
|
|
"modified": "2018-04-11T14:51:35.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:17:52",
|
|
"category": "Other",
|
|
"uuid": "5ace20f7-49b0-47e2-b4bf-4c7602de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/50cb04006874e95adb659a1a3bbe8b2dbb3dbb15ea2f5438148f5560ef61e258/analysis/1522297072/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20f7-2b24-41e6-8ab0-4d7c02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "25/56",
|
|
"category": "Other",
|
|
"uuid": "5ace20f8-2270-4791-b693-4b1202de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--569b47dd-ba9a-4aa6-b523-c71a31015c49",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:39.000Z",
|
|
"modified": "2018-04-11T14:51:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = '13b6009c22ec5eb528aa8eb136ff4b1e' AND file:hashes.SHA1 = 'e09b3736a7963a2bb917bbf4cfa56c1ada0c412a' AND file:hashes.SHA256 = '282ca732c011f3d1fc426718b99acd38f55ffe43cd6763c0b98e31a933976622']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--be3c9538-4a98-4de3-860c-73c802c0c8d4",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:37.000Z",
|
|
"modified": "2018-04-11T14:51:37.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-30T06:30:01",
|
|
"category": "Other",
|
|
"uuid": "5ace20f9-39e0-475f-9c08-4afe02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/282ca732c011f3d1fc426718b99acd38f55ffe43cd6763c0b98e31a933976622/analysis/1522391401/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20fa-0038-445c-b46c-446002de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/58",
|
|
"category": "Other",
|
|
"uuid": "5ace20fa-f18c-4c2c-924a-4b1102de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b28fcc17-afc6-4000-880f-f7f4664cdf18",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:41.000Z",
|
|
"modified": "2018-04-11T14:51:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7b0b8a04de85a6cc2831e4598d0fac52' AND file:hashes.SHA1 = '212b6e22977bad3c04596c0a16d2e29b822a36b2' AND file:hashes.SHA256 = 'b06aa98ade6380dd2a622b68c16459158d509b288831715568f9807efa271eb8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--36fb41f1-dd51-478d-9a5c-d2394244c276",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:39.000Z",
|
|
"modified": "2018-04-11T14:51:39.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:26",
|
|
"category": "Other",
|
|
"uuid": "5ace20fb-6468-4038-a0bf-4c4d02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/b06aa98ade6380dd2a622b68c16459158d509b288831715568f9807efa271eb8/analysis/1522943006/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20fc-6508-4a35-8f04-4d4302de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/59",
|
|
"category": "Other",
|
|
"uuid": "5ace20fc-6fec-4da8-bc72-43af02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1ee29d84-1bdb-49ff-b0fe-cb71a1521342",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:43.000Z",
|
|
"modified": "2018-04-11T14:51:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cc1018f2909646d1a944445531825ab5' AND file:hashes.SHA1 = '4cc50408eb1101c94de15f985c4d837ef77798be' AND file:hashes.SHA256 = '37df296572dce29c84898dc3f187fc7304a278730e825b9923412b867a88ac11']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--d7689172-d391-4ead-8c93-18d916e9a26b",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:41.000Z",
|
|
"modified": "2018-04-11T14:51:41.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:15",
|
|
"category": "Other",
|
|
"uuid": "5ace20fd-5670-497e-b2fe-4f1702de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/37df296572dce29c84898dc3f187fc7304a278730e825b9923412b867a88ac11/analysis/1522943055/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace20fe-e9f4-4fe4-9644-43e402de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "27/59",
|
|
"category": "Other",
|
|
"uuid": "5ace20fe-a2e4-4cc2-8309-4d6702de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c70c7655-b077-48ea-a19a-19aa83b65ba0",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:45.000Z",
|
|
"modified": "2018-04-11T14:51:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = '67c6166b38dd342efefab671daa4bd26' AND file:hashes.SHA1 = '13237a1e61871d8740eb83ced141b537b06f143f' AND file:hashes.SHA256 = '81b248ce7a75a6eb4d9af35bdf993eaf29a51d428942a76772f4b85f203d53cd']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--15fc4652-6ed8-48af-8df9-a547c4802b5e",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:43.000Z",
|
|
"modified": "2018-04-11T14:51:43.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:02",
|
|
"category": "Other",
|
|
"uuid": "5ace20ff-70ec-430d-9569-430302de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/81b248ce7a75a6eb4d9af35bdf993eaf29a51d428942a76772f4b85f203d53cd/analysis/1522943042/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2100-2f24-40c4-afc8-48f602de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2100-5154-4750-9fd7-499302de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--8c0a1b0d-015c-4b5d-aeda-17b5feb31793",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:47.000Z",
|
|
"modified": "2018-04-11T14:51:47.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'beb39c12066c99f641e2da3dc59ce471' AND file:hashes.SHA1 = '5dd28a4b9b659812c83c6a2fd631d44518aee606' AND file:hashes.SHA256 = 'f7b468fe1612da9b4fbf1a60532a4d3977fca23594a5336dcb5e0084c6567d1e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:47Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--85efbc12-c49e-49ba-83a4-cd4447430b05",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:45.000Z",
|
|
"modified": "2018-04-11T14:51:45.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:19",
|
|
"category": "Other",
|
|
"uuid": "5ace2102-5da0-4138-8c12-45d102de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/f7b468fe1612da9b4fbf1a60532a4d3977fca23594a5336dcb5e0084c6567d1e/analysis/1522942999/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2102-9c08-4dd3-8491-4f8802de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2102-d3c4-46e8-9c25-4b9f02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--19505524-eba9-4389-a278-051643434566",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:49.000Z",
|
|
"modified": "2018-04-11T14:51:49.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0f83a4b600f228dc435e100ebf937b34' AND file:hashes.SHA1 = 'a15253dd03ec63e4bdb9e14ee64acc839c189dee' AND file:hashes.SHA256 = 'b4ce75d44dd898704101516b1d4bf2abcbbea206984efc6bbf46917f5c1cfa3f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:49Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--cdfd5826-0868-4cea-81e7-3a80c9a9c8e1",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:48.000Z",
|
|
"modified": "2018-04-11T14:51:48.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:27:44",
|
|
"category": "Other",
|
|
"uuid": "5ace2104-225c-48d5-880f-482202de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/b4ce75d44dd898704101516b1d4bf2abcbbea206984efc6bbf46917f5c1cfa3f/analysis/1522297664/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2104-fd04-4a04-9a94-467802de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "25/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2105-e1c4-47a3-bec9-409202de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--8c7228c1-273a-40a9-ab02-7c5e6db55e76",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:52.000Z",
|
|
"modified": "2018-04-11T14:51:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e7a0a8ef90ff1a1b24f47272c909c81a' AND file:hashes.SHA1 = '53e5bf2688567e08e028bd6a51140815b9006a73' AND file:hashes.SHA256 = '9d6809571bec7429098bcb7ca0b12f8cb094d9079c6765b10a9c90b881ee9d37']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--ff8406f0-04d0-4c53-a9db-570be4189af2",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:50.000Z",
|
|
"modified": "2018-04-11T14:51:50.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:53",
|
|
"category": "Other",
|
|
"uuid": "5ace2106-3e7c-48a3-9a24-412602de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/9d6809571bec7429098bcb7ca0b12f8cb094d9079c6765b10a9c90b881ee9d37/analysis/1522943033/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2106-e520-48ee-91da-4db202de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2107-27bc-420b-8eff-41b402de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--e824c85f-bca5-4369-ad9d-a1805bfb347e",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:54.000Z",
|
|
"modified": "2018-04-11T14:51:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd26d0e20653fd952120ff417babc2152' AND file:hashes.SHA1 = '943f96113b7cd95df6b6eed7ae1ef103e2da7dde' AND file:hashes.SHA256 = 'c016e87dc135ba1311f5fd10ae8592ff8c89fb1cb6f6fb96285a0db911ac58e7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--3a55b7bd-0af8-49ad-bcd2-213316797c0f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:52.000Z",
|
|
"modified": "2018-04-11T14:51:52.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:27",
|
|
"category": "Other",
|
|
"uuid": "5ace2108-0ad0-4aa9-a911-430302de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c016e87dc135ba1311f5fd10ae8592ff8c89fb1cb6f6fb96285a0db911ac58e7/analysis/1522943007/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2109-e3f0-4f36-9cf0-415202de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2109-d4d0-4fc2-a910-45be02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1a0d6b30-172d-4360-840a-7c88a597c7da",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:56.000Z",
|
|
"modified": "2018-04-11T14:51:56.000Z",
|
|
"pattern": "[file:hashes.MD5 = '4a251830ec5c0dbeb7fd5ffff1ffe34a' AND file:hashes.SHA1 = '458854954dbccb369f0f8c53cc6cee08a23381a6' AND file:hashes.SHA256 = 'c25d0f9c58ebf44f312482f4fa3674bd3c0c1d4c1337bf8051ceb1e9661dce02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:56Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--893c1da4-0b5e-4e3f-90aa-1a3ba8934bdd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:54.000Z",
|
|
"modified": "2018-04-11T14:51:54.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:28:23",
|
|
"category": "Other",
|
|
"uuid": "5ace210b-3100-4b76-afd5-430502de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c25d0f9c58ebf44f312482f4fa3674bd3c0c1d4c1337bf8051ceb1e9661dce02/analysis/1522297703/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace210b-3438-4a1e-83fb-484102de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "25/58",
|
|
"category": "Other",
|
|
"uuid": "5ace210b-6b58-422d-aae7-4f2d02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--54e685d2-efde-462d-9b5d-91e46a602e24",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:59.000Z",
|
|
"modified": "2018-04-11T14:51:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'cded89c1bad10036a9bb15d4f7b1abef' AND file:hashes.SHA1 = 'fe5e0e191266fc35309ac06c477d552f4feefd18' AND file:hashes.SHA256 = '05a9635c4fa2ae030d0f01964aa75f343e223af778aff9d73174875bebfda8de']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:51:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--8cb10bc6-6621-4c81-9706-5a46e96af99d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:57.000Z",
|
|
"modified": "2018-04-11T14:51:57.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:29",
|
|
"category": "Other",
|
|
"uuid": "5ace210d-8e1c-4304-b079-452e02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/05a9635c4fa2ae030d0f01964aa75f343e223af778aff9d73174875bebfda8de/analysis/1522943069/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace210d-2c64-422c-a337-4b3c02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "31/60",
|
|
"category": "Other",
|
|
