adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/5943a31f-8a90-4206-b02e-4b5b950d210f.json

2682 lines
No EOL
106 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--5943a31f-8a90-4206-b02e-4b5b950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T12:38:39.000Z",
"modified": "2017-06-16T12:38:39.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "report",
"spec_version": "2.1",
"id": "report--5943a31f-8a90-4206-b02e-4b5b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T12:38:39.000Z",
"modified": "2017-06-16T12:38:39.000Z",
"name": "M2M - #LokiBot goes with SWIFT theme",
"published": "2017-06-16T12:39:25Z",
"object_refs": [
"indicator--5943a320-b708-4bea-b973-4aee950d210f",
"indicator--5943a320-bdc8-4aa9-921c-4e57950d210f",
"indicator--5943a321-14d0-4114-96da-43e8950d210f",
"observed-data--5943a322-3930-4aa8-9e32-4cde950d210f",
"network-traffic--5943a322-3930-4aa8-9e32-4cde950d210f",
"ipv4-addr--5943a322-3930-4aa8-9e32-4cde950d210f",
"indicator--5943a322-cce4-4b30-bbda-4dcc950d210f",
"indicator--5943a323-9274-42d6-9c64-4009950d210f",
"indicator--5943a323-e660-43fb-b877-4bba950d210f",
"indicator--5943a324-2b54-4e4d-b7b0-4a42950d210f",
"indicator--5943a325-4144-43aa-a04d-456c950d210f",
"indicator--5943a326-8b3c-443d-86a6-4ae7950d210f",
"indicator--5943a326-5e20-48bb-bda5-488a950d210f",
"indicator--5943a327-a878-47f8-a0e9-4161950d210f",
"indicator--5943a328-bd60-4c82-acbd-4e06950d210f",
"indicator--5943a329-81c4-4316-be69-48cc950d210f",
"indicator--5943a32b-6d48-40fe-9a65-4103950d210f",
"indicator--5943a32c-3a64-43b1-97d5-464e950d210f",
"indicator--5943a32d-51ac-4c4f-a227-4c0c950d210f",
"indicator--5943a32e-8db4-465b-9cb1-4c54950d210f",
"indicator--5943a32f-4154-433d-89f1-48de950d210f",
"indicator--5943a32f-9edc-4693-82e6-4347950d210f",
"indicator--5943a330-4c18-4633-a663-46f9950d210f",
"indicator--5943a331-1308-44fb-8e94-4c70950d210f",
"indicator--5943a332-2268-459d-991d-4c0c950d210f",
"indicator--5943a333-fd0c-4f2f-8364-459d950d210f",
"indicator--5943a334-da08-4890-8cb8-4da0950d210f",
"indicator--5943a335-a9d0-4d5a-a57c-4bf0950d210f",
"indicator--5943a336-3824-4724-8b8e-4aec950d210f",
"indicator--5943a337-0cc0-4405-9c52-4962950d210f",
"indicator--5943a338-5000-4b61-bea6-48be950d210f",
"indicator--5943a339-0204-476e-9eac-4ba4950d210f",
"indicator--5943a339-ada4-4080-9fb5-42c4950d210f",
"indicator--5943a33a-10e4-473c-98c7-45db950d210f",
"indicator--5943a33b-9914-4eef-af6c-43ef950d210f",
"indicator--5943a33c-d338-4bbd-8402-41e5950d210f",
"indicator--5943a33e-57c8-4830-a935-4f2f950d210f",
"indicator--5943a33e-c134-483d-94e7-4eb0950d210f",
"indicator--5943a33f-45f4-4393-bbe9-4bf1950d210f",
"indicator--5943a340-da3c-49ce-ae1d-4632950d210f",
"indicator--5943a341-f75c-4109-8e69-4d54950d210f",
"indicator--5943a342-9af8-490d-8aa8-44fb950d210f",
"indicator--5943a343-eafc-4411-8881-44ee950d210f",
"indicator--5943a344-8f40-4281-b31e-46e6950d210f",
"indicator--5943a345-525c-4e26-9bfa-4bd3950d210f",
"indicator--5943a345-9dd0-4e43-b009-4b2f950d210f",
"indicator--5943a346-5120-48f1-82f9-4f98950d210f",
"indicator--5943a347-f560-4a82-830f-4421950d210f",
"indicator--5943a348-ecb4-4042-85d2-45cf950d210f",
"indicator--5943a349-ecb8-4d38-b02f-4c07950d210f",
"indicator--5943a34a-9678-4305-af6b-4e84950d210f",
"indicator--5943a34b-de34-49dd-a3da-43bb950d210f",
"indicator--5943a34c-0eb8-4dac-8eff-49d3950d210f",
"indicator--5943a34c-7890-4203-885c-43c8950d210f",
"indicator--5943a34d-fae8-4296-968c-4ba5950d210f",
"indicator--5943a34e-2738-4e9e-b59a-4527950d210f",
"indicator--5943a34f-5230-4979-8f5b-4390950d210f",
"indicator--5943a350-f91c-411d-9858-4390950d210f",
"indicator--5943a351-96b4-4002-b815-4b57950d210f",
"indicator--5943a351-011c-4f9a-aebc-4f64950d210f",
"indicator--5943a352-1b44-4396-8f4a-4c03950d210f",
"indicator--5943a354-5af0-4568-a713-44a6950d210f",
"indicator--5943a355-f048-4a9b-bc5f-496b950d210f",
"indicator--5943a356-ab28-4867-ad85-486a950d210f",
"indicator--5943a356-d654-4daa-83a0-48a9950d210f",
"indicator--5943a357-9a54-4daa-96bf-41cc950d210f",
"indicator--5943a358-edc0-4fd1-9bec-4505950d210f",
"indicator--5943a359-3f1c-4e93-89aa-4346950d210f",
"indicator--5943a35a-01d0-46b2-ac04-4084950d210f",
"indicator--5943a35a-37d0-4de2-8919-43f5950d210f",
"indicator--5943a35b-3200-4397-bc78-4de2950d210f",
"indicator--5943a35c-e54c-43c9-989a-4f0e950d210f",
"indicator--5943a35d-d7c4-4047-92ca-46d8950d210f",
"indicator--5943a35e-fc70-4484-b624-4833950d210f",
"indicator--5943a35f-dd6c-4d3a-8edc-4faf950d210f",
"indicator--5943a35f-caac-45c2-8360-48cc950d210f",
"indicator--5943a360-2a40-4c2f-845a-4aad950d210f",
"indicator--5943a362-9d54-449b-a849-4a83950d210f",
"indicator--5943a362-00f8-4af2-87e7-45c9950d210f",
"indicator--5943a364-80ec-4047-abbe-47ef950d210f",
"indicator--5943a365-5e20-484b-a633-40ed950d210f",
"indicator--5943a366-a184-4fd2-9e11-4ff3950d210f",
"indicator--5943a368-f8a4-47f1-bbd4-4d4a950d210f",
"indicator--5943a369-73d8-46ce-a2a9-4cb1950d210f",
"indicator--5943a36b-c8fc-4707-8c3b-4539950d210f",
