misp-circl-feed/feeds/circl/stix-2.1/57b5a6a6-334c-4a50-9e23-45b0950d210f.json

{
    "type": "bundle",
    "id": "bundle--57b5a6a6-334c-4a50-9e23-45b0950d210f",
    "objects": [
        {
            "type": "identity",
            "spec_version": "2.1",
            "id": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:19:56.000Z",
            "modified": "2016-08-18T12:19:56.000Z",
            "name": "CthulhuSPRL.be",
            "identity_class": "organization"
        },
        {
            "type": "report",
            "spec_version": "2.1",
            "id": "report--57b5a6a6-334c-4a50-9e23-45b0950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:19:56.000Z",
            "modified": "2016-08-18T12:19:56.000Z",
            "name": "OSINT Shark Ransomware: Ransomware as a service",
            "published": "2016-09-09T14:52:15Z",
            "object_refs": [
                "observed-data--57b5a6c1-f550-487b-b784-47c0950d210f",
                "url--57b5a6c1-f550-487b-b784-47c0950d210f",
                "observed-data--57b5a6f2-8328-47c9-8b24-4bcb950d210f",
                "url--57b5a6f2-8328-47c9-8b24-4bcb950d210f",
                "observed-data--57b5a789-27b8-41dd-82f0-4068950d210f",
                "domain-name--57b5a789-27b8-41dd-82f0-4068950d210f",
                "indicator--57b5a789-bde4-4bdf-8b42-4072950d210f",
                "indicator--57b5a789-c50c-41eb-a4d0-4705950d210f",
                "observed-data--57b5a78a-87ec-4202-940f-45bc950d210f",
                "file--57b5a78a-87ec-4202-940f-45bc950d210f",
                "observed-data--57b5a78a-16d4-4125-ba00-49b1950d210f",
                "domain-name--57b5a78a-16d4-4125-ba00-49b1950d210f",
                "indicator--57b5a78a-8b2c-49bc-b0fa-4f23950d210f",
                "indicator--57b5a78a-71b0-4aef-8247-4860950d210f",
                "indicator--57b5a78a-1520-4f41-9dd4-4f64950d210f",
                "indicator--57b5a78b-1df4-45a0-8ef7-4159950d210f",
                "indicator--57b5a78b-9cb4-4318-87f3-4a4c950d210f",
                "indicator--57b5a78b-97c8-4379-ba61-40c4950d210f",
                "indicator--57b5a78b-3758-4df2-a8ea-41ff950d210f",
                "indicator--57b5a78b-39e0-4d08-b4d9-415a950d210f",
                "indicator--57b5a78c-f514-40f1-8f5f-4506950d210f",
                "indicator--57b5a78c-321c-463c-b40f-4461950d210f",
                "indicator--57b5a78c-8d80-4c3e-bd43-4cd3950d210f",
                "indicator--57b5a78c-1504-4b91-bd3f-4307950d210f",
                "indicator--57b5a78c-7468-458f-9034-4be3950d210f",
                "indicator--57b5a78d-fcd0-4305-bec8-4119950d210f",
                "indicator--57b5a78d-c078-4681-b27d-45e4950d210f",
                "indicator--57b5a78d-f1a4-46f6-8ca0-49ad950d210f",
                "indicator--57b5a78d-d8a0-4f2d-ba3e-455e950d210f",
                "indicator--57b5a78d-0138-405e-a28a-491d950d210f",
                "indicator--57b5a78d-25f8-4f7d-a717-4af7950d210f",
                "indicator--57b5a78e-572c-408c-afe0-400e950d210f",
                "indicator--57b5a78e-3d74-4e43-be6f-4526950d210f",
                "indicator--57b5a78e-562c-41b6-89e4-41f6950d210f",
                "indicator--57b5a78e-a34c-47e1-b74e-453a950d210f",
                "indicator--57b5a78e-0498-49f3-b6d2-4d60950d210f",
                "indicator--57b5a78e-30a8-4186-a2fe-4f82950d210f",
                "indicator--57b5a78f-6918-4b45-97bf-4337950d210f",
                "indicator--57b5a78f-0098-4e0a-9a0f-4e66950d210f",
                "indicator--57b5a78f-5390-4494-b598-461a950d210f",
                "indicator--57b5a78f-4530-4b3f-ae2a-4e0b950d210f",
                "indicator--57b5a78f-006c-4e5c-a737-4435950d210f",
                "indicator--57b5a790-5248-4acc-9191-4dce950d210f",
                "indicator--57b5a790-0070-41e3-96da-452d950d210f",
                "indicator--57b5a790-19a0-4370-be4f-4fc1950d210f",
                "indicator--57b5a790-6488-404c-a264-4648950d210f",
                "indicator--57b5a790-1650-4f11-bb68-4b5e950d210f",
                "indicator--57b5a791-b72c-4477-9484-4ee4950d210f",
                "indicator--57b5a791-9260-4275-9427-45fc950d210f",
                "indicator--57b5a791-4318-4009-aa18-4358950d210f",
                "indicator--57b5a791-d94c-4adf-8f3c-42f9950d210f",
                "indicator--57b5a791-f6c0-4141-9381-4bce950d210f",
                "indicator--57b5a792-0e30-44f8-8e2e-4029950d210f",
                "indicator--57b5a792-9ec8-4d93-a9ed-41c4950d210f",
                "indicator--57b5a792-27a8-4ca7-8b1d-4d1b950d210f",
                "observed-data--57b5a792-e858-44d7-906f-4363950d210f",
                "domain-name--57b5a792-e858-44d7-906f-4363950d210f",
                "observed-data--57b5a792-b3f8-4b79-945f-40a9950d210f",
                "domain-name--57b5a792-b3f8-4b79-945f-40a9950d210f",
                "indicator--57b5a884-7fd0-451b-8255-4d5f950d210f",
                "indicator--57b5a887-a9a8-4409-aea6-440d950d210f",
                "indicator--57b5a88b-59a8-4ce9-bf1a-4959950d210f",
                "indicator--57b5a88e-cb28-479a-bf30-48a4950d210f",
                "indicator--57b5a891-aa00-4c0f-bc91-41cf950d210f",
                "indicator--57b5a885-55a4-48fd-bd72-42d4950d210f",
                "indicator--57b5a888-bde8-49a5-856c-4ff5950d210f",