"uuid": "5ace210e-8fb0-43a6-8b7d-474902de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--2de23e77-a74a-473a-af66-8e6c4641f205",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:01.000Z",
|
|
"modified": "2018-04-11T14:52:01.000Z",
|
|
"pattern": "[file:hashes.MD5 = '77741705061b5b64bf1074ddf58e5bf0' AND file:hashes.SHA1 = '11589d615ee58305d6710680a96791e65fd09eee' AND file:hashes.SHA256 = '370dea1cc8500ca3d649df5308af03613dad1f40199500cb735b85e0e673bd0f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:01Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--b3f9b50d-d863-49be-9193-fd9a153cbdbe",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:51:59.000Z",
|
|
"modified": "2018-04-11T14:51:59.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:17:21",
|
|
"category": "Other",
|
|
"uuid": "5ace210f-3a48-4dee-9e53-43c302de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/370dea1cc8500ca3d649df5308af03613dad1f40199500cb735b85e0e673bd0f/analysis/1522297041/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2110-dce8-4ded-a05f-4d4e02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2110-172c-4069-a2c9-458702de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b4fdc7bd-9e3a-4e74-9f8f-68ac2ed3e3e7",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:03.000Z",
|
|
"modified": "2018-04-11T14:52:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = '89f12f04dfaa153999f5294bb89f0d62' AND file:hashes.SHA1 = 'b270b3efaad6cda92c93b27442523c4aa9770a00' AND file:hashes.SHA256 = '2020b8e5ff85854c603c41cad47061a3bf69b2b7a3c53b564b7119c2e17438df']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--0099e9c5-b34d-4198-82e9-3a60a3a9c3e4",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:02.000Z",
|
|
"modified": "2018-04-11T14:52:02.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-30T06:30:31",
|
|
"category": "Other",
|
|
"uuid": "5ace2112-57ac-4b5e-b3c4-47a102de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/2020b8e5ff85854c603c41cad47061a3bf69b2b7a3c53b564b7119c2e17438df/analysis/1522391431/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2112-6a14-4dfe-b230-470402de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "33/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2113-86f4-4ca3-a112-4c5002de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--a9949693-96bb-4c93-95a6-e1e52d1ac7f4",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:06.000Z",
|
|
"modified": "2018-04-11T14:52:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c02aa816ffabfcb40c4a4d40dd09aa64' AND file:hashes.SHA1 = 'baa4858f68a2fae1a3425d73d4b63dbb6b0441f3' AND file:hashes.SHA256 = '5b390b7f2e6be69866acd57209002c087876b9f4e2b8bdcd281c671c4a9a80a3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--c26ae926-e5ba-4a95-b4e0-3c84e11e5c05",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:04.000Z",
|
|
"modified": "2018-04-11T14:52:04.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:13",
|
|
"category": "Other",
|
|
"uuid": "5ace2114-7f80-4b25-8116-4fdc02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/5b390b7f2e6be69866acd57209002c087876b9f4e2b8bdcd281c671c4a9a80a3/analysis/1522943053/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2115-3574-4b01-8a9b-493702de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "28/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2115-0070-4612-9de5-4c2a02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--dfb21745-c073-4d36-a458-3e62ccd7cad0",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:08.000Z",
|
|
"modified": "2018-04-11T14:52:08.000Z",
|
|
"pattern": "[file:hashes.MD5 = '43c4ca29b326b9f441c56af8671c0df2' AND file:hashes.SHA1 = '575ba7fcf616fb5c31f23112502ff909976daad1' AND file:hashes.SHA256 = 'b494725f1ea82048a1aa257d60bb81d879fb13bb3774eb4e2351bf2d4a202342']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:08Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--083729f8-2bb5-455c-b8c1-2868188241fd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:06.000Z",
|
|
"modified": "2018-04-11T14:52:06.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:26",
|
|
"category": "Other",
|
|
"uuid": "5ace2116-6f98-4a2c-962a-421902de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/b494725f1ea82048a1aa257d60bb81d879fb13bb3774eb4e2351bf2d4a202342/analysis/1522943006/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2117-273c-4865-aa67-4ba502de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2118-225c-4c8a-9c7b-4fba02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--3e5fe7a0-96a2-46ef-a61d-711ac87e00ac",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:11.000Z",
|
|
"modified": "2018-04-11T14:52:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a27ee2b8f214dfbb5e15741751c09bf7' AND file:hashes.SHA1 = 'f3fdb7b43516a3410854318db57bfb12b5e17832' AND file:hashes.SHA256 = 'cb4ae6533cdacae7c37fd04d2dbe5017cf2be82c94cfa531781c5ecc3a4c2953']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--4eb2c901-dd7f-4a0a-99e4-03ca9f2d5f52",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:09.000Z",
|
|
"modified": "2018-04-11T14:52:09.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:24",
|
|
"category": "Other",
|
|
"uuid": "5ace2119-c578-4c41-9b2f-491c02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/cb4ae6533cdacae7c37fd04d2dbe5017cf2be82c94cfa531781c5ecc3a4c2953/analysis/1522943004/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace211a-f730-46b5-8434-4dd302de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/59",
|
|
"category": "Other",
|
|
"uuid": "5ace211a-dc98-4f4f-98ae-4b4f02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--a37518e3-debb-4ade-b4ae-12858dec51b1",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:13.000Z",
|
|
"modified": "2018-04-11T14:52:13.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e8a5fcc10f8989aa83639ff0281313ff' AND file:hashes.SHA1 = 'aefab8f071bbedafb8862f5ae8aaec9be70b8209' AND file:hashes.SHA256 = 'f3ba8ef1b7623ac310841b8ddc02324f5955df2ec0b1f9e692cea425d1b45553']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:13Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--eac0c6e1-cec8-4926-b444-cefe74fedeba",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:11.000Z",
|
|
"modified": "2018-04-11T14:52:11.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:20",
|
|
"category": "Other",
|
|
"uuid": "5ace211b-d358-45fb-bb3b-41f702de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/f3ba8ef1b7623ac310841b8ddc02324f5955df2ec0b1f9e692cea425d1b45553/analysis/1522943000/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace211c-fb60-4362-a093-4f0002de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "36/59",
|
|
"category": "Other",
|
|
"uuid": "5ace211c-4cd0-44f3-bb9b-4afb02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ed0d0b60-aea2-4fe9-81c4-e53e51f2c2bb",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:15.000Z",
|
|
"modified": "2018-04-11T14:52:15.000Z",
|
|
"pattern": "[file:hashes.MD5 = '13cdb9bfb04980bc6656aedbec3abd19' AND file:hashes.SHA1 = 'ef875363cad720890ef3dc3509b0d2c78a68ecc6' AND file:hashes.SHA256 = '41d221b2cdb475db89d3f9786952d09c9d407716ae329899f0b2d774f5ce1704']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:15Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--1f77679b-1e65-404f-b403-929329a35a52",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:13.000Z",
|
|
"modified": "2018-04-11T14:52:13.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:17:40",
|
|
"category": "Other",
|
|
"uuid": "5ace211d-0b34-4c89-a51f-46ff02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/41d221b2cdb475db89d3f9786952d09c9d407716ae329899f0b2d774f5ce1704/analysis/1522297060/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace211e-0cf0-46d0-9753-4e4102de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "32/58",
|
|
"category": "Other",
|
|
"uuid": "5ace211e-d8d4-46f8-90c1-467302de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5f13df23-d28b-4187-b4c6-f962b2f8ef50",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:17.000Z",
|
|
"modified": "2018-04-11T14:52:17.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ba4b3932a3200b241bd05c03a6b5fdf2' AND file:hashes.SHA1 = 'ae12dea9d38960126dcdea44fe65c280b79b3086' AND file:hashes.SHA256 = '2f55acaf0cb8c21d121434e69214a3ccdbc64c46126083fa2d390131772453ea']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:17Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--b9cb07c2-ef54-46c9-afb2-c797997d80f4",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:16.000Z",
|
|
"modified": "2018-04-11T14:52:16.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:17:08",
|
|
"category": "Other",
|
|
"uuid": "5ace2120-41d0-40b6-80db-4faa02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/2f55acaf0cb8c21d121434e69214a3ccdbc64c46126083fa2d390131772453ea/analysis/1522297028/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2120-4700-4531-a24e-4b5d02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2121-0970-4ddc-980d-481202de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--d788ae85-ff85-4bf2-9a82-c320e2b3a3df",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:20.000Z",
|
|
"modified": "2018-04-11T14:52:20.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'e66f0947c97fc872715d81aaf0f72ea3' AND file:hashes.SHA1 = '3284602a6eec613a5e3f2232c886d3c7babd7495' AND file:hashes.SHA256 = 'b5ae73e8f9cdf7f3f17769f6b8e3f4b0a997bd93298761f9dd42e01bbde0d537']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:20Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--8b3e44b9-e78b-4bbc-976d-278f8f6b60da",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:18.000Z",
|
|
"modified": "2018-04-11T14:52:18.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:27:56",
|
|
"category": "Other",
|
|
"uuid": "5ace2122-3954-4c1c-be0d-4d1c02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/b5ae73e8f9cdf7f3f17769f6b8e3f4b0a997bd93298761f9dd42e01bbde0d537/analysis/1522297676/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2122-7034-4294-b55c-413f02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "25/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2123-6558-4577-ae99-4d5702de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--01c46b2c-5585-4f00-9e62-41872a575449",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:22.000Z",
|
|
"modified": "2018-04-11T14:52:22.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0c62d410b99f2192b87ec2d4b638d4cf' AND file:hashes.SHA1 = '4f03566c7ef8db2c57f3f57e8e74ae522c4a0923' AND file:hashes.SHA256 = '5d62839bd76383c43eca681d9abc6ec4b0df9ae7deadc4ac23bf4d38f4b0b17d']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:22Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--fe71bf2f-a017-4ec3-b42e-0cd2623c68d3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:21.000Z",
|
|
"modified": "2018-04-11T14:52:21.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:18:36",
|
|
"category": "Other",
|
|
"uuid": "5ace2125-dd30-4840-b15d-404702de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/5d62839bd76383c43eca681d9abc6ec4b0df9ae7deadc4ac23bf4d38f4b0b17d/analysis/1522297116/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2125-2394-43ec-85f3-4f5c02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "32/57",
|
|
"category": "Other",
|
|
"uuid": "5ace2126-f2c4-4296-a593-4be702de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--a51025f7-d4ef-4f51-ad7d-de03abc3366f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:25.000Z",
|
|