"indicator--5943a36c-c7a8-43cf-966a-432d950d210f",
"indicator--5943a36d-3170-4f3f-8c96-41c9950d210f",
"indicator--5943a36f-da7c-49cd-82b1-4967950d210f",
"indicator--5943a370-ff78-4f9e-9039-47a5950d210f",
"indicator--5943a371-cdb4-46ed-bb00-4ffc950d210f",
"indicator--5943a373-8d4c-40ee-ba2b-4e89950d210f",
"indicator--5943a374-956c-478c-8f7a-4020950d210f",
"indicator--5943a375-fe6c-4c88-b38b-4d7f950d210f",
"indicator--5943a377-0920-431e-b38a-4c9c950d210f",
"indicator--5943a378-d5ac-4548-8dfa-4fe3950d210f",
"indicator--5943a379-1988-41e3-8ed4-4b01950d210f",
"indicator--5943a37a-e7f8-4511-ad9d-4b6d950d210f",
"indicator--5943a37b-b234-42a3-a1d9-4a8c950d210f",
"indicator--5943a37d-fcbc-433a-b10d-484b950d210f",
"indicator--5943a37e-aacc-4d51-8f90-4ffa950d210f",
"indicator--5943a37f-7a78-4c40-80c5-411a950d210f",
"indicator--5943a380-98ac-47b8-b174-4867950d210f",
"indicator--5943a381-b930-4cf1-8e41-4b46950d210f",
"indicator--5943a382-b794-4ab6-a295-4787950d210f",
"indicator--5943a385-180c-4484-a312-4fbf950d210f",
"indicator--5943a386-5034-4883-a653-4ee2950d210f",
"indicator--5943a387-a364-4380-9158-4f24950d210f",
"observed-data--5943a389-095c-4833-803e-498a950d210f",
"url--5943a389-095c-4833-803e-498a950d210f",
"observed-data--5943a389-3504-466a-b7d2-4191950d210f",
"url--5943a389-3504-466a-b7d2-4191950d210f",
"indicator--5943ba6e-e43c-4433-9ae3-067402de0b81",
"observed-data--5943ba6e-1bc8-4382-a637-067402de0b81",
"url--5943ba6e-1bc8-4382-a637-067402de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:tool=\"Flokibot\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a320-b708-4bea-b973-4aee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[file:hashes.MD5 = '2c60a69b14f383043571e0bc41ecd88d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a320-bdc8-4aa9-921c-4e57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[file:hashes.SHA256 = '0871ecc08d27b5d1047c8162669db786a89e62ed12b6174f7a1ebe7716262f42']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a321-14d0-4114-96da-43e8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'acasiaenterprisellc.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5943a322-3930-4aa8-9e32-4cde950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"first_observed": "2017-06-16T11:00:14Z",
"last_observed": "2017-06-16T11:00:14Z",
"number_observed": 1,
"object_refs": [
"network-traffic--5943a322-3930-4aa8-9e32-4cde950d210f",
"ipv4-addr--5943a322-3930-4aa8-9e32-4cde950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--5943a322-3930-4aa8-9e32-4cde950d210f",
"dst_ref": "ipv4-addr--5943a322-3930-4aa8-9e32-4cde950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--5943a322-3930-4aa8-9e32-4cde950d210f",
"value": "89.223.28.124"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a322-cce4-4b30-bbda-4dcc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'acpaeqypt.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a323-9274-42d6-9c64-4009950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'alam-maritlm.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a323-e660-43fb-b877-4bba950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'alimen.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a324-2b54-4e4d-b7b0-4a42950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'almerlmarpuerto.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a325-4144-43aa-a04d-456c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'apaksahasp.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a326-8b3c-443d-86a6-4ae7950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'appollobafh.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a326-5e20-48bb-bda5-488a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'avsmanager.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a327-a878-47f8-a0e9-4161950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'bugattijedo.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a328-bd60-4c82-acbd-4e06950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'carderforum.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a329-81c4-4316-be69-48cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'cerber-rp.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a32b-6d48-40fe-9a65-4103950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'chester.agenteinformaticos.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a32c-3a64-43b1-97d5-464e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'coatexindusties.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a32d-51ac-4c4f-a227-4c0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'dellafoglia-it.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a32e-8db4-465b-9cb1-4c54950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'di-san-tr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a32f-4154-433d-89f1-48de950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'dragonballz.com.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a32f-9edc-4693-82e6-4347950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'eglsm.