                "indicator--57b5a88c-6198-4fc0-b518-4707950d210f",
                "indicator--57b5a88f-9c2c-445e-8f74-4ba7950d210f",
                "indicator--57b5a892-4998-43fa-a7c9-4952950d210f"
            ],
            "labels": [
                "Threat-Report",
                "misp:tool=\"MISP-STIX-Converter\"",
                "OSINT"
            ],
            "object_marking_refs": [
                "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--57b5a6c1-f550-487b-b784-47c0950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:14:57.000Z",
            "modified": "2016-08-18T12:14:57.000Z",
            "first_observed": "2016-08-18T12:14:57Z",
            "last_observed": "2016-08-18T12:14:57Z",
            "number_observed": 1,
            "object_refs": [
                "url--57b5a6c1-f550-487b-b784-47c0950d210f"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--57b5a6c1-f550-487b-b784-47c0950d210f",
            "value": "https://www.hybrid-analysis.com/sample/08c52b0d9affb15083653c7b9e69468cbb35806e0a82b72ca592d62362f42623?environmentId=100"
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--57b5a6f2-8328-47c9-8b24-4bcb950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:15:46.000Z",
            "modified": "2016-08-18T12:15:46.000Z",
            "first_observed": "2016-08-18T12:15:46Z",
            "last_observed": "2016-08-18T12:15:46Z",
            "number_observed": 1,
            "object_refs": [
                "url--57b5a6f2-8328-47c9-8b24-4bcb950d210f"
            ],
            "labels": [
                "misp:type=\"link\"",
                "misp:category=\"External analysis\""
            ]
        },
        {
            "type": "url",
            "spec_version": "2.1",
            "id": "url--57b5a6f2-8328-47c9-8b24-4bcb950d210f",
            "value": "https://otx.alienvault.com/pulse/57b2f34f89ca9f013545f722/"
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--57b5a789-27b8-41dd-82f0-4068950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:19:48.000Z",
            "modified": "2016-08-18T12:19:48.000Z",
            "first_observed": "2016-08-18T12:19:48Z",
            "last_observed": "2016-08-18T12:19:48Z",
            "number_observed": 1,
            "object_refs": [
                "domain-name--57b5a789-27b8-41dd-82f0-4068950d210f"
            ],
            "labels": [
                "misp:type=\"domain\"",
                "misp:category=\"Network activity\""
            ]
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--57b5a789-27b8-41dd-82f0-4068950d210f",
            "value": "system.io"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a789-bde4-4bdf-8b42-4072950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:17.000Z",
            "modified": "2016-08-18T12:18:17.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[domain-name:value = '1729studios.com']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:17Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Network activity"
                }
            ],
            "labels": [
                "misp:type=\"domain\"",
                "misp:category=\"Network activity\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a789-c50c-41eb-a4d0-4705950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:17.000Z",
            "modified": "2016-08-18T12:18:17.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:name = 'shark.properties']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:17Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"filename\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--57b5a78a-87ec-4202-940f-45bc950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:38.000Z",
            "modified": "2016-08-18T12:18:38.000Z",
            "first_observed": "2016-08-18T12:18:38Z",
            "last_observed": "2016-08-18T12:18:38Z",
            "number_observed": 1,
            "object_refs": [
                "file--57b5a78a-87ec-4202-940f-45bc950d210f"
            ],
            "labels": [
                "misp:type=\"filename\"",
                "misp:category=\"Payload delivery\""
            ]
        },
        {
            "type": "file",
            "spec_version": "2.1",
            "id": "file--57b5a78a-87ec-4202-940f-45bc950d210f",
            "name": "myapplication.app"
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--57b5a78a-16d4-4125-ba00-49b1950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:19:56.000Z",
            "modified": "2016-08-18T12:19:56.000Z",
            "first_observed": "2016-08-18T12:19:56Z",
            "last_observed": "2016-08-18T12:19:56Z",
            "number_observed": 1,
            "object_refs": [
                "domain-name--57b5a78a-16d4-4125-ba00-49b1950d210f"
            ],
            "labels": [
                "misp:type=\"domain\"",
                "misp:category=\"Network activity\""
            ]
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--57b5a78a-16d4-4125-ba00-49b1950d210f",
            "value": "system.net"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78a-8b2c-49bc-b0fa-4f23950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:18.000Z",
            "modified": "2016-08-18T12:18:18.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '72269ea7cc6281139e4d155e7c57dc67']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:18Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78a-71b0-4aef-8247-4860950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:18.000Z",