"modified": "2018-04-11T14:52:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = '30f91807389f65a5beaa608840a7b2b0' AND file:hashes.SHA1 = '7f93c6b850f333693b69bb466d92f77182c52f61' AND file:hashes.SHA256 = '05477a397d57099b6f1e5b5da9248598ead9813890fb1622652f01bdf8e07cd3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--8a4216a6-f1d7-406b-a354-05bd0f85e6e9",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:23.000Z",
|
|
"modified": "2018-04-11T14:52:23.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:14:49",
|
|
"category": "Other",
|
|
"uuid": "5ace2127-10d0-4a25-8964-473702de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/05477a397d57099b6f1e5b5da9248598ead9813890fb1622652f01bdf8e07cd3/analysis/1522296889/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2127-8e2c-40c0-81e7-4cfd02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "33/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2128-cf7c-496e-a7a4-4d5302de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c38c5804-df8e-41fa-9b7f-31e3544fe566",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:27.000Z",
|
|
"modified": "2018-04-11T14:52:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'abcaa06baaed3468b77b50f6e6faa99b' AND file:hashes.SHA1 = 'afc5815888f63669272cfba8f705746d8dd166ff' AND file:hashes.SHA256 = '7e11c4178ddfaae2d03fbd35b6048f58d5a479179e562ea9a03dbbe3c71dd721']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--4b0a8942-7f6f-4905-8919-faf340b2eef6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:25.000Z",
|
|
"modified": "2018-04-11T14:52:25.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:19:41",
|
|
"category": "Other",
|
|
"uuid": "5ace2129-5fa8-4a7b-b06d-46cd02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/7e11c4178ddfaae2d03fbd35b6048f58d5a479179e562ea9a03dbbe3c71dd721/analysis/1522297181/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2129-e7a8-4c37-b0a2-48f002de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "32/58",
|
|
"category": "Other",
|
|
"uuid": "5ace212a-6934-465a-8595-4d1802de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--38b67aab-e80d-4134-8010-151ff4ae082f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:29.000Z",
|
|
"modified": "2018-04-11T14:52:29.000Z",
|
|
"pattern": "[file:hashes.MD5 = '080d18022d3c2b243aca4fb6fd320f51' AND file:hashes.SHA1 = '07f2aac70a9adc7b53c1c784ad9b716b62ad3616' AND file:hashes.SHA256 = '5d2d2a744f3accfe16c8796568895f7f6aeb3b05860bf236dce7efd30e477fab']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:29Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--0b7254b0-949e-43a1-ac8c-2965ac1b87bf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:28.000Z",
|
|
"modified": "2018-04-11T14:52:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:17",
|
|
"category": "Other",
|
|
"uuid": "5ace212c-e9a0-49ba-a523-4c0202de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/5d2d2a744f3accfe16c8796568895f7f6aeb3b05860bf236dce7efd30e477fab/analysis/1522942997/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace212c-d998-406f-9f02-423002de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace212c-bd68-4a6a-a1e1-401c02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--a7b3ca08-23d1-4d80-b790-156e3b13ffd3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:31.000Z",
|
|
"modified": "2018-04-11T14:52:31.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd6a278a1a1c1d50390515789a1035243' AND file:hashes.SHA1 = '755971957f15e0f6dfbabaa4e71e7b2fd2f684d0' AND file:hashes.SHA256 = 'c29687a47fcfff0242094020710757dc2c6d7f9bea029dbf1bb8167189800ad9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:31Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--57815c25-9ff4-4f89-b156-44265ffe0be5",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:30.000Z",
|
|
"modified": "2018-04-11T14:52:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:21",
|
|
"category": "Other",
|
|
"uuid": "5ace212e-4514-4326-ac0d-46d902de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c29687a47fcfff0242094020710757dc2c6d7f9bea029dbf1bb8167189800ad9/analysis/1522943001/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace212e-ab00-4541-a7cb-4ce302de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/59",
|
|
"category": "Other",
|
|
"uuid": "5ace212f-8c8c-4e70-8184-4f0702de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--7300363a-ef3a-42b7-bc3c-1d815b936cbd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:34.000Z",
|
|
"modified": "2018-04-11T14:52:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2fae1c35575e3ab586fabe7078dceab2' AND file:hashes.SHA1 = '6b6aa7c4eb2839f18cc455fa3b3b01b3c22ba6a7' AND file:hashes.SHA256 = '157942e817f4b619aa0f5445ccdab220e9d2548307c85cee3e8700f220cac999']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--bb04e39c-e560-4fcb-9ddf-59d2319cd87d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:32.000Z",
|
|
"modified": "2018-04-11T14:52:32.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:22",
|
|
"category": "Other",
|
|
"uuid": "5ace2131-4f2c-46e2-adb0-480a02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/157942e817f4b619aa0f5445ccdab220e9d2548307c85cee3e8700f220cac999/analysis/1522943062/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2131-2720-4a4d-a64f-4f5f02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2131-7f3c-410f-944e-4de202de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--da2ba542-2c80-4b59-885d-a5afbef0db51",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:36.000Z",
|
|
"modified": "2018-04-11T14:52:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0ce2b8a2e973e120c6a81ee5207e801a' AND file:hashes.SHA1 = '4513e35d60ba993925a2bded7fe199a88f37fcd8' AND file:hashes.SHA256 = '68af89221274b2b8686c2d62ab2f003f028cf5959adda44ac1f897d42387df20']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--2a402b12-d1da-4439-bf12-bc00bc885f3f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:35.000Z",
|
|
"modified": "2018-04-11T14:52:35.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-28T16:25:18",
|
|
"category": "Other",
|
|
"uuid": "5ace2133-9e14-4d7a-bf1f-4a8002de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/68af89221274b2b8686c2d62ab2f003f028cf5959adda44ac1f897d42387df20/analysis/1522254318/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2133-84bc-4caf-a771-455802de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "21/57",
|
|
"category": "Other",
|
|
"uuid": "5ace2134-125c-48e0-83f5-4ea302de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--8cb6abf5-0f5c-44fb-9629-14b2bcc84f41",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:39.000Z",
|
|
"modified": "2018-04-11T14:52:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c13ee4f2ba4ede68f69cbc1e8ee391ea' AND file:hashes.SHA1 = 'c1dceea29e05fa35748d825c60b0c7bc5ce7aaa3' AND file:hashes.SHA256 = 'ce1d62490554e11c791665ee52b0a54b2cc81c5f3626741b6fab42cae561bfc5']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--d3ea91b4-6c64-44b3-b437-1105518923c7",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:37.000Z",
|
|
"modified": "2018-04-11T14:52:37.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:28:49",
|
|
"category": "Other",
|
|
"uuid": "5ace2135-2598-4da5-90f4-43e602de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/ce1d62490554e11c791665ee52b0a54b2cc81c5f3626741b6fab42cae561bfc5/analysis/1522297729/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2135-23b4-43e4-9b59-440702de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2136-f4d8-43c1-8371-432c02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--0d1e2f73-9439-4cfb-978b-dbe3b4d918e3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:41.000Z",
|
|
"modified": "2018-04-11T14:52:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = '2f5fd2f8a2da99295b8720ec2fa06980' AND file:hashes.SHA1 = '835f684f20c74fdcd35be1a7457c58f09b1abf0e' AND file:hashes.SHA256 = '32ae1154fb9459ef1f2b217cc49756cf38b641b035ab9365229b94a0b7352551']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--cbbed67a-4d47-4f49-94da-1fef681147a1",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:39.000Z",
|
|
"modified": "2018-04-11T14:52:39.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:16",
|
|
"category": "Other",
|
|
"uuid": "5ace2137-c5e0-4c63-95d9-4e4e02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/32ae1154fb9459ef1f2b217cc49756cf38b641b035ab9365229b94a0b7352551/analysis/1522943056/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2137-9e30-44b4-8c98-411302de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2138-8274-4e1e-b139-49b402de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--d51b2874-5f95-4a5e-bbd9-c5a6614b0445",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:43.000Z",
|
|
"modified": "2018-04-11T14:52:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd735620047e534016b001b98d92ff1a7' AND file:hashes.SHA1 = 'b6eee6d67598a89c35d314ae699f5139bde4dd0d' AND file:hashes.SHA256 = '837f3d4de8c3e0b409fa52939b8e1bc5c4ebe559c270247ecfad94428b4c5e76']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--5fbe35d8-d4d7-4e49-95d1-88772b043d59",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:41.000Z",
|
|
"modified": "2018-04-11T14:52:41.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:20:07",
|
|
"category": "Other",
|
|
"uuid": "5ace2139-7378-4ada-b8fe-422802de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/837f3d4de8c3e0b409fa52939b8e1bc5c4ebe559c270247ecfad94428b4c5e76/analysis/1522297207/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace213a-5c30-48e8-94f5-455e02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "33/58",
|
|
"category": "Other",
|
|
"uuid": "5ace213a-fb74-4222-ad0d-40f102de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--f6776a76-229f-49a7-af38-ac58159887c2",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:45.000Z",
|
|
"modified": "2018-04-11T14:52:45.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ff5feea099b0057436d7a9740867ae13' AND file:hashes.SHA1 = '48324c56f9760264685a6ec5507ccbd797bc40e1' AND file:hashes.SHA256 = '9148a7caa1734ef58bb220706c446e7283e11678817d58c87f533497f8941b82']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:45Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--2fee7173-ec60-4011-8f48-4a75451d9bb6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:44.000Z",
|
|
"modified": "2018-04-11T14:52:44.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:21:07",
|
|
"category": "Other",
|
|
"uuid": "5ace213c-dbbc-4429-8c0d-400f02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/9148a7caa1734ef58bb220706c446e7283e11678817d58c87f533497f8941b82/analysis/1522297267/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace213c-d704-4971-961c-461502de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/58",
|
|
"category": "Other",
|
|
"uuid": "5ace213d-8118-43ab-aad1-4b6602de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--98e4250a-3b95-448b-9c41-f42259e241ee",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:48.000Z",
|
|
"modified": "2018-04-11T14:52:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5592933769e854f476673ce9a1843604' AND file:hashes.SHA1 = 'fbf531309d4c46566387b5cf4650d08467916061' AND file:hashes.SHA256 = '4b888de7d81be5c58943d99df42685c8b1597a3dd20462b392a9662484ea2dac']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--1a524806-b60c-4d1a-844a-b96792b52515",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:46.000Z",
|
|
"modified": "2018-04-11T14:52:46.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:14",
|
|
"category": "Other",
|
|