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a330-4c18-4633-a663-46f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'encryptedconnection.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a331-1308-44fb-8e94-4c70950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'evrixbody.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a332-2268-459d-991d-4c0c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'farawayer.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a333-fd0c-4f2f-8364-459d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'fyzeeconnect.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a334-da08-4890-8cb8-4da0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'galladentals.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a335-a9d0-4d5a-a57c-4bf0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'game349forum.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a336-3824-4724-8b8e-4aec950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'gamneit.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a337-0cc0-4405-9c52-4962950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'gavionewab.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a338-5000-4b61-bea6-48be950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'generalpw.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a339-0204-476e-9eac-4ba4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'gfcdo.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a339-ada4-4080-9fb5-42c4950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'gongotraa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a33a-10e4-473c-98c7-45db950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'googledocs.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a33b-9914-4eef-af6c-43ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'gruping.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a33c-d338-4bbd-8402-41e5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'jbbrother.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a33e-57c8-4830-a935-4f2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'jonnychangginc.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a33e-c134-483d-94e7-4eb0950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'jyhugtfhfgt56565jdfhfhgfh.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a33f-45f4-4393-bbe9-4bf1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'leadskit.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a340-da3c-49ce-ae1d-4632950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'medumsout.cf']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a341-f75c-4109-8e69-4d54950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'mht6k2dkuf.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a342-9af8-490d-8aa8-44fb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'montenig.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a343-eafc-4411-8881-44ee950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'myopps.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a344-8f40-4281-b31e-46e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'natonlineaccess.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a345-525c-4e26-9bfa-4bd3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'newawechemical.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a345-9dd0-4e43-b009-4b2f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'no1carpart.co.uk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a346-5120-48f1-82f9-4f98950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'olujan.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a347-f560-4a82-830f-4421950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'opentop.ml']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a348-ecb4-4042-85d2-45cf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'openttn.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a349-ecb8-4d38-b02f-4c07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'osmn-no.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a34a-9678-4305-af6b-4e84950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'papergang.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a34b-de34-49dd-a3da-43bb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'pishqam-ied.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a34c-0eb8-4dac-8eff-49d3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'powerbal.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a34c-7890-4203-885c-43c8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'privateaccess.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a34d-fae8-4296-968c-4ba5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'qazxswedc.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a34e-2738-4e9e-b59a-4527950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'servkillfeel.info']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a34f-5230-4979-8f5b-4390950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'spymenowornever.