            "modified": "2016-08-18T12:18:18.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = 'f34d5f2d4577ed6d9ceec516c1f5a744']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:18Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78a-1520-4f41-9dd4-4f64950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:18.000Z",
            "modified": "2016-08-18T12:18:18.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = 'dec07b3163dfca1d155ae21254c663f6']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:18Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78b-1df4-45a0-8ef7-4159950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:19.000Z",
            "modified": "2016-08-18T12:18:19.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = 'cf12f2c0e54cd8ba93511fba008380a6']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:19Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78b-9cb4-4318-87f3-4a4c950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:19.000Z",
            "modified": "2016-08-18T12:18:19.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '74d992a686d753eebecd22de7b5c0dea']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:19Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78b-97c8-4379-ba61-40c4950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:19.000Z",
            "modified": "2016-08-18T12:18:19.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '72de10b7f7cd75217e4c4ec7a79ca44f']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:19Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78b-3758-4df2-a8ea-41ff950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:19.000Z",
            "modified": "2016-08-18T12:18:19.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '0a7670cfd2c824366ad67400c5e74636']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:19Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78b-39e0-4d08-b4d9-415a950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:19.000Z",
            "modified": "2016-08-18T12:18:19.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '49edace716a872ec654af76a7c46fbff']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:19Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78c-f514-40f1-8f5f-4506950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:20.000Z",
            "modified": "2016-08-18T12:18:20.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '51e2934144ba15628ba5a31be2dae7dc']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:20Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78c-321c-463c-b40f-4461950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:20.000Z",
            "modified": "2016-08-18T12:18:20.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '347bb967065efeccdc0c16311b88f379']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:20Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78c-8d80-4c3e-bd43-4cd3950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:20.000Z",
            "modified": "2016-08-18T12:18:20.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = 'e40da7a49f8c3f0108e7c835b342f382']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:20Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78c-1504-4b91-bd3f-4307950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:20.000Z",
            "modified": "2016-08-18T12:18:20.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = 'b9f7adbc90a2bcbe8eb9e6e8d2bb975b']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:20Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78c-7468-458f-9034-4be3950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:20.000Z",
            "modified": "2016-08-18T12:18:20.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '39262c4acb361ecd06d812d2e8bea628']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:20Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78d-fcd0-4305-bec8-4119950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:21.000Z",
            "modified": "2016-08-18T12:18:21.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '9c354f5c9f53fbf2a57c8dc695f89ffe']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:21Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78d-c078-4681-b27d-45e4950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:21.000Z",
            "modified": "2016-08-18T12:18:21.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '070399bfc77f0ff0da23c2d8699c0095']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:21Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78d-f1a4-46f6-8ca0-49ad950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:21.000Z",
            "modified": "2016-08-18T12:18:21.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '4309269ad51911d65b6ad62ba61218a9']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:21Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78d-d8a0-4f2d-ba3e-455e950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:21.000Z",
            "modified": "2016-08-18T12:18:21.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '625557075843d93b867802c222d63da2']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:21Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78d-0138-405e-a28a-491d950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:21.000Z",