"uuid": "5ace213e-d360-4ca7-ab8b-450c02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/4b888de7d81be5c58943d99df42685c8b1597a3dd20462b392a9662484ea2dac/analysis/1522943054/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace213f-2648-4030-9eae-48f102de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace213f-24fc-48a2-b2a2-426002de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--bee48029-445e-439f-a8dc-286e41b7c723",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:50.000Z",
|
|
"modified": "2018-04-11T14:52:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = '37fa82dd944b528d53f0826cb6fa4faf' AND file:hashes.SHA1 = 'e52692f1f43e670d1c4b540b93223157b94a761e' AND file:hashes.SHA256 = '1545a65c6b8564cbf26b399286a3b32ce204c6f650dbc4a5a64a6505f87cc723']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--cc6eba97-a713-4f1f-ae25-2d67407de9e1",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:48.000Z",
|
|
"modified": "2018-04-11T14:52:48.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:16:01",
|
|
"category": "Other",
|
|
"uuid": "5ace2140-57c0-41aa-aa67-4a5502de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/1545a65c6b8564cbf26b399286a3b32ce204c6f650dbc4a5a64a6505f87cc723/analysis/1522296961/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2141-28e4-483c-be25-49da02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "32/57",
|
|
"category": "Other",
|
|
"uuid": "5ace2141-ba2c-45df-b516-4a9602de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b14052c8-614a-4fdc-a621-00e499b0bfb6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:52.000Z",
|
|
"modified": "2018-04-11T14:52:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a632bf5b4c1eec798f355150f065b6c7' AND file:hashes.SHA1 = '9bd4307607a7cad7b4e180988e345c7d1b8714fe' AND file:hashes.SHA256 = '896aee2d759e31c71e4b5e4b69a3470e0b97897399060bab4c3d2d955661129c']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--01811029-dcab-45f1-8f10-5e0afe8e1dbc",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:50.000Z",
|
|
"modified": "2018-04-11T14:52:50.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:20:25",
|
|
"category": "Other",
|
|
"uuid": "5ace2143-3060-4b06-8b57-44c702de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/896aee2d759e31c71e4b5e4b69a3470e0b97897399060bab4c3d2d955661129c/analysis/1522297225/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2143-3f74-432a-b222-47db02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "31/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2143-ec8c-49a0-94d7-46bc02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ebef05ee-7e49-4e93-b78e-6b66204c3bc1",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:54.000Z",
|
|
"modified": "2018-04-11T14:52:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = '752ecdab5f5b3f489ed4a8fa8ecda84d' AND file:hashes.SHA1 = '4f62a24867d9f4f915cf73d527f90187cf2c1c46' AND file:hashes.SHA256 = '546af611540e98482b3726781826cccae7ffa6da87be1876521110780a623b6e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--a7312d1a-3bc8-49c2-82ee-93c8c891e905",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:53.000Z",
|
|
"modified": "2018-04-11T14:52:53.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:07",
|
|
"category": "Other",
|
|
"uuid": "5ace2145-2588-45a3-b371-404e02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/546af611540e98482b3726781826cccae7ffa6da87be1876521110780a623b6e/analysis/1522943047/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2145-ff58-4dbf-87de-419502de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2146-6060-4dbb-99bd-48b102de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--d4903005-b4ba-4612-a302-b8f440d0cae2",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:57.000Z",
|
|
"modified": "2018-04-11T14:52:57.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1be989b0fc3e98319d863293852fdb4b' AND file:hashes.SHA1 = '2c67375ec690cbaf2dc614eb29eacf2802bb8fb1' AND file:hashes.SHA256 = 'bc009d455e2b74ebbe5e3d7efe90f547fa493ad35d9e0261b99bf21edeae33ed']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--6d0d2417-94d9-49e1-84b5-61f6742e5c80",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:56.000Z",
|
|
"modified": "2018-04-11T14:52:56.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:28:08",
|
|
"category": "Other",
|
|
"uuid": "5ace2148-8794-4626-9c8a-45c502de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/bc009d455e2b74ebbe5e3d7efe90f547fa493ad35d9e0261b99bf21edeae33ed/analysis/1522297688/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2148-bf4c-4e00-ba2d-4ff302de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "32/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2148-d83c-45e9-be4b-47c502de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c97555de-fce4-49b8-a245-485465edbbdf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:59.000Z",
|
|
"modified": "2018-04-11T14:52:59.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b2e435af63f609d54922d03924b33c06' AND file:hashes.SHA1 = 'aa5cd6f889dbd08f3d509d7d7a7810fd83977849' AND file:hashes.SHA256 = 'dcad1128bef3f0f530b5870c2c6d648a8dc009126cdd63ce183ee96c708d4c39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:52:59Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--b445bded-0b5d-46d7-aa14-6f3fa4db52bf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:52:58.000Z",
|
|
"modified": "2018-04-11T14:52:58.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:19",
|
|
"category": "Other",
|
|
"uuid": "5ace214a-b8b0-4ad3-91ed-4cd302de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/dcad1128bef3f0f530b5870c2c6d648a8dc009126cdd63ce183ee96c708d4c39/analysis/1522942999/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace214a-bc28-40f1-abfb-471402de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/59",
|
|
"category": "Other",
|
|
"uuid": "5ace214b-16d0-44a1-a880-47b202de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--03888f87-e431-4ab7-b5b6-d4155dad9716",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:02.000Z",
|
|
"modified": "2018-04-11T14:53:02.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7d982cc5e952d12a6313e82f5d266eff' AND file:hashes.SHA1 = '65823ffc9c715f40cbcdae630db653086f6d8843' AND file:hashes.SHA256 = 'ece6d98c65b072efc44f062710faf35c640ba6d33c60beb0d329637a9efdc38e']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:02Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--88133967-798f-4161-9dcb-95d458be530c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:00.000Z",
|
|
"modified": "2018-04-11T14:53:00.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:29:34",
|
|
"category": "Other",
|
|
"uuid": "5ace214c-ba3c-41c9-96bf-426602de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/ece6d98c65b072efc44f062710faf35c640ba6d33c60beb0d329637a9efdc38e/analysis/1522297774/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace214c-f2b0-4edd-8963-4a0b02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "32/57",
|
|
"category": "Other",
|
|
"uuid": "5ace214d-3fac-4a99-a549-488d02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6c91ea71-1f01-42d9-a956-ba1a299be4c2",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:04.000Z",
|
|
"modified": "2018-04-11T14:53:04.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd38a3ec16097ce8f6359fc35d6e4f5a1' AND file:hashes.SHA1 = '98d745989818d9a0c8ee9afa6d8ee5ac5e40d5f1' AND file:hashes.SHA256 = 'eac274621506fed73f513cf220bd26b78b570e9cea2c341a24aba1392b539440']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:04Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--d9499e1b-4086-467a-9ce8-93492a379bd3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:02.000Z",
|
|
"modified": "2018-04-11T14:53:02.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:29:27",
|
|
"category": "Other",
|
|
"uuid": "5ace214e-de60-435e-8af0-465702de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/eac274621506fed73f513cf220bd26b78b570e9cea2c341a24aba1392b539440/analysis/1522297767/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace214f-bdec-4126-ae45-4cf502de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "33/57",
|
|
"category": "Other",
|
|
"uuid": "5ace214f-01a8-4062-9077-42a502de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--4716d1d3-14f5-4ed0-ac6f-e3a13b400464",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:06.000Z",
|
|
"modified": "2018-04-11T14:53:06.000Z",
|
|
"pattern": "[file:hashes.MD5 = '17df98e9637ff22d53d3bcb5e95f7ba5' AND file:hashes.SHA1 = '81b23bf2edc8918af19f5b5f0ee1b6ab795d6be6' AND file:hashes.SHA256 = 'a390df91a70c6d745ec1ee660008964a476e0bb9f1e4e15314ab7117221f3832']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:06Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--362ca7c9-4be6-4252-b96c-3542a75ead4c",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:04.000Z",
|
|
"modified": "2018-04-11T14:53:04.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:29",
|
|
"category": "Other",
|
|
"uuid": "5ace2151-cef8-4887-84f4-437b02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/a390df91a70c6d745ec1ee660008964a476e0bb9f1e4e15314ab7117221f3832/analysis/1522943009/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2151-981c-4316-b110-434702de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/60",
|
|
"category": "Other",
|
|
"uuid": "5ace2151-e69c-408d-895e-4b7802de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--0ff124a2-4515-4f8f-954d-c39d1931093f",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:09.000Z",
|
|
"modified": "2018-04-11T14:53:09.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5db855a0f95373fda8646a558fbc879b' AND file:hashes.SHA1 = '484a98811222d63d280119728e54fe4aa21674fa' AND file:hashes.SHA256 = '912558c5614e392fdafd2c80eb52a7e58ef4b87e40c3972ff436f8af7c3afacf']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:09Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--fe05211f-0e4e-409c-b996-f62d185247fa",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:07.000Z",
|
|
"modified": "2018-04-11T14:53:07.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:59",
|
|
"category": "Other",
|
|
"uuid": "5ace2153-4b20-4e02-becd-44ce02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/912558c5614e392fdafd2c80eb52a7e58ef4b87e40c3972ff436f8af7c3afacf/analysis/1522943039/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2154-14fc-4c7d-8a25-4be902de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "28/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2154-9434-4b59-afc9-4bc302de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ab96f97c-11b9-4614-84e6-3106a0c4a792",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:11.000Z",
|
|
"modified": "2018-04-11T14:53:11.000Z",
|
|
"pattern": "[file:hashes.MD5 = '64fa0e10303e0308e71f94cfcc8c307a' AND file:hashes.SHA1 = 'b0641d670ac24e8b8f5bd7f0a0d2786e53d9fe88' AND file:hashes.SHA256 = 'd5013d60114db31814c879c530875ae4753f5b1b34b47f8efda0a0bbf25288a2']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:11Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--bc6587cf-35aa-408c-9a88-e34b5c94e1d6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:09.000Z",
|
|
"modified": "2018-04-11T14:53:09.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:23",
|
|
"category": "Other",
|
|
"uuid": "5ace2156-afe4-4ed8-8377-47ad02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/d5013d60114db31814c879c530875ae4753f5b1b34b47f8efda0a0bbf25288a2/analysis/1522943003/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2156-df3c-426d-9e96-407402de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2157-9b4c-410f-9ff1-4c5a02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--daea0da5-5674-4d9a-99b9-a6dd5e69361a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:14.000Z",
|
|
"modified": "2018-04-11T14:53:14.000Z",
|
|
"pattern": "[file:hashes.MD5 = '6f6ec58aaa479eeb2595071b4f7358f3' AND file:hashes.SHA1 = '3aadb55999e270757a890fc8c8bbebc077901f9e' AND file:hashes.SHA256 = 'a93f64c8ab09872d430dd8c2518b0d790b75fab9f26e2e554a8c30d96f8d1ab9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:14Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--cd8ee169-6a3c-4d0c-b7d5-2bd070398734",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:12.000Z",
|
|
"modified": "2018-04-11T14:53:12.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:28",
|
|
"category": "Other",
|
|
"uuid": "5ace2158-1120-4e67-bcf8-49ce02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/a93f64c8ab09872d430dd8c2518b0d790b75fab9f26e2e554a8c30d96f8d1ab9/analysis/1522943008/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2158-c780-4dd3-a065-4c3002de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "36/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2159-c99c-4f60-a427-41af02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1cff9c3a-d6e2-4cac-b1b8-161ff93dd2e6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:16.000Z",
|
|
"modified": "2018-04-11T14:53:16.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c1d6ae4fef63d2bd1dac95287c57d2d6' AND file:hashes.SHA1 = '7870c20ba8619c9e71bcca4f2495197c4a1625b9' AND file:hashes.SHA256 = '6fec415bf926c0ea5b672d693a671435c6798c8deeed462da3221ab3d6cbee39']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:16Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--11b77879-a359-4744-a0d1-fddc267ca6b1",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:14.000Z",
|
|
"modified": "2018-04-11T14:53:14.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:19:28",
|
|
"category": "Other",
|
|
"uuid": "5ace215a-9f88-43de-9737-40db02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/6fec415bf926c0ea5b672d693a671435c6798c8deeed462da3221ab3d6cbee39/analysis/1522297168/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace215a-797c-4239-b3f2-4e2502de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "20/48",
|
|
"category": "Other",
|
|
"uuid": "5ace215b-10bc-4163-ba72-4b4102de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--317c60b6-8524-4b43-ab79-1f366915c2e7",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:18.000Z",
|
|
"modified": "2018-04-11T14:53:18.000Z",
|
|
"pattern": "[file:hashes.MD5 = '7782443c5d6457bcabf9a82b2cab0a9f' AND file:hashes.SHA1 = '0e999b4fbdf533f2774bdade999911bee97fb979' AND file:hashes.SHA256 = '6154b14bb4d7c682262c6e343bf162954cc3bafbbc719b660f8a081b24281a02']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:18Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--02460375-4dcb-47c7-9c8c-3b131201385b",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:16.000Z",
|
|
"modified": "2018-04-11T14:53:16.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:18:47",
|
|
"category": "Other",
|
|
"uuid": "5ace215d-9654-428d-8ed2-487302de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/6154b14bb4d7c682262c6e343bf162954cc3bafbbc719b660f8a081b24281a02/analysis/1522297127/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace215d-0768-410a-8d44-4e8c02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "33/58",
|
|
"category": "Other",
|
|
"uuid": "5ace215e-19cc-4ae3-9c42-46e902de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5642efac-135e-4519-b97c-0f980d195cf8",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:21.000Z",
|
|
"modified": "2018-04-11T14:53:21.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b211b8b248b9fe95e869b349a3a27992' AND file:hashes.SHA1 = '182fd363a7617327a54ee8c49a3efd90e3409b05' AND file:hashes.SHA256 = '501d7c038988baff6658e4b7059cc470a7a18388780d6a7dd047adb341374bb3']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:21Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--a352aa3f-8855-40e0-a7b4-c593f679812d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:19.000Z",
|
|
"modified": "2018-04-11T14:53:19.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:17",
|
|
"category": "Other",
|
|
"uuid": "5ace215f-3afc-47f0-9407-44bf02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/501d7c038988baff6658e4b7059cc470a7a18388780d6a7dd047adb341374bb3/analysis/1522942997/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2160-85b8-4129-b6d2-4dbf02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "28/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2160-419c-49fb-bf83-4b1402de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--57ebbd65-ce89-4eef-8998-312be2bcb349",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:23.000Z",
|
|
"modified": "2018-04-11T14:53:23.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a6cf243fc7a3e9536a007037c737c09c' AND file:hashes.SHA1 = 'ebfef060794904bab190086aa0969e778f2ea455' AND file:hashes.SHA256 = '20377bfd2f040c8e0a8742be4f5ed122986dd71f0a6acf803ee2817d96f92a15']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:23Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--33123089-008e-45a5-92e8-96addd26dd71",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:21.000Z",
|
|
"modified": "2018-04-11T14:53:21.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:16:34",
|
|
"category": "Other",
|
|
"uuid": "5ace2161-1e84-40e7-8d71-458802de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/20377bfd2f040c8e0a8742be4f5ed122986dd71f0a6acf803ee2817d96f92a15/analysis/1522296994/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2162-5c28-4ea6-a29a-406902de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2162-be6c-4018-97fd-4e1902de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--53affc4d-60a8-4c6d-9405-1c21638010d7",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:25.000Z",
|
|
"modified": "2018-04-11T14:53:25.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'f727a22ffcfe00f2ce43c464d9e9f247' AND file:hashes.SHA1 = 'c659cb15bc28938677ba8ac0e580cfca7543275e' AND file:hashes.SHA256 = '60de5a8a9cb0d935a57ad8c60943fc711630232ec2564b496c043419ee3eb6a9']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:25Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--7f42d82a-5805-411b-803f-bbca82cd3c56",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:23.000Z",
|
|
"modified": "2018-04-11T14:53:23.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:18:41",
|
|
"category": "Other",
|
|
"uuid": "5ace2164-ea64-4948-aff4-403802de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/60de5a8a9cb0d935a57ad8c60943fc711630232ec2564b496c043419ee3eb6a9/analysis/1522297121/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2164-3d98-442a-bfe0-4e2102de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "26/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2164-b280-48ed-b814-434102de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--cc4e3e77-cf17-4278-912f-71bf1eec703d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:27.000Z",
|
|
"modified": "2018-04-11T14:53:27.000Z",
|
|
"pattern": "[file:hashes.MD5 = '952994688993f06ebcffbb5ebcfde14e' AND file:hashes.SHA1 = '8cd05b66d0b44976840f31fe9f1a94421e07e864' AND file:hashes.SHA256 = '67ad6f0cee01cd991880d0756175e49d35ea52e19517f7b2f9941a2269d25cb7']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:27Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--0b592a97-493a-4d25-934a-72abd4a11e8b",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:26.000Z",
|
|
"modified": "2018-04-11T14:53:26.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:09",
|
|
"category": "Other",
|
|
"uuid": "5ace2166-6e28-434e-ab16-411e02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/67ad6f0cee01cd991880d0756175e49d35ea52e19517f7b2f9941a2269d25cb7/analysis/1522943049/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2166-30e4-434c-8e38-44d202de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "27/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2167-a058-4ddf-ab9d-423d02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--6e59fe57-f683-49fe-98c2-d2392248d076",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:30.000Z",
|
|
"modified": "2018-04-11T14:53:30.000Z",
|
|
"pattern": "[file:hashes.MD5 = '15afdeee0305fe50177ef18c32f2dd8c' AND file:hashes.SHA1 = '9d51d81d323405db24b6d7dec7d7fb87cc8c43e0' AND file:hashes.SHA256 = 'd08615d6c29ea77526bf7284fcff19110879347b59f74c06a4f488297c28f127']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:30Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--00284e3a-3d9f-4738-8d39-be39d6c7cfe3",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:28.000Z",
|
|
"modified": "2018-04-11T14:53:28.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:28:55",
|
|
"category": "Other",
|
|
"uuid": "5ace2168-1c7c-4e90-920f-478902de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/d08615d6c29ea77526bf7284fcff19110879347b59f74c06a4f488297c28f127/analysis/1522297735/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2168-336c-4222-9131-45fe02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "24/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2169-6a60-49a5-9fff-47cd02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--05722d72-0046-46b9-8b0c-6e179dfa6edc",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:32.000Z",
|
|
"modified": "2018-04-11T14:53:32.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'd0b027bb52933fcb64c02c30dd4c1048' AND file:hashes.SHA1 = 'b938ce4f95207239da730a699a62e19b0a407722' AND file:hashes.SHA256 = '102ab656a6da5d29e284e53f3038863d99058e39e3ca005d3168ad7dfbf354c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:32Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--34798e8d-f8f5-4862-9d49-9686048cbd25",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:30.000Z",
|
|
"modified": "2018-04-11T14:53:30.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:24",
|
|
"category": "Other",
|
|
"uuid": "5ace216a-6f70-4a17-91f2-488102de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/102ab656a6da5d29e284e53f3038863d99058e39e3ca005d3168ad7dfbf354c8/analysis/1522943064/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace216b-80bc-4ba3-a3b8-4f9f02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace216b-1f3c-4f0a-8faa-4f3402de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1a2a899d-365d-4f83-90c4-f281e025fbfd",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:34.000Z",
|
|
"modified": "2018-04-11T14:53:34.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a521b52f748d268c87be6a0aa1b41561' AND file:hashes.SHA1 = 'c8704b22292bb693362defc5f61ded8831ff64d3' AND file:hashes.SHA256 = 'a7f2a6e8c4101736de31d09b6fb195e022e52486712fac1bd8deb6f8712b7072']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:34Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--4ccad6b1-b442-4943-a1bb-632367243e3a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:33.000Z",
|
|
"modified": "2018-04-11T14:53:33.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:30",
|
|
"category": "Other",
|
|
"uuid": "5ace216d-0a78-4c9f-9b88-4a6502de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/a7f2a6e8c4101736de31d09b6fb195e022e52486712fac1bd8deb6f8712b7072/analysis/1522943010/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace216d-9aac-4ebb-b194-413e02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace216d-05ac-47c8-ad2f-4e2d02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--02025dde-85dd-472c-9488-ac230d1088c2",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:36.000Z",
|
|
"modified": "2018-04-11T14:53:36.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5911092309ba21f63f230f4756aa332d' AND file:hashes.SHA1 = '5bd5398f058f58da63e96307292b92d9fe22e2e3' AND file:hashes.SHA256 = '97b397da7e73f51f3db3accee40ceb45516cce3e4f749f9013501f0679c5e6c8']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:36Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--6c418d1a-3c22-40b3-b3d3-bce332bfdfb7",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:35.000Z",
|
|
"modified": "2018-04-11T14:53:35.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:21:19",
|
|
"category": "Other",
|
|
"uuid": "5ace216f-5948-46d5-9796-467702de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/97b397da7e73f51f3db3accee40ceb45516cce3e4f749f9013501f0679c5e6c8/analysis/1522297279/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace216f-658c-4498-aa99-48a802de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "25/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2170-6bf0-4fa7-8659-4b8602de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--4f831bd7-482b-480d-be4c-d77ea1295e06",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:39.000Z",
|
|
"modified": "2018-04-11T14:53:39.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'a779f81171caa54bbf3f480aa9a978cc' AND file:hashes.SHA1 = '96edb1aa1223e63493d6511edfac94adad70b748' AND file:hashes.SHA256 = '0f4c051987a8470289060e8556911a9bc0f22da863f3d50851b27bdb2cb80da4']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:39Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--5a6facbc-62b0-424a-8e54-15005ffecb38",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:37.000Z",
|
|
"modified": "2018-04-11T14:53:37.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:15:44",
|
|
"category": "Other",
|
|
"uuid": "5ace2171-e78c-46a5-b4ff-404802de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/0f4c051987a8470289060e8556911a9bc0f22da863f3d50851b27bdb2cb80da4/analysis/1522296944/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2171-f300-4112-a672-410202de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "32/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2172-6f50-4885-be45-444202de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--a71784ec-09bd-456f-bce5-802fcc90eaaf",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:41.000Z",
|
|
"modified": "2018-04-11T14:53:41.000Z",
|
|
"pattern": "[file:hashes.MD5 = '292d124aa58579e18239951f63c38da7' AND file:hashes.SHA1 = '0e17632af57d658832be0b65d1acfe887645799d' AND file:hashes.SHA256 = 'd571ab0754b54ad07029a678f925227f287589cd07759461fc54dba76ef38eeb']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:41Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--31d88e38-4b3d-4d9f-9b12-97aefb81c305",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:39.000Z",
|
|
"modified": "2018-04-11T14:53:39.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:29:08",
|
|
"category": "Other",
|
|
"uuid": "5ace2173-0a98-4359-9f6f-4cf802de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/d571ab0754b54ad07029a678f925227f287589cd07759461fc54dba76ef38eeb/analysis/1522297748/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2174-b508-4bbc-b7b7-464502de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "31/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2174-c844-4b02-bd22-405f02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--1a1a63ec-d0d6-4c5d-bc59-a9d412f974ad",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:43.000Z",
|
|
"modified": "2018-04-11T14:53:43.000Z",
|
|
"pattern": "[file:hashes.MD5 = '87bcae50b6dc776c3f8091e23c2a4b7d' AND file:hashes.SHA1 = '7c796cd5810229fb7d53b1ac21a385dba037d605' AND file:hashes.SHA256 = '9ddefdb78069404dd8581e9b46e9fb7a19509cb3000a02cd5e4ce9e2da744857']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:43Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--f0574f28-a59b-4e7c-ad4c-a5ba3abe37e6",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:42.000Z",
|
|
"modified": "2018-04-11T14:53:42.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:00",
|
|
"category": "Other",
|
|
"uuid": "5ace2176-b6b0-48e9-abaf-4c0b02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/9ddefdb78069404dd8581e9b46e9fb7a19509cb3000a02cd5e4ce9e2da744857/analysis/1522943040/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2176-7874-4af8-b910-47a202de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/60",
|
|
"category": "Other",
|
|
"uuid": "5ace2177-2aa0-468f-b4d2-466802de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--b91b3267-943b-4cc4-98dd-7af83efcd364",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:46.000Z",
|
|
"modified": "2018-04-11T14:53:46.000Z",
|
|
"pattern": "[file:hashes.MD5 = '0625f930695bdb2107883016f2516630' AND file:hashes.SHA1 = '7d1dd7f6d6ee3fad6e60557ec60fc50460618604' AND file:hashes.SHA256 = '66ff80b4341b706f8d3b7bbc3082348d669c0103187d68f0be9dee47c4c617ca']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:46Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--a83e5ba7-27a2-430a-a85d-cc35b63edb7a",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:44.000Z",
|
|
"modified": "2018-04-11T14:53:44.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:09",
|
|
"category": "Other",
|
|
"uuid": "5ace2178-5958-43b1-b61f-4b9902de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/66ff80b4341b706f8d3b7bbc3082348d669c0103187d68f0be9dee47c4c617ca/analysis/1522943049/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2179-d298-4c71-9c68-45b402de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2179-79cc-4fec-8aaf-4eba02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--ae1251c0-4384-489a-9722-e6d0b463a9ee",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:48.000Z",
|
|
"modified": "2018-04-11T14:53:48.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'b318b6a56eacd13821900e1992cc415b' AND file:hashes.SHA1 = '04ac231b428893ecd794e2623260897c28586784' AND file:hashes.SHA256 = 'a6e8437bb7b154bf3302f8d808decf713e853b7aecf45ff2e86edd0352892161']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:48Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--90e00ed6-1a34-4d05-8c46-6321ab2254c0",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:46.000Z",
|
|
"modified": "2018-04-11T14:53:46.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:26:04",
|
|
"category": "Other",
|
|
"uuid": "5ace217a-bde0-43f1-b941-457b02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/a6e8437bb7b154bf3302f8d808decf713e853b7aecf45ff2e86edd0352892161/analysis/1522297564/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace217b-9a1c-4b08-9eaa-402002de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "33/58",
|
|
"category": "Other",
|
|
"uuid": "5ace217b-2fd4-4a85-92a6-4fb502de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--79bfebb0-0515-4253-b628-8d0247f1f64d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:50.000Z",
|
|
"modified": "2018-04-11T14:53:50.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'c26a83619f845f6d051ac495ed39361b' AND file:hashes.SHA1 = 'f464c8b3c79283616ef5c7402b8c5338d98c792e' AND file:hashes.SHA256 = '9208b28c196686be62bb3d95df858f755af0c279e280dee294067cb783395844']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:50Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--ba146153-fb1e-4862-8fb2-de42c7bbb407",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:48.000Z",
|
|
"modified": "2018-04-11T14:53:48.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:21:13",
|
|
"category": "Other",
|
|
"uuid": "5ace217c-f9bc-4d04-b0af-4a3e02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/9208b28c196686be62bb3d95df858f755af0c279e280dee294067cb783395844/analysis/1522297273/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace217d-c7e0-4f40-8cf6-414d02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "32/57",
|
|
"category": "Other",
|
|
"uuid": "5ace217d-d40c-43d7-8075-4b8002de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--2e74e9bf-2116-499a-8664-85a8190ccc01",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:52.000Z",
|
|
"modified": "2018-04-11T14:53:52.000Z",
|
|
"pattern": "[file:hashes.MD5 = '1117a20dd2cdb9bbbe05374de34e3e53' AND file:hashes.SHA1 = 'd85c484d583514234cdb3cdeb5340dc851fc7001' AND file:hashes.SHA256 = '9e52fece2e0fa2fbcd3a39a5c75888d5257f6ac6a07ac514ad398d6d1f33385f']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:52Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--c751b343-f407-41bf-abae-34482ededd19",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:50.000Z",
|
|
"modified": "2018-04-11T14:53:50.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:32",
|
|
"category": "Other",
|
|
"uuid": "5ace217f-2354-47a9-af0f-4edc02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/9e52fece2e0fa2fbcd3a39a5c75888d5257f6ac6a07ac514ad398d6d1f33385f/analysis/1522943012/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace217f-b598-442a-9d8f-42b502de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace217f-de7c-4b79-903f-403902de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--2e231b46-7588-4a55-bca9-121895c6998d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:54.000Z",
|
|
"modified": "2018-04-11T14:53:54.000Z",
|
|
"pattern": "[file:hashes.MD5 = 'ee34326a6cb815c0a003954b1860f2ef' AND file:hashes.SHA1 = 'e9471a3bc3359a4bb60cb55cdda35a234c9c755e' AND file:hashes.SHA256 = '8d9dd4f611e7d66769f44877b95f4b387c093bc58d701b1695e2b75fc5ce178b']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:54Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--605c6785-5aa7-4507-a1e8-263319975111",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:53.000Z",
|
|
"modified": "2018-04-11T14:53:53.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:44:01",
|
|
"category": "Other",
|
|
"uuid": "5ace2181-12e4-4186-9584-406d02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/8d9dd4f611e7d66769f44877b95f4b387c093bc58d701b1695e2b75fc5ce178b/analysis/1522943041/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2182-4abc-4b0d-a75c-42b502de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/59",
|
|
"category": "Other",
|
|
"uuid": "5ace2182-6734-4b76-81e0-401902de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--c35fd8ca-1584-477b-aa6c-79ec4094bf8d",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:57.000Z",
|
|
"modified": "2018-04-11T14:53:57.000Z",
|
|
"pattern": "[file:hashes.MD5 = '06e4e54742d178cec767ec473689d757' AND file:hashes.SHA1 = '3cda8a86c3c0a2c3949c0007fdd3117e00a10827' AND file:hashes.SHA256 = '88c6b832ecd365f23d8076eba0ad8a7f661963f6c7bc9afb82ab1170261e3631']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:53:57Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--9af3e13e-1a66-4d0f-b609-fb329f31ef50",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:56.000Z",
|
|
"modified": "2018-04-11T14:53:56.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-04-05T15:43:59",
|
|
"category": "Other",
|
|
"uuid": "5ace2184-74b8-489e-ba11-475a02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/88c6b832ecd365f23d8076eba0ad8a7f661963f6c7bc9afb82ab1170261e3631/analysis/1522943039/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2185-b9a8-456d-a78c-4e3f02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "29/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2185-2720-41fa-b78a-4f3602de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--5ba0cf41-2b85-4acf-99db-059e0e799f94",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:54:00.000Z",
|
|
"modified": "2018-04-11T14:54:00.000Z",
|
|
"pattern": "[file:hashes.MD5 = '5ed4ed535ca4030bdf87f7ff52e98341' AND file:hashes.SHA1 = 'a8e9f4195994cc78acf4ecf8e04eabfb2f0a9332' AND file:hashes.SHA256 = 'c38c609a0ec13ee3bb30baf9d33eebd8fe585812711d36124acf0ae582767289']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:54:00Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--beb61c2e-cc01-4cf3-aa10-bac84dd682e5",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:53:59.000Z",
|
|
"modified": "2018-04-11T14:53:59.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:28:37",
|
|
"category": "Other",
|
|
"uuid": "5ace2187-7050-40ff-9ba3-40e402de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/c38c609a0ec13ee3bb30baf9d33eebd8fe585812711d36124acf0ae582767289/analysis/1522297717/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace2187-9b54-48bf-ace5-4f7b02de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "33/58",
|
|
"category": "Other",
|
|
"uuid": "5ace2188-e134-4128-ba08-4f1402de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "indicator",
|
|
"spec_version": "2.1",
|
|
"id": "indicator--989183ae-e288-435c-96ed-b4177a99a8af",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:54:03.000Z",
|
|
"modified": "2018-04-11T14:54:03.000Z",
|
|
"pattern": "[file:hashes.MD5 = '339e81227e5c4371cd5e834752aed0ff' AND file:hashes.SHA1 = '2d7ba8376d8d123c5f297bd896f190e97186f44e' AND file:hashes.SHA256 = 'f5cd4a9dcd92a517ab05fb75af3ff9e8d86ccdf72185a6b9a1eade28d2f54d61']",
|
|
"pattern_type": "stix",
|
|
"pattern_version": "2.1",
|
|
"valid_from": "2018-04-11T14:54:03Z",
|
|
"kill_chain_phases": [
|
|
{
|
|
"kill_chain_name": "misp-category",
|
|
"phase_name": "file"
|
|
}
|
|
],
|
|
"labels": [
|
|
"misp:name=\"file\"",
|
|
"misp:meta-category=\"file\"",
|
|
"misp:to_ids=\"True\""
|
|
]
|
|
},
|
|
{
|
|
"type": "x-misp-object",
|
|
"spec_version": "2.1",
|
|
"id": "x-misp-object--d80d7f6e-5f4d-4350-9780-597d916c5861",
|
|
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
|
|
"created": "2018-04-11T14:54:01.000Z",
|
|
"modified": "2018-04-11T14:54:01.000Z",
|
|
"labels": [
|
|
"misp:name=\"virustotal-report\"",
|
|
"misp:meta-category=\"misc\""
|
|
],
|
|
"x_misp_attributes": [
|
|
{
|
|
"type": "datetime",
|
|
"object_relation": "last-submission",
|
|
"value": "2018-03-29T04:29:52",
|
|
"category": "Other",
|
|
"uuid": "5ace2189-60d8-4549-b36d-426f02de0b81"
|
|
},
|
|
{
|
|
"type": "link",
|
|
"object_relation": "permalink",
|
|
"value": "https://www.virustotal.com/file/f5cd4a9dcd92a517ab05fb75af3ff9e8d86ccdf72185a6b9a1eade28d2f54d61/analysis/1522297792/",
|
|
"category": "External analysis",
|
|
"uuid": "5ace218a-87b8-4a9a-8c78-422602de0b81"
|
|
},
|
|
{
|
|
"type": "text",
|
|
"object_relation": "detection-ratio",
|
|
"value": "30/57",
|
|
"category": "Other",
|
|
"uuid": "5ace218a-5cb4-4bbe-840f-49de02de0b81"
|
|
}
|
|
],
|
|
"x_misp_meta_category": "misc",
|
|
"x_misp_name": "virustotal-report"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--564d5c77-d40e-4556-8ac7-86d14433230c",
|
|
"created": "2018-04-11T14:54:02.000Z",
|
|
"modified": "2018-04-11T14:54:02.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6fd1f6c4-6029-4413-a667-95fa38366b69",
|
|
"target_ref": "x-misp-object--5e8c12ae-9a16-463d-a46b-070b4d2c8404"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--5fe8d2d5-014e-494e-bfd0-cc112c2f311d",
|
|
"created": "2018-04-11T14:54:02.000Z",
|
|
"modified": "2018-04-11T14:54:02.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--7864e29b-4460-44d5-8445-c6e55d7bfb47",
|
|
"target_ref": "x-misp-object--a91fd6bd-7284-480c-b15f-770ceb7c5609"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--1f22bda5-72eb-4c78-a199-6d1f40930472",
|
|
"created": "2018-04-11T14:54:03.000Z",
|
|
"modified": "2018-04-11T14:54:03.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--08c3c62d-16f6-466c-a9c2-d56a58ab1c8d",
|
|
"target_ref": "x-misp-object--121a2ad2-8376-4e4c-b79a-b9776b93b362"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--64bc4879-5ff3-4203-a9af-da71da6003d8",
|
|
"created": "2018-04-11T14:54:03.000Z",
|
|
"modified": "2018-04-11T14:54:03.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--df8a81ab-a86d-4b49-899d-583d01f7e42a",
|
|
"target_ref": "x-misp-object--ee503918-62a7-4cbd-99f0-e6560f3f1c59"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--315b2000-34ae-469b-a91d-6816120b0d13",
|
|
"created": "2018-04-11T14:54:03.000Z",
|
|
"modified": "2018-04-11T14:54:03.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--1b83320b-4534-4616-9aa9-70d6e85c6d60",
|
|
"target_ref": "x-misp-object--4576e70d-c44d-44b0-82d9-b3ce92b2598a"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--bbb09164-e4ff-4414-b288-fcde71297963",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--2bfcf16d-2469-4c81-a60b-22eadcf925ed",
|
|
"target_ref": "x-misp-object--7e0dacb4-2576-45f2-91a3-65538610cc63"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--b925c4f7-ee2f-4fb3-a3a6-f66db486dd9a",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--514262f4-2286-4596-8c79-b3a456c9baff",
|
|
"target_ref": "x-misp-object--5ffafb99-cb1e-458b-928a-6d3aa9811fc3"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--7fc56f9f-ac9a-4356-bd6c-116517a97679",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--649a8ee3-1a45-423c-9972-ba281c297b7d",
|
|
"target_ref": "x-misp-object--8f63a85e-59e1-4425-9445-b5e64b9bd1b2"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--af41dc6f-433b-4ffa-95e1-a7b821357611",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--1cb85eed-35dd-4bbb-b639-d61d5a823d36",
|
|
"target_ref": "x-misp-object--fcc24e56-64af-4519-836e-7f93f17919d5"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e109078f-c174-4306-972d-73a9c7a32d8d",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--fc5a5102-440d-44b8-9614-b8bb931ca691",
|
|
"target_ref": "x-misp-object--b1f95800-22c5-4f98-b39e-44349c73ab63"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--f6c4b84a-1735-42c6-bbf7-6b08511a696f",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--670be7cf-f56d-484e-9318-4fe35253b9ba",
|
|
"target_ref": "x-misp-object--69b4c9a5-28e0-45a6-95b6-18b5ca7da196"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--f52cf45d-86f5-4582-99de-b0e0ec0ace40",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--5fec434e-324b-4dad-aa82-e6ad17c0e0f8",
|
|
"target_ref": "x-misp-object--1a98676b-2f5a-4be2-a77f-deafa4758761"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--aa9d249f-6cde-4fe5-ac1f-938e689180a4",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--569b47dd-ba9a-4aa6-b523-c71a31015c49",
|
|
"target_ref": "x-misp-object--be3c9538-4a98-4de3-860c-73c802c0c8d4"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--2827b0be-697c-49d6-ae73-c0cb32eb726c",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b28fcc17-afc6-4000-880f-f7f4664cdf18",
|
|
"target_ref": "x-misp-object--36fb41f1-dd51-478d-9a5c-d2394244c276"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--1530e6de-b1e1-4cdf-b70c-0ba4779f062d",
|
|
"created": "2018-04-11T14:54:04.000Z",
|
|
"modified": "2018-04-11T14:54:04.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--1ee29d84-1bdb-49ff-b0fe-cb71a1521342",
|
|
"target_ref": "x-misp-object--d7689172-d391-4ead-8c93-18d916e9a26b"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--b1f38cbf-a0ec-4352-ba85-873d800c7e7d",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--c70c7655-b077-48ea-a19a-19aa83b65ba0",
|
|
"target_ref": "x-misp-object--15fc4652-6ed8-48af-8df9-a547c4802b5e"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--9251da73-0693-450b-9d1c-6385878a3cab",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--8c0a1b0d-015c-4b5d-aeda-17b5feb31793",
|
|
"target_ref": "x-misp-object--85efbc12-c49e-49ba-83a4-cd4447430b05"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--493e52c0-3c24-45a8-a111-eed5628155b2",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--19505524-eba9-4389-a278-051643434566",
|
|
"target_ref": "x-misp-object--cdfd5826-0868-4cea-81e7-3a80c9a9c8e1"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--20bdbc30-bc90-4baa-ad3d-d2b8d9e0e4c4",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--8c7228c1-273a-40a9-ab02-7c5e6db55e76",
|
|
"target_ref": "x-misp-object--ff8406f0-04d0-4c53-a9db-570be4189af2"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--458c965a-3e40-47b7-9ba3-9a2fcde0ae2d",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--e824c85f-bca5-4369-ad9d-a1805bfb347e",
|
|
"target_ref": "x-misp-object--3a55b7bd-0af8-49ad-bcd2-213316797c0f"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c15cbecd-4ec1-40f7-b7ae-9c8fc69e63b3",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--1a0d6b30-172d-4360-840a-7c88a597c7da",
|
|
"target_ref": "x-misp-object--893c1da4-0b5e-4e3f-90aa-1a3ba8934bdd"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--1b9b045c-eab0-44cc-acaa-807c67ce8e27",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--54e685d2-efde-462d-9b5d-91e46a602e24",
|
|
"target_ref": "x-misp-object--8cb10bc6-6621-4c81-9706-5a46e96af99d"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--beadd988-ce4b-4d82-8c00-feb56a63ec52",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--2de23e77-a74a-473a-af66-8e6c4641f205",
|
|
"target_ref": "x-misp-object--b3f9b50d-d863-49be-9193-fd9a153cbdbe"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--f8b4b1fb-7b78-470e-9c4a-d258b9ed28b4",
|
|
"created": "2018-04-11T14:54:05.000Z",
|
|
"modified": "2018-04-11T14:54:05.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b4fdc7bd-9e3a-4e74-9f8f-68ac2ed3e3e7",
|
|
"target_ref": "x-misp-object--0099e9c5-b34d-4198-82e9-3a60a3a9c3e4"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--b52794ef-9a6e-4265-8584-f5b0a1f3d925",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--a9949693-96bb-4c93-95a6-e1e52d1ac7f4",
|
|
"target_ref": "x-misp-object--c26ae926-e5ba-4a95-b4e0-3c84e11e5c05"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c2d0a043-70f9-40db-8caa-7dd7395cf000",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--dfb21745-c073-4d36-a458-3e62ccd7cad0",
|
|
"target_ref": "x-misp-object--083729f8-2bb5-455c-b8c1-2868188241fd"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--3274e6fe-9e3e-4293-8c7d-6bdfea3fd30f",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--3e5fe7a0-96a2-46ef-a61d-711ac87e00ac",
|
|
"target_ref": "x-misp-object--4eb2c901-dd7f-4a0a-99e4-03ca9f2d5f52"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--2618eaf8-669d-471c-b825-5a43b3b7aede",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--a37518e3-debb-4ade-b4ae-12858dec51b1",
|
|
"target_ref": "x-misp-object--eac0c6e1-cec8-4926-b444-cefe74fedeba"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--ec15723f-470e-4f3a-b93b-e2d73a9f8813",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ed0d0b60-aea2-4fe9-81c4-e53e51f2c2bb",
|
|
"target_ref": "x-misp-object--1f77679b-1e65-404f-b403-929329a35a52"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--ac2c551b-9288-45a3-b0b0-a2dc6ad33e6f",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--5f13df23-d28b-4187-b4c6-f962b2f8ef50",
|
|
"target_ref": "x-misp-object--b9cb07c2-ef54-46c9-afb2-c797997d80f4"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--615c265a-050f-4f6f-8ced-24d1081c5560",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--d788ae85-ff85-4bf2-9a82-c320e2b3a3df",
|
|
"target_ref": "x-misp-object--8b3e44b9-e78b-4bbc-976d-278f8f6b60da"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--ad88e654-94b1-4f25-be6e-4a3c7c895790",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--01c46b2c-5585-4f00-9e62-41872a575449",
|
|
"target_ref": "x-misp-object--fe71bf2f-a017-4ec3-b42e-0cd2623c68d3"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--1d6ad613-3a80-4406-8226-db695222fb18",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--a51025f7-d4ef-4f51-ad7d-de03abc3366f",
|
|
"target_ref": "x-misp-object--8a4216a6-f1d7-406b-a354-05bd0f85e6e9"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--8a60d2b0-9fe8-4182-b393-6f5b8ec2d60f",
|
|
"created": "2018-04-11T14:54:06.000Z",
|
|
"modified": "2018-04-11T14:54:06.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--c38c5804-df8e-41fa-9b7f-31e3544fe566",
|
|
"target_ref": "x-misp-object--4b0a8942-7f6f-4905-8919-faf340b2eef6"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--2b3fe3f0-8909-49cc-8c9b-bb0adb97983b",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--38b67aab-e80d-4134-8010-151ff4ae082f",
|
|
"target_ref": "x-misp-object--0b7254b0-949e-43a1-ac8c-2965ac1b87bf"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--2c3baa02-452c-4f68-a93e-29bed46929da",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--a7b3ca08-23d1-4d80-b790-156e3b13ffd3",
|
|
"target_ref": "x-misp-object--57815c25-9ff4-4f89-b156-44265ffe0be5"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--cfbecb8e-8d53-4070-b3da-e2fd25807726",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--7300363a-ef3a-42b7-bc3c-1d815b936cbd",
|
|
"target_ref": "x-misp-object--bb04e39c-e560-4fcb-9ddf-59d2319cd87d"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--64f51c64-7122-4a5b-8d4e-a426bcc12b3e",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--da2ba542-2c80-4b59-885d-a5afbef0db51",
|
|
"target_ref": "x-misp-object--2a402b12-d1da-4439-bf12-bc00bc885f3f"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e572659b-29a6-4ba7-8672-7adc5791c6ab",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--8cb6abf5-0f5c-44fb-9629-14b2bcc84f41",
|
|
"target_ref": "x-misp-object--d3ea91b4-6c64-44b3-b437-1105518923c7"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--4abc51b1-9f55-4e6d-bbb6-3f11bfe6c49c",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--0d1e2f73-9439-4cfb-978b-dbe3b4d918e3",
|
|
"target_ref": "x-misp-object--cbbed67a-4d47-4f49-94da-1fef681147a1"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--2723780b-44a4-410a-99dc-3553a77ef8d1",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--d51b2874-5f95-4a5e-bbd9-c5a6614b0445",
|
|
"target_ref": "x-misp-object--5fbe35d8-d4d7-4e49-95d1-88772b043d59"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--cfb4a007-5756-4cfd-a92a-ccdc0cef313c",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--f6776a76-229f-49a7-af38-ac58159887c2",
|
|
"target_ref": "x-misp-object--2fee7173-ec60-4011-8f48-4a75451d9bb6"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--4faf245a-1638-493e-b245-8589cacdfeda",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--98e4250a-3b95-448b-9c41-f42259e241ee",
|
|
"target_ref": "x-misp-object--1a524806-b60c-4d1a-844a-b96792b52515"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--fc2d989c-9d3b-4203-9cb8-be33a3f2fa06",
|
|
"created": "2018-04-11T14:54:07.000Z",
|
|
"modified": "2018-04-11T14:54:07.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--bee48029-445e-439f-a8dc-286e41b7c723",
|
|
"target_ref": "x-misp-object--cc6eba97-a713-4f1f-ae25-2d67407de9e1"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e5e3cbdb-4d17-4345-8768-f5565b12590e",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b14052c8-614a-4fdc-a621-00e499b0bfb6",
|
|
"target_ref": "x-misp-object--01811029-dcab-45f1-8f10-5e0afe8e1dbc"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--a536c5b3-220c-4dfe-8dbc-7e6c5e1c5d6f",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ebef05ee-7e49-4e93-b78e-6b66204c3bc1",
|
|
"target_ref": "x-misp-object--a7312d1a-3bc8-49c2-82ee-93c8c891e905"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--0a76d691-7a50-4461-889c-b02dd6579889",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--d4903005-b4ba-4612-a302-b8f440d0cae2",
|
|
"target_ref": "x-misp-object--6d0d2417-94d9-49e1-84b5-61f6742e5c80"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--05baa671-7131-4be6-b154-456857aa111d",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--c97555de-fce4-49b8-a245-485465edbbdf",
|
|
"target_ref": "x-misp-object--b445bded-0b5d-46d7-aa14-6f3fa4db52bf"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--72434925-8a51-4796-9922-eab8d141636d",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--03888f87-e431-4ab7-b5b6-d4155dad9716",
|
|
"target_ref": "x-misp-object--88133967-798f-4161-9dcb-95d458be530c"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--fe17d835-8903-4ca4-9b44-25c31cb9eacb",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6c91ea71-1f01-42d9-a956-ba1a299be4c2",
|
|
"target_ref": "x-misp-object--d9499e1b-4086-467a-9ce8-93492a379bd3"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--db18ea6e-b7bd-4564-89ed-0346b8fffe31",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--4716d1d3-14f5-4ed0-ac6f-e3a13b400464",
|
|
"target_ref": "x-misp-object--362ca7c9-4be6-4252-b96c-3542a75ead4c"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--88451326-3e8e-4ebb-bd58-c16890cc6f8f",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--0ff124a2-4515-4f8f-954d-c39d1931093f",
|
|
"target_ref": "x-misp-object--fe05211f-0e4e-409c-b996-f62d185247fa"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c3fad106-224f-4577-8d71-edf5fc9f21a8",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ab96f97c-11b9-4614-84e6-3106a0c4a792",
|
|
"target_ref": "x-misp-object--bc6587cf-35aa-408c-9a88-e34b5c94e1d6"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--89770004-7842-4668-a677-18544193005b",
|
|
"created": "2018-04-11T14:54:08.000Z",
|
|
"modified": "2018-04-11T14:54:08.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--daea0da5-5674-4d9a-99b9-a6dd5e69361a",
|
|
"target_ref": "x-misp-object--cd8ee169-6a3c-4d0c-b7d5-2bd070398734"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--fcf00a09-0f42-44e1-a552-0d1f94d350f7",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--1cff9c3a-d6e2-4cac-b1b8-161ff93dd2e6",
|
|
"target_ref": "x-misp-object--11b77879-a359-4744-a0d1-fddc267ca6b1"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--6361cd29-1be8-4d56-8284-f6bd1d4c4984",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--317c60b6-8524-4b43-ab79-1f366915c2e7",
|
|
"target_ref": "x-misp-object--02460375-4dcb-47c7-9c8c-3b131201385b"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--bb354d38-061e-4ea7-a79f-68680dcff454",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--5642efac-135e-4519-b97c-0f980d195cf8",
|
|
"target_ref": "x-misp-object--a352aa3f-8855-40e0-a7b4-c593f679812d"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--1f2b1dc1-a55e-473d-81aa-88f7f4a7d421",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--57ebbd65-ce89-4eef-8998-312be2bcb349",
|
|
"target_ref": "x-misp-object--33123089-008e-45a5-92e8-96addd26dd71"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--68a4b700-2246-4a2b-9d3a-6bab5cef4082",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--53affc4d-60a8-4c6d-9405-1c21638010d7",
|
|
"target_ref": "x-misp-object--7f42d82a-5805-411b-803f-bbca82cd3c56"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--181c077b-486c-4ddd-8906-43aaeb2e22ac",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--cc4e3e77-cf17-4278-912f-71bf1eec703d",
|
|
"target_ref": "x-misp-object--0b592a97-493a-4d25-934a-72abd4a11e8b"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--4052b4ae-0dd1-406f-8214-a483223f3b49",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--6e59fe57-f683-49fe-98c2-d2392248d076",
|
|
"target_ref": "x-misp-object--00284e3a-3d9f-4738-8d39-be39d6c7cfe3"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--2c4850dc-0f25-41d9-9d77-170bbc7f914a",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--05722d72-0046-46b9-8b0c-6e179dfa6edc",
|
|
"target_ref": "x-misp-object--34798e8d-f8f5-4862-9d49-9686048cbd25"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--6008e8b4-b6bd-4cfe-af0b-fff03946ac7a",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--1a2a899d-365d-4f83-90c4-f281e025fbfd",
|
|
"target_ref": "x-misp-object--4ccad6b1-b442-4943-a1bb-632367243e3a"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--ecd94894-0e3d-4b24-8c11-e1ed9d426f4a",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--02025dde-85dd-472c-9488-ac230d1088c2",
|
|
"target_ref": "x-misp-object--6c418d1a-3c22-40b3-b3d3-bce332bfdfb7"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--5312d303-b399-449f-9ab5-bec6086122a3",
|
|
"created": "2018-04-11T14:54:09.000Z",
|
|
"modified": "2018-04-11T14:54:09.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--4f831bd7-482b-480d-be4c-d77ea1295e06",
|
|
"target_ref": "x-misp-object--5a6facbc-62b0-424a-8e54-15005ffecb38"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c78ac336-7cf5-4b84-98c8-0001731c5142",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--a71784ec-09bd-456f-bce5-802fcc90eaaf",
|
|
"target_ref": "x-misp-object--31d88e38-4b3d-4d9f-9b12-97aefb81c305"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--91ba9299-9055-44b6-853c-6badc17f7052",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--1a1a63ec-d0d6-4c5d-bc59-a9d412f974ad",
|
|
"target_ref": "x-misp-object--f0574f28-a59b-4e7c-ad4c-a5ba3abe37e6"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--201c5ddd-218a-49eb-b6f7-ee0f27fd10d5",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--b91b3267-943b-4cc4-98dd-7af83efcd364",
|
|
"target_ref": "x-misp-object--a83e5ba7-27a2-430a-a85d-cc35b63edb7a"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--c1cc3082-96b5-433f-b2c0-12ea1b019360",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--ae1251c0-4384-489a-9722-e6d0b463a9ee",
|
|
"target_ref": "x-misp-object--90e00ed6-1a34-4d05-8c46-6321ab2254c0"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--e94772e7-7f69-4e00-8c47-3eb62869046d",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--79bfebb0-0515-4253-b628-8d0247f1f64d",
|
|
"target_ref": "x-misp-object--ba146153-fb1e-4862-8fb2-de42c7bbb407"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--1b18cdd9-745c-4599-9eb8-f8e99b5cbeb4",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--2e74e9bf-2116-499a-8664-85a8190ccc01",
|
|
"target_ref": "x-misp-object--c751b343-f407-41bf-abae-34482ededd19"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--5108b0ab-ec84-4fdf-b76d-43a138491627",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--2e231b46-7588-4a55-bca9-121895c6998d",
|
|
"target_ref": "x-misp-object--605c6785-5aa7-4507-a1e8-263319975111"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--a052141e-f28c-469d-ac74-87bcdf2196e1",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--c35fd8ca-1584-477b-aa6c-79ec4094bf8d",
|
|
"target_ref": "x-misp-object--9af3e13e-1a66-4d0f-b609-fb329f31ef50"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--eca32deb-8f7b-4e8a-adf3-4b8014922551",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--5ba0cf41-2b85-4acf-99db-059e0e799f94",
|
|
"target_ref": "x-misp-object--beb61c2e-cc01-4cf3-aa10-bac84dd682e5"
|
|
},
|
|
{
|
|
"type": "relationship",
|
|
"spec_version": "2.1",
|
|
"id": "relationship--f1eeaefc-3785-4d03-acf0-0789336d96a3",
|
|
"created": "2018-04-11T14:54:10.000Z",
|
|
"modified": "2018-04-11T14:54:10.000Z",
|
|
"relationship_type": "analysed-with",
|
|
"source_ref": "indicator--989183ae-e288-435c-96ed-b4177a99a8af",
|
|
"target_ref": "x-misp-object--d80d7f6e-5f4d-4350-9780-597d916c5861"
|
|
},
|
|
{
|
|
"type": "marking-definition",
|
|
"spec_version": "2.1",
|
|
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
|
"created": "2017-01-20T00:00:00.000Z",
|
|
"definition_type": "tlp",
|
|
"name": "TLP:WHITE",
|
|
"definition": {
|
|
"tlp": "white"
|
|
}
|
|
}
|
|
]
|
|
} |