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a350-f91c-411d-9858-4390950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'street-credibility.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a351-96b4-4002-b815-4b57950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'street-esteem.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a351-011c-4f9a-aebc-4f64950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'street-takeover.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a352-1b44-4396-8f4a-4c03950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'street-up.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a354-5af0-4568-a713-44a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'street-wise.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a355-f048-4a9b-bc5f-496b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'succchfamily.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a356-ab28-4867-ad85-486a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'swzgvvpnj54atkfbp6in.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a356-d654-4daa-83a0-48a9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'tee-gr.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a357-9a54-4daa-96bf-41cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'tianythread.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a358-edc0-4fd1-9bec-4505950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'tokimecltd.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a359-3f1c-4e93-89aa-4346950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'ttmaiil.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a35a-01d0-46b2-ac04-4084950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'westernunionsupport.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a35a-37d0-4de2-8919-43f5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'whoyouhelp.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a35b-3200-4397-bc78-4de2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'workfromhomeplc.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a35c-e54c-43c9-989a-4f0e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'wusupport.su']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a35d-d7c4-4047-92ca-46d8950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'www.bugattijedo.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a35e-fc70-4484-b624-4833950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'www.fyzeeconnect.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a35f-dd6c-4d3a-8edc-4faf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'www.jyhugtfhfgt56565jdfhfhgfh.tk']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a35f-caac-45c2-8360-48cc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'xbool.ru']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a360-2a40-4c2f-845a-4aad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://acpaeqypt.com/enter/meme/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a362-9d54-449b-a849-4a83950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://ajahhunterz.xyz/ajahhunt_emma/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a362-00f8-4af2-87e7-45c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'ajahhunterz.xyz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a364-80ec-4047-abbe-47ef950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://ajahhunterz.xyz/ajahhunt_nonso/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a365-5e20-484b-a633-40ed950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://alimen.ru/fbd/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a366-a184-4fd2-9e11-4ff3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://avsmanager.com/basics/logout.php?pid=744']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a368-f8a4-47f1-bbd4-4d4a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://dragonballz.com.de/loki/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a369-73d8-46ce-a2a9-4cb1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://evrixbody.ru/cally/blessing/good/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a36b-c8fc-4707-8c3b-4539950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://farawayer.ru/chibum/fire/blessing/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a36c-c7a8-43cf-966a-432d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://gamneit.com/sbtm/update/domain/index.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a36d-3170-4f3f-8c96-41c9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://gamneit.com/sbtm/update/domain/login.