            "modified": "2016-08-18T12:18:21.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '4dbe1d1edf767ef5dd3069508f2d1a91']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:21Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78d-25f8-4f7d-a717-4af7950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:21.000Z",
            "modified": "2016-08-18T12:18:21.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.MD5 = '22ae167d586450ad3a9b9a9ee43ebc86']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:21Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78e-572c-408c-afe0-400e950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:22.000Z",
            "modified": "2016-08-18T12:18:22.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = 'f9ac686ff83b3df8eeeefb9caf7745ccc37bdbd0']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:22Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78e-3d74-4e43-be6f-4526950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:22.000Z",
            "modified": "2016-08-18T12:18:22.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = '7d7f4414ccef168adf6bf40753b5becd78375931']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:22Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78e-562c-41b6-89e4-41f6950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:22.000Z",
            "modified": "2016-08-18T12:18:22.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = 'b347ae931ad8370c71af18484c55216e99d4bf94']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:22Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78e-a34c-47e1-b74e-453a950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:22.000Z",
            "modified": "2016-08-18T12:18:22.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = '64869ac67f01de6c8fa86928f293ae17e5f939bf']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:22Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78e-0498-49f3-b6d2-4d60950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:22.000Z",
            "modified": "2016-08-18T12:18:22.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = '637162cc59a3a1e25956fa5fa8f60d2e1c52eac6']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:22Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78e-30a8-4186-a2fe-4f82950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:22.000Z",
            "modified": "2016-08-18T12:18:22.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = '8ad5c9987e6f190bd6f5416e2de44ccd641d8cda']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:22Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78f-6918-4b45-97bf-4337950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:23.000Z",
            "modified": "2016-08-18T12:18:23.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = '0b0a9534cef684c93c2fc591e55ceaf831e2275d']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:23Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78f-0098-4e0a-9a0f-4e66950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:23.000Z",
            "modified": "2016-08-18T12:18:23.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = 'dd5783bcf1e9002bc00ad5b83a95ed6e4ebb4ad5']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:23Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78f-5390-4494-b598-461a950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:23.000Z",
            "modified": "2016-08-18T12:18:23.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = '109f1caed645bb78b3ea2b94c0697c740733031c']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:23Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78f-4530-4b3f-ae2a-4e0b950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:23.000Z",
            "modified": "2016-08-18T12:18:23.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = 'a377d1b1c0538833035211f4083d00fecc414dab']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:23Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a78f-006c-4e5c-a737-4435950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:23.000Z",
            "modified": "2016-08-18T12:18:23.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = '706b3f9d9e678fd4846cae1fd4c0ea037b560e30']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:23Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a790-5248-4acc-9191-4dce950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:24.000Z",
            "modified": "2016-08-18T12:18:24.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA1 = 'fee449ee0e3965a5246f000e87fde2a065fd89d4']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:24Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a790-0070-41e3-96da-452d950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:24.000Z",
            "modified": "2016-08-18T12:18:24.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = '35104f21cc385fd8f07e162d05bad1aa1d940d1fb08b796993e811639d65b69a']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:24Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a790-19a0-4370-be4f-4fc1950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:24.000Z",
            "modified": "2016-08-18T12:18:24.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = 'b3e5ec26cf605a36756438776508c3a076e90dc3f8d7ebc3c83d33c62c7c153b']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:24Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a790-6488-404c-a264-4648950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:24.000Z",
            "modified": "2016-08-18T12:18:24.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = '7a3d78d44c4c43d9d839da67f101390be3c4cb675dfc633b9ca85b647883cf88']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:24Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a790-1650-4f11-bb68-4b5e950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:24.000Z",
            "modified": "2016-08-18T12:18:24.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = 'cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:24Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a791-b72c-4477-9484-4ee4950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:25.000Z",
            "modified": "2016-08-18T12:18:25.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = 'c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:25Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a791-9260-4275-9427-45fc950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:25.000Z",
            "modified": "2016-08-18T12:18:25.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = '7410386118f1dd7aed244dcd392664e7f2b00ea4bca8aa3052474970fe6c8395']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:25Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a791-4318-4009-aa18-4358950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:25.000Z",
            "modified": "2016-08-18T12:18:25.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = '5568728ca42a1d8462f60daf7108a55d81b46b58277656425a81a6663644e11e']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:25Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a791-d94c-4adf-8f3c-42f9950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:25.000Z",
            "modified": "2016-08-18T12:18:25.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = '8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:25Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a791-f6c0-4141-9381-4bce950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:25.000Z",
            "modified": "2016-08-18T12:18:25.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = '08c52b0d9affb15083653c7b9e69468cbb35806e0a82b72ca592d62362f42623']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:25Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a792-0e30-44f8-8e2e-4029950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:26.000Z",
            "modified": "2016-08-18T12:18:26.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = 'a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:26Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a792-9ec8-4d93-a9ed-41c4950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:26.000Z",
            "modified": "2016-08-18T12:18:26.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = '5a77195969ded56df2c9a62c8c0345a4de336a58c517059f2edfd939d8ca34c4']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:26Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a792-27a8-4ca7-8b1d-4d1b950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:26.000Z",
            "modified": "2016-08-18T12:18:26.000Z",
            "description": "Imported via the Freetext Import Tool",
            "pattern": "[file:hashes.SHA256 = 'dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:18:26Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha256\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--57b5a792-e858-44d7-906f-4363950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:26.000Z",
            "modified": "2016-08-18T12:18:26.000Z",
            "first_observed": "2016-08-18T12:18:26Z",
            "last_observed": "2016-08-18T12:18:26Z",
            "number_observed": 1,
            "object_refs": [
                "domain-name--57b5a792-e858-44d7-906f-4363950d210f"
            ],
            "labels": [
                "misp:type=\"hostname\"",
                "misp:category=\"Network activity\""
            ]
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--57b5a792-e858-44d7-906f-4363950d210f",
            "value": "www.ip-api.com"
        },
        {
            "type": "observed-data",
            "spec_version": "2.1",
            "id": "observed-data--57b5a792-b3f8-4b79-945f-40a9950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:18:26.000Z",
            "modified": "2016-08-18T12:18:26.000Z",
            "first_observed": "2016-08-18T12:18:26Z",
            "last_observed": "2016-08-18T12:18:26Z",
            "number_observed": 1,
            "object_refs": [
                "domain-name--57b5a792-b3f8-4b79-945f-40a9950d210f"
            ],
            "labels": [
                "misp:type=\"hostname\"",
                "misp:category=\"Network activity\""
            ]
        },
        {
            "type": "domain-name",
            "spec_version": "2.1",
            "id": "domain-name--57b5a792-b3f8-4b79-945f-40a9950d210f",
            "value": "outgoing.ip-api.com"
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a884-7fd0-451b-8255-4d5f950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:28.000Z",
            "modified": "2016-08-18T12:22:28.000Z",
            "description": "Automatically added (via cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da)",
            "pattern": "[file:hashes.MD5 = '3376a873bb4d0e8394eb02467069d170']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:28Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a887-a9a8-4409-aea6-440d950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:31.000Z",
            "modified": "2016-08-18T12:22:31.000Z",
            "description": "Automatically added (via c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51)",
            "pattern": "[file:hashes.MD5 = '6534f7c9e450bd7c700e8eea2b8fdc80']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:31Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a88b-59a8-4ce9-bf1a-4959950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:35.000Z",
            "modified": "2016-08-18T12:22:35.000Z",
            "description": "Automatically added (via 8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332)",
            "pattern": "[file:hashes.MD5 = 'e9b5cf97da4147122eda58acfd364dc4']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:35Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a88e-cb28-479a-bf30-48a4950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:38.000Z",
            "modified": "2016-08-18T12:22:38.000Z",
            "description": "Automatically added (via a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c)",
            "pattern": "[file:hashes.MD5 = 'ec43971547c0c3fee00fe095008a053c']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:38Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a891-aa00-4c0f-bc91-41cf950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:41.000Z",
            "modified": "2016-08-18T12:22:41.000Z",
            "description": "Automatically added (via dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763)",
            "pattern": "[file:hashes.MD5 = 'ff76d48375d9f9b21579826a13d9c9b6']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:41Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"md5\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a885-55a4-48fd-bd72-42d4950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:29.000Z",
            "modified": "2016-08-18T12:22:29.000Z",
            "description": "Automatically added (via cd7b9e76ee30e48e2607e2cb6264c9e059cce211e8127077b4ee111140f838da)",
            "pattern": "[file:hashes.SHA1 = '5466c1dfc0a4f738aecfc45a3465f9219736368d']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:29Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a888-bde8-49a5-856c-4ff5950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:32.000Z",
            "modified": "2016-08-18T12:22:32.000Z",
            "description": "Automatically added (via c4899d923f0ff4120d50a15d8cd34a17836359cc643b152617672bcdd14d5f51)",
            "pattern": "[file:hashes.SHA1 = '14eaf11792bec41b9268531010ff252a5534eb5e']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:32Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a88c-6198-4fc0-b518-4707950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:36.000Z",
            "modified": "2016-08-18T12:22:36.000Z",
            "description": "Automatically added (via 8813eafe23c85cc65902939b0c9caf891fc5d3917d0b8364ecf88d8214942332)",
            "pattern": "[file:hashes.SHA1 = '6e0a051f8ce858839d3d190c5f5d2ab462a5c73f']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:36Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a88f-9c2c-445e-8f74-4ba7950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:39.000Z",
            "modified": "2016-08-18T12:22:39.000Z",
            "description": "Automatically added (via a4a97e8d1edf9fba4d15dca44f0b3908f4c804ab1a452521e4b53ce2ee80316c)",
            "pattern": "[file:hashes.SHA1 = 'fdf05f8fadefdad3b83fcc735f4eeb3b5d178d7b']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:39Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "indicator",
            "spec_version": "2.1",
            "id": "indicator--57b5a892-4998-43fa-a7c9-4952950d210f",
            "created_by_ref": "identity--55f6ea5f-fd34-43b8-ac1d-40cb950d210f",
            "created": "2016-08-18T12:22:42.000Z",
            "modified": "2016-08-18T12:22:42.000Z",
            "description": "Automatically added (via dda9d9c50b0650a39f82deba66c599003ac57b126f557c9d1d2fbef0004e5763)",
            "pattern": "[file:hashes.SHA1 = '0446223b9d678f7576a4a4d17992d4e6509251dc']",
            "pattern_type": "stix",
            "pattern_version": "2.1",
            "valid_from": "2016-08-18T12:22:42Z",
            "kill_chain_phases": [
                {
                    "kill_chain_name": "misp-category",
                    "phase_name": "Payload delivery"
                }
            ],
            "labels": [
                "misp:type=\"sha1\"",
                "misp:category=\"Payload delivery\"",
                "misp:to_ids=\"True\""
            ]
        },
        {
            "type": "marking-definition",
            "spec_version": "2.1",
            "id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
            "created": "2017-01-20T00:00:00.000Z",
            "definition_type": "tlp",
            "name": "TLP:WHITE",
            "definition": {
                "tlp": "white"
            }
        }
    ]
}