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a36f-da7c-49cd-82b1-4967950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://generalpw.ru/s/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a370-ff78-4f9e-9039-47a5950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://gongotraa.com/five/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a371-cdb4-46ed-bb00-4ffc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://lekkihunterz2.xyz/rokman/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a373-8d4c-40ee-ba2b-4e89950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'lekkihunterz2.xyz']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a374-956c-478c-8f7a-4020950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://myopps.ml/hot/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a375-fe6c-4c88-b38b-4d7f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://no1carpart.co.uk/bema/panel/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a377-0920-431e-b38a-4c9c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://no1carpart.co.uk/kk10/klinsk/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a378-d5ac-4548-8dfa-4fe3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://openttn.tk/we/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a379-1988-41e3-8ed4-4b01950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://opixib.bid/bhutra/gate.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a37a-e7f8-4511-ad9d-4b6d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[domain-name:value = 'opixib.bid']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a37b-b234-42a3-a1d9-4a8c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://street-takeover.ru/okeagwu/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a37d-fcbc-433a-b10d-484b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://street-up.ru/v1/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a37e-aacc-4d51-8f90-4ffa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://street-up.ru/v2/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a37f-7a78-4c40-80c5-411a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://street-wise.ru/v2/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a380-98ac-47b8-b174-4867950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://street-wise.ru/v3/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a381-b930-4cf1-8e41-4b46950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://tee-gr.com/nw/admin.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a382-b794-4ab6-a295-4787950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://tokimecltd.ru/emi/five/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a385-180c-4484-a312-4fbf950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://tokimecltd.ru/home/five/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a386-5034-4883-a653-4ee2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://tokimecltd.ru/love/five/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943a387-a364-4380-9158-4f24950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"pattern": "[url:value = 'http://www.fyzeeconnect.ru/street-credibilty/fre.php']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:00:14Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5943a389-095c-4833-803e-498a950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"first_observed": "2017-06-16T11:00:14Z",
"last_observed": "2017-06-16T11:00:14Z",
"number_observed": 1,
"object_refs": [
"url--5943a389-095c-4833-803e-498a950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5943a389-095c-4833-803e-498a950d210f",
"value": "https://www.hybrid-analysis.com/sample/0871ecc08d27b5d1047c8162669db786a89e62ed12b6174f7a1ebe7716262f42?environmentId=100"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5943a389-3504-466a-b7d2-4191950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:00:14.000Z",
"modified": "2017-06-16T11:00:14.000Z",
"first_observed": "2017-06-16T11:00:14Z",
"last_observed": "2017-06-16T11:00:14Z",
"number_observed": 1,
"object_refs": [
"url--5943a389-3504-466a-b7d2-4191950d210f"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5943a389-3504-466a-b7d2-4191950d210f",
"value": "https://www.virustotal.com/hr/file/0871ecc08d27b5d1047c8162669db786a89e62ed12b6174f7a1ebe7716262f42/analysis/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--5943ba6e-e43c-4433-9ae3-067402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:01:02.000Z",
"modified": "2017-06-16T11:01:02.000Z",
"description": "- Xchecked via VT: 0871ecc08d27b5d1047c8162669db786a89e62ed12b6174f7a1ebe7716262f42",
"pattern": "[file:hashes.SHA1 = '6ce73f0f4b3af04fc83033abf8b0fbb299cd1c7d']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-06-16T11:01:02Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--5943ba6e-1bc8-4382-a637-067402de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-06-16T11:01:02.000Z",
"modified": "2017-06-16T11:01:02.000Z",
"first_observed": "2017-06-16T11:01:02Z",
"last_observed": "2017-06-16T11:01:02Z",
"number_observed": 1,
"object_refs": [
"url--5943ba6e-1bc8-4382-a637-067402de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--5943ba6e-1bc8-4382-a637-067402de0b81",
"value": "https://www.virustotal.com/file/0871ecc08d27b5d1047c8162669db786a89e62ed12b6174f7a1ebe7716262f42/analysis/1497587348/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink