adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/stix-2.1/59ef2c5a-eed8-4b10-88c4-4685950d210f.json

2445 lines
No EOL
98 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--59ef2c5a-eed8-4b10-88c4-4685950d210f",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:24:05.000Z",
"modified": "2017-10-25T08:24:05.000Z",
"name": "CIRCL",
"identity_class": "organization"
},
{
"type": "grouping",
"spec_version": "2.1",
"id": "grouping--59ef2c5a-eed8-4b10-88c4-4685950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:24:05.000Z",
"modified": "2017-10-25T08:24:05.000Z",
"name": "M2M - Locky Affid=3/Trickbot \"mac1\" 2017-10-24 : \"Your\n Invoice 12345\" - \"Invoice_file_654321.doc\"",
"context": "suspicious-activity",
"object_refs": [
"indicator--59ef2c5b-d440-4c0a-b109-4f35950d210f",
"indicator--59ef2c5b-0078-4c5a-baae-460d950d210f",
"indicator--59ef2c5b-24a8-4b42-84ac-44c2950d210f",
"indicator--59ef2c5b-8144-4e6b-9164-d493950d210f",
"indicator--59ef2c5c-a548-4673-a210-4efa950d210f",
"observed-data--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f",
"network-traffic--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f",
"ipv4-addr--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f",
"indicator--59ef2c5c-d1d8-47bc-88d2-9959950d210f",
"indicator--59ef2c5c-e9e0-467f-b60f-4848950d210f",
"observed-data--59ef2c5d-eff8-4fbb-a5f1-4016950d210f",
"network-traffic--59ef2c5d-eff8-4fbb-a5f1-4016950d210f",
"ipv4-addr--59ef2c5d-eff8-4fbb-a5f1-4016950d210f",
"indicator--59ef2c5d-8098-488a-a937-4706950d210f",
"indicator--59ef2c5d-b6d8-4209-b44f-9959950d210f",
"observed-data--59ef2c5d-42b4-468c-94d7-4a1c950d210f",
"network-traffic--59ef2c5d-42b4-468c-94d7-4a1c950d210f",
"ipv4-addr--59ef2c5d-42b4-468c-94d7-4a1c950d210f",
"indicator--59ef2c5e-848c-49e1-8659-4c33950d210f",
"indicator--59ef2c5e-6694-457f-be1b-436f950d210f",
"observed-data--59ef2c5e-6e30-4bc9-85ee-43f9950d210f",
"network-traffic--59ef2c5e-6e30-4bc9-85ee-43f9950d210f",
"ipv4-addr--59ef2c5e-6e30-4bc9-85ee-43f9950d210f",
"indicator--59ef2c5e-513c-4e01-ac01-9959950d210f",
"indicator--59ef2c5f-a594-460d-a75a-4499950d210f",
"observed-data--59ef2c5f-4bc0-4c3b-b414-43ad950d210f",
"network-traffic--59ef2c5f-4bc0-4c3b-b414-43ad950d210f",
"ipv4-addr--59ef2c5f-4bc0-4c3b-b414-43ad950d210f",
"indicator--59ef2c5f-0298-453c-89d8-4128950d210f",
"indicator--59ef2c5f-bd48-4eae-bd06-4b5f950d210f",
"observed-data--59ef2c60-4ac4-4290-ad3d-464d950d210f",
"network-traffic--59ef2c60-4ac4-4290-ad3d-464d950d210f",
"ipv4-addr--59ef2c60-4ac4-4290-ad3d-464d950d210f",
"indicator--59ef2c60-b410-4529-a253-47d6950d210f",
"indicator--59ef2c60-0c14-4616-afe2-412f950d210f",
"indicator--59ef2c7e-97b0-410c-bcd9-4772950d210f",
"indicator--59ef2c7e-7374-4d15-835e-4874950d210f",
"observed-data--59ef2c7f-4518-4f01-9a80-44db950d210f",
"network-traffic--59ef2c7f-4518-4f01-9a80-44db950d210f",
"ipv4-addr--59ef2c7f-4518-4f01-9a80-44db950d210f",
"indicator--59ef2c7f-3d68-4e40-ae8d-49fc950d210f",
"indicator--59ef2c7f-b914-4be7-8bc8-4289950d210f",
"observed-data--59ef2c80-11dc-4320-a462-41bd950d210f",
"network-traffic--59ef2c80-11dc-4320-a462-41bd950d210f",
"ipv4-addr--59ef2c80-11dc-4320-a462-41bd950d210f",
"observed-data--59ef2c80-a74c-4f19-b630-9959950d210f",
"network-traffic--59ef2c80-a74c-4f19-b630-9959950d210f",
"ipv4-addr--59ef2c80-a74c-4f19-b630-9959950d210f",
"observed-data--59ef2c80-9a10-431b-9b35-45fd950d210f",
"network-traffic--59ef2c80-9a10-431b-9b35-45fd950d210f",
"ipv4-addr--59ef2c80-9a10-431b-9b35-45fd950d210f",
"observed-data--59ef2c80-5a78-4aa0-84aa-45f3950d210f",
"network-traffic--59ef2c80-5a78-4aa0-84aa-45f3950d210f",
"ipv4-addr--59ef2c80-5a78-4aa0-84aa-45f3950d210f",
"observed-data--59ef2c81-f200-41c7-96e7-d493950d210f",
"network-traffic--59ef2c81-f200-41c7-96e7-d493950d210f",
"ipv4-addr--59ef2c81-f200-41c7-96e7-d493950d210f",
"observed-data--59ef2c81-ebe8-4a4b-9dea-452b950d210f",
"network-traffic--59ef2c81-ebe8-4a4b-9dea-452b950d210f",
"ipv4-addr--59ef2c81-ebe8-4a4b-9dea-452b950d210f",
"observed-data--59ef2c81-c180-436d-83c3-4828950d210f",
"network-traffic--59ef2c81-c180-436d-83c3-4828950d210f",
"ipv4-addr--59ef2c81-c180-436d-83c3-4828950d210f",
"observed-data--59ef2c81-e648-474f-bdcc-498b950d210f",
"network-traffic--59ef2c81-e648-474f-bdcc-498b950d210f",
"ipv4-addr--59ef2c81-e648-474f-bdcc-498b950d210f",
"observed-data--59ef2c82-8fcc-4ce7-bdd9-9959950d210f",
"network-traffic--59ef2c82-8fcc-4ce7-bdd9-9959950d210f",
"ipv4-addr--59ef2c82-8fcc-4ce7-bdd9-9959950d210f",
"observed-data--59ef2c82-6334-4cbf-9756-4332950d210f",
"network-traffic--59ef2c82-6334-4cbf-9756-4332950d210f",
"ipv4-addr--59ef2c82-6334-4cbf-9756-4332950d210f",
"observed-data--59ef2c82-9458-48ae-b0b0-4696950d210f",
"network-traffic--59ef2c82-9458-48ae-b0b0-4696950d210f",
"ipv4-addr--59ef2c82-9458-48ae-b0b0-4696950d210f",
"observed-data--59ef2c82-35a4-48f7-8824-4f33950d210f",
"network-traffic--59ef2c82-35a4-48f7-8824-4f33950d210f",
"ipv4-addr--59ef2c82-35a4-48f7-8824-4f33950d210f",
"observed-data--59ef2c83-407c-4766-97b1-4a07950d210f",
"network-traffic--59ef2c83-407c-4766-97b1-4a07950d210f",
"ipv4-addr--59ef2c83-407c-4766-97b1-4a07950d210f",
"observed-data--59ef2c83-432c-408f-9092-4dad950d210f",
"network-traffic--59ef2c83-432c-408f-9092-4dad950d210f",
"ipv4-addr--59ef2c83-432c-408f-9092-4dad950d210f",
"observed-data--59ef2c84-d1e4-4d10-a0d7-4f37950d210f",
"network-traffic--59ef2c84-d1e4-4d10-a0d7-4f37950d210f",
"ipv4-addr--59ef2c84-d1e4-4d10-a0d7-4f37950d210f",
"observed-data--59ef2c84-7ecc-4f70-bc47-4313950d210f",
"network-traffic--59ef2c84-7ecc-4f70-bc47-4313950d210f",
"ipv4-addr--59ef2c84-7ecc-4f70-bc47-4313950d210f",
"observed-data--59ef2c84-4aec-439c-a2ed-4eeb950d210f",
"network-traffic--59ef2c84-4aec-439c-a2ed-4eeb950d210f",
"ipv4-addr--59ef2c84-4aec-439c-a2ed-4eeb950d210f",
"observed-data--59ef2c84-ce58-40e3-9f25-4c04950d210f",
"network-traffic--59ef2c84-ce58-40e3-9f25-4c04950d210f",
"ipv4-addr--59ef2c84-ce58-40e3-9f25-4c04950d210f",
"observed-data--59ef2c85-00e4-4726-b9b2-447c950d210f",
"network-traffic--59ef2c85-00e4-4726-b9b2-447c950d210f",
"ipv4-addr--59ef2c85-00e4-4726-b9b2-447c950d210f",
"observed-data--59ef2c85-5314-42a1-a075-415e950d210f",
"network-traffic--59ef2c85-5314-42a1-a075-415e950d210f",
"ipv4-addr--59ef2c85-5314-42a1-a075-415e950d210f",
"observed-data--59ef2c85-3b58-4312-b1a1-44e6950d210f",
"network-traffic--59ef2c85-3b58-4312-b1a1-44e6950d210f",
"ipv4-addr--59ef2c85-3b58-4312-b1a1-44e6950d210f",
"observed-data--59ef2c85-dc2c-4378-a47a-4f5f950d210f",
"network-traffic--59ef2c85-dc2c-4378-a47a-4f5f950d210f",
"ipv4-addr--59ef2c85-dc2c-4378-a47a-4f5f950d210f",
"observed-data--59ef2c86-d55c-493c-a31d-9959950d210f",
"network-traffic--59ef2c86-d55c-493c-a31d-9959950d210f",
"ipv4-addr--59ef2c86-d55c-493c-a31d-9959950d210f",
"observed-data--59ef2c86-f1e4-46be-9130-d493950d210f",
"network-traffic--59ef2c86-f1e4-46be-9130-d493950d210f",
"ipv4-addr--59ef2c86-f1e4-46be-9130-d493950d210f",
"observed-data--59ef2c86-68b4-4551-9bbf-4e6c950d210f",
"network-traffic--59ef2c86-68b4-4551-9bbf-4e6c950d210f",
"ipv4-addr--59ef2c86-68b4-4551-9bbf-4e6c950d210f",
"observed-data--59ef2c86-e07c-4196-9613-4611950d210f",
"network-traffic--59ef2c86-e07c-4196-9613-4611950d210f",
"ipv4-addr--59ef2c86-e07c-4196-9613-4611950d210f",
"observed-data--59ef2c87-c048-4a44-b72f-4946950d210f",
"network-traffic--59ef2c87-c048-4a44-b72f-4946950d210f",
"ipv4-addr--59ef2c87-c048-4a44-b72f-4946950d210f",
"observed-data--59ef2c87-74c0-4f83-a815-4bfc950d210f",
"network-traffic--59ef2c87-74c0-4f83-a815-4bfc950d210f",
"ipv4-addr--59ef2c87-74c0-4f83-a815-4bfc950d210f",
"observed-data--59ef2c87-10d4-434a-8329-9959950d210f",
"network-traffic--59ef2c87-10d4-434a-8329-9959950d210f",
"ipv4-addr--59ef2c87-10d4-434a-8329-9959950d210f",
"observed-data--59ef2c88-c3ac-45fc-adeb-4b79950d210f",
"network-traffic--59ef2c88-c3ac-45fc-adeb-4b79950d210f",
"ipv4-addr--59ef2c88-c3ac-45fc-adeb-4b79950d210f",
"observed-data--59ef2c88-ef80-43bf-9b36-4672950d210f",
"network-traffic--59ef2c88-ef80-43bf-9b36-4672950d210f",
"ipv4-addr--59ef2c88-ef80-43bf-9b36-4672950d210f",
"observed-data--59ef2c88-fbc0-40c9-971b-40ff950d210f",
"network-traffic--59ef2c88-fbc0-40c9-971b-40ff950d210f",
"ipv4-addr--59ef2c88-fbc0-40c9-971b-40ff950d210f",
"observed-data--59ef2c88-bc0c-456b-b74a-48d1950d210f",
"network-traffic--59ef2c88-bc0c-456b-b74a-48d1950d210f",
"ipv4-addr--59ef2c88-bc0c-456b-b74a-48d1950d210f",
"observed-data--59ef2c89-5940-40d5-bdc9-d493950d210f",
"network-traffic--59ef2c89-5940-40d5-bdc9-d493950d210f",
"ipv4-addr--59ef2c89-5940-40d5-bdc9-d493950d210f",
"observed-data--59ef2c89-5dc0-498e-a5e5-422b950d210f",
"network-traffic--59ef2c89-5dc0-498e-a5e5-422b950d210f",
"ipv4-addr--59ef2c89-5dc0-498e-a5e5-422b950d210f",
"observed-data--59ef2c89-56f8-4434-8088-4c64950d210f",
"network-traffic--59ef2c89-56f8-4434-8088-4c64950d210f",
"ipv4-addr--59ef2c89-56f8-4434-8088-4c64950d210f",
"observed-data--59ef2c89-9b00-4fc7-8cef-4399950d210f",
"network-traffic--59ef2c89-9b00-4fc7-8cef-4399950d210f",
"ipv4-addr--59ef2c89-9b00-4fc7-8cef-4399950d210f",
"observed-data--59ef2c89-1018-4272-8bdd-4a80950d210f",
"network-traffic--59ef2c89-1018-4272-8bdd-4a80950d210f",
"ipv4-addr--59ef2c89-1018-4272-8bdd-4a80950d210f",
"indicator--59f04a1f-0be8-4be8-9070-4c1102de0b81",
"indicator--59f04a1f-0f90-40ec-8cd7-45b602de0b81",
"observed-data--59f04a1f-f1b0-4ec7-b297-455902de0b81",
"url--59f04a1f-f1b0-4ec7-b297-455902de0b81",
"indicator--59f04a1f-15f8-4be3-ba6a-49d602de0b81",
"indicator--59f04a1f-68e8-417b-a2b6-4eb102de0b81",
"observed-data--59f04a1f-9980-40e8-97a3-470502de0b81",
"url--59f04a1f-9980-40e8-97a3-470502de0b81",
"indicator--59f04a1f-fa60-409c-8145-419602de0b81",
"indicator--59f04a1f-4d5c-4b4c-ab21-486a02de0b81",
"observed-data--59f04a1f-8130-4600-8161-4e9202de0b81",
"url--59f04a1f-8130-4600-8161-4e9202de0b81"
],
"labels": [
"Threat-Report",
"misp:tool=\"MISP-STIX-Converter\"",
"misp-galaxy:tool=\"Trick Bot\"",
"ecsirt:malicious-code=\"ransomware\"",
"misp-galaxy:ransomware=\"Locky\""
],
"object_marking_refs": [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9"
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5b-d440-4c0a-b109-4f35950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[file:hashes.MD5 = 'eae849f6510db451f4fbdb780b5d49aa']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5b-0078-4c5a-baae-460d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[file:hashes.MD5 = '7bbc46655683df7a0e842c0adff987a3']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5b-24a8-4b42-84ac-44c2950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[file:hashes.MD5 = '5f38c8bd1a58a755108d27a7fdf034b1']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"md5\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5b-8144-4e6b-9164-d493950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[url:value = 'http://transmercasa.com/JHGGsdsw6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5c-a548-4673-a210-4efa950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[domain-name:value = 'transmercasa.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"first_observed": "2017-10-25T08:23:57Z",
"last_observed": "2017-10-25T08:23:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f",
"ipv4-addr--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f",
"dst_ref": "ipv4-addr--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c5c-3fb0-46a9-9b7d-48a6950d210f",
"value": "75.98.175.70"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5c-d1d8-47bc-88d2-9959950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[url:value = 'http://upgrademypc.ie/JHGGsdsw6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5c-e9e0-467f-b60f-4848950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[domain-name:value = 'upgrademypc.ie']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c5d-eff8-4fbb-a5f1-4016950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"first_observed": "2017-10-25T08:23:57Z",
"last_observed": "2017-10-25T08:23:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c5d-eff8-4fbb-a5f1-4016950d210f",
"ipv4-addr--59ef2c5d-eff8-4fbb-a5f1-4016950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c5d-eff8-4fbb-a5f1-4016950d210f",
"dst_ref": "ipv4-addr--59ef2c5d-eff8-4fbb-a5f1-4016950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c5d-eff8-4fbb-a5f1-4016950d210f",
"value": "78.153.200.123"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5d-8098-488a-a937-4706950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[url:value = 'http://urcho.com/JHGGsdsw6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5d-b6d8-4209-b44f-9959950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[domain-name:value = 'urcho.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c5d-42b4-468c-94d7-4a1c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"first_observed": "2017-10-25T08:23:57Z",
"last_observed": "2017-10-25T08:23:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c5d-42b4-468c-94d7-4a1c950d210f",
"ipv4-addr--59ef2c5d-42b4-468c-94d7-4a1c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c5d-42b4-468c-94d7-4a1c950d210f",
"dst_ref": "ipv4-addr--59ef2c5d-42b4-468c-94d7-4a1c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c5d-42b4-468c-94d7-4a1c950d210f",
"value": "87.106.69.81"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5e-848c-49e1-8659-4c33950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[url:value = 'http://tatianadecastelbajac.fr/kjhgFG']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5e-6694-457f-be1b-436f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[domain-name:value = 'tatianadecastelbajac.fr']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c5e-6e30-4bc9-85ee-43f9950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"first_observed": "2017-10-25T08:23:57Z",
"last_observed": "2017-10-25T08:23:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c5e-6e30-4bc9-85ee-43f9950d210f",
"ipv4-addr--59ef2c5e-6e30-4bc9-85ee-43f9950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c5e-6e30-4bc9-85ee-43f9950d210f",
"dst_ref": "ipv4-addr--59ef2c5e-6e30-4bc9-85ee-43f9950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c5e-6e30-4bc9-85ee-43f9950d210f",
"value": "151.236.60.40"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5e-513c-4e01-ac01-9959950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[url:value = 'http://video.rb-webdev.de/kjhgFG']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5f-a594-460d-a75a-4499950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[domain-name:value = 'video.rb-webdev.de']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c5f-4bc0-4c3b-b414-43ad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"first_observed": "2017-10-25T08:23:57Z",
"last_observed": "2017-10-25T08:23:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c5f-4bc0-4c3b-b414-43ad950d210f",
"ipv4-addr--59ef2c5f-4bc0-4c3b-b414-43ad950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c5f-4bc0-4c3b-b414-43ad950d210f",
"dst_ref": "ipv4-addr--59ef2c5f-4bc0-4c3b-b414-43ad950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c5f-4bc0-4c3b-b414-43ad950d210f",
"value": "85.214.28.187"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5f-0298-453c-89d8-4128950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[url:value = 'http://themclarenfamily.com/kjhgFG']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c5f-bd48-4eae-bd06-4b5f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"pattern": "[domain-name:value = 'themclarenfamily.com']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:57Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c60-4ac4-4290-ad3d-464d950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:57.000Z",
"modified": "2017-10-25T08:23:57.000Z",
"first_observed": "2017-10-25T08:23:57Z",
"last_observed": "2017-10-25T08:23:57Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c60-4ac4-4290-ad3d-464d950d210f",
"ipv4-addr--59ef2c60-4ac4-4290-ad3d-464d950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c60-4ac4-4290-ad3d-464d950d210f",
"dst_ref": "ipv4-addr--59ef2c60-4ac4-4290-ad3d-464d950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c60-4ac4-4290-ad3d-464d950d210f",
"value": "92.48.90.34"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c60-b410-4529-a253-47d6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"pattern": "[url:value = 'http://gdiscoun.org/']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c60-0c14-4616-afe2-412f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"pattern": "[domain-name:value = 'gdiscoun.org']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c7e-97b0-410c-bcd9-4772950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"pattern": "[url:value = 'http://xn--diseo-rta.es/UHGus3.enc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c7e-7374-4d15-835e-4874950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"pattern": "[domain-name:value = 'xn--diseo-rta.es']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c7f-4518-4f01-9a80-44db950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c7f-4518-4f01-9a80-44db950d210f",
"ipv4-addr--59ef2c7f-4518-4f01-9a80-44db950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c7f-4518-4f01-9a80-44db950d210f",
"dst_ref": "ipv4-addr--59ef2c7f-4518-4f01-9a80-44db950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c7f-4518-4f01-9a80-44db950d210f",
"value": "31.24.46.103"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c7f-3d68-4e40-ae8d-49fc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"pattern": "[url:value = 'http://webhotell.enivest.no/cuYT39.enc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"url\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59ef2c7f-b914-4be7-8bc8-4289950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"pattern": "[domain-name:value = 'webhotell.enivest.no']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:58Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Network activity"
}
],
"labels": [
"misp:type=\"hostname\"",
"misp:category=\"Network activity\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c80-11dc-4320-a462-41bd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c80-11dc-4320-a462-41bd950d210f",
"ipv4-addr--59ef2c80-11dc-4320-a462-41bd950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c80-11dc-4320-a462-41bd950d210f",
"dst_ref": "ipv4-addr--59ef2c80-11dc-4320-a462-41bd950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c80-11dc-4320-a462-41bd950d210f",
"value": "62.50.190.101"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c80-a74c-4f19-b630-9959950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c80-a74c-4f19-b630-9959950d210f",
"ipv4-addr--59ef2c80-a74c-4f19-b630-9959950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c80-a74c-4f19-b630-9959950d210f",
"dst_ref": "ipv4-addr--59ef2c80-a74c-4f19-b630-9959950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c80-a74c-4f19-b630-9959950d210f",
"value": "79.170.7.139"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c80-9a10-431b-9b35-45fd950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c80-9a10-431b-9b35-45fd950d210f",
"ipv4-addr--59ef2c80-9a10-431b-9b35-45fd950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c80-9a10-431b-9b35-45fd950d210f",
"dst_ref": "ipv4-addr--59ef2c80-9a10-431b-9b35-45fd950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c80-9a10-431b-9b35-45fd950d210f",
"value": "196.202.194.202"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c80-5a78-4aa0-84aa-45f3950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c80-5a78-4aa0-84aa-45f3950d210f",
"ipv4-addr--59ef2c80-5a78-4aa0-84aa-45f3950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c80-5a78-4aa0-84aa-45f3950d210f",
"dst_ref": "ipv4-addr--59ef2c80-5a78-4aa0-84aa-45f3950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c80-5a78-4aa0-84aa-45f3950d210f",
"value": "46.20.56.239"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c81-f200-41c7-96e7-d493950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c81-f200-41c7-96e7-d493950d210f",
"ipv4-addr--59ef2c81-f200-41c7-96e7-d493950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c81-f200-41c7-96e7-d493950d210f",
"dst_ref": "ipv4-addr--59ef2c81-f200-41c7-96e7-d493950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c81-f200-41c7-96e7-d493950d210f",
"value": "176.120.126.21"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c81-ebe8-4a4b-9dea-452b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c81-ebe8-4a4b-9dea-452b950d210f",
"ipv4-addr--59ef2c81-ebe8-4a4b-9dea-452b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c81-ebe8-4a4b-9dea-452b950d210f",
"dst_ref": "ipv4-addr--59ef2c81-ebe8-4a4b-9dea-452b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c81-ebe8-4a4b-9dea-452b950d210f",
"value": "91.239.249.118"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c81-c180-436d-83c3-4828950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c81-c180-436d-83c3-4828950d210f",
"ipv4-addr--59ef2c81-c180-436d-83c3-4828950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c81-c180-436d-83c3-4828950d210f",
"dst_ref": "ipv4-addr--59ef2c81-c180-436d-83c3-4828950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c81-c180-436d-83c3-4828950d210f",
"value": "156.17.92.161"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c81-e648-474f-bdcc-498b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c81-e648-474f-bdcc-498b950d210f",
"ipv4-addr--59ef2c81-e648-474f-bdcc-498b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c81-e648-474f-bdcc-498b950d210f",
"dst_ref": "ipv4-addr--59ef2c81-e648-474f-bdcc-498b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c81-e648-474f-bdcc-498b950d210f",
"value": "86.80.209.49"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c82-8fcc-4ce7-bdd9-9959950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c82-8fcc-4ce7-bdd9-9959950d210f",
"ipv4-addr--59ef2c82-8fcc-4ce7-bdd9-9959950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c82-8fcc-4ce7-bdd9-9959950d210f",
"dst_ref": "ipv4-addr--59ef2c82-8fcc-4ce7-bdd9-9959950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c82-8fcc-4ce7-bdd9-9959950d210f",
"value": "46.20.56.237"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c82-6334-4cbf-9756-4332950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c82-6334-4cbf-9756-4332950d210f",
"ipv4-addr--59ef2c82-6334-4cbf-9756-4332950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c82-6334-4cbf-9756-4332950d210f",
"dst_ref": "ipv4-addr--59ef2c82-6334-4cbf-9756-4332950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c82-6334-4cbf-9756-4332950d210f",
"value": "62.87.151.219"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c82-9458-48ae-b0b0-4696950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c82-9458-48ae-b0b0-4696950d210f",
"ipv4-addr--59ef2c82-9458-48ae-b0b0-4696950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c82-9458-48ae-b0b0-4696950d210f",
"dst_ref": "ipv4-addr--59ef2c82-9458-48ae-b0b0-4696950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c82-9458-48ae-b0b0-4696950d210f",
"value": "188.137.86.7"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c82-35a4-48f7-8824-4f33950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c82-35a4-48f7-8824-4f33950d210f",
"ipv4-addr--59ef2c82-35a4-48f7-8824-4f33950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c82-35a4-48f7-8824-4f33950d210f",
"dst_ref": "ipv4-addr--59ef2c82-35a4-48f7-8824-4f33950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c82-35a4-48f7-8824-4f33950d210f",
"value": "178.254.183.34"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c83-407c-4766-97b1-4a07950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c83-407c-4766-97b1-4a07950d210f",
"ipv4-addr--59ef2c83-407c-4766-97b1-4a07950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c83-407c-4766-97b1-4a07950d210f",
"dst_ref": "ipv4-addr--59ef2c83-407c-4766-97b1-4a07950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c83-407c-4766-97b1-4a07950d210f",
"value": "178.254.183.13"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c83-432c-408f-9092-4dad950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c83-432c-408f-9092-4dad950d210f",
"ipv4-addr--59ef2c83-432c-408f-9092-4dad950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c83-432c-408f-9092-4dad950d210f",
"dst_ref": "ipv4-addr--59ef2c83-432c-408f-9092-4dad950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c83-432c-408f-9092-4dad950d210f",
"value": "176.111.24.4"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c84-d1e4-4d10-a0d7-4f37950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c84-d1e4-4d10-a0d7-4f37950d210f",
"ipv4-addr--59ef2c84-d1e4-4d10-a0d7-4f37950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c84-d1e4-4d10-a0d7-4f37950d210f",
"dst_ref": "ipv4-addr--59ef2c84-d1e4-4d10-a0d7-4f37950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c84-d1e4-4d10-a0d7-4f37950d210f",
"value": "178.217.117.240"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c84-7ecc-4f70-bc47-4313950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c84-7ecc-4f70-bc47-4313950d210f",
"ipv4-addr--59ef2c84-7ecc-4f70-bc47-4313950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c84-7ecc-4f70-bc47-4313950d210f",
"dst_ref": "ipv4-addr--59ef2c84-7ecc-4f70-bc47-4313950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c84-7ecc-4f70-bc47-4313950d210f",
"value": "178.217.119.241"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c84-4aec-439c-a2ed-4eeb950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c84-4aec-439c-a2ed-4eeb950d210f",
"ipv4-addr--59ef2c84-4aec-439c-a2ed-4eeb950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c84-4aec-439c-a2ed-4eeb950d210f",
"dst_ref": "ipv4-addr--59ef2c84-4aec-439c-a2ed-4eeb950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c84-4aec-439c-a2ed-4eeb950d210f",
"value": "78.24.219.105"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c84-ce58-40e3-9f25-4c04950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c84-ce58-40e3-9f25-4c04950d210f",
"ipv4-addr--59ef2c84-ce58-40e3-9f25-4c04950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c84-ce58-40e3-9f25-4c04950d210f",
"dst_ref": "ipv4-addr--59ef2c84-ce58-40e3-9f25-4c04950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c84-ce58-40e3-9f25-4c04950d210f",
"value": "92.63.105.129"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c85-00e4-4726-b9b2-447c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c85-00e4-4726-b9b2-447c950d210f",
"ipv4-addr--59ef2c85-00e4-4726-b9b2-447c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c85-00e4-4726-b9b2-447c950d210f",
"dst_ref": "ipv4-addr--59ef2c85-00e4-4726-b9b2-447c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c85-00e4-4726-b9b2-447c950d210f",
"value": "62.109.30.9"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c85-5314-42a1-a075-415e950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c85-5314-42a1-a075-415e950d210f",
"ipv4-addr--59ef2c85-5314-42a1-a075-415e950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c85-5314-42a1-a075-415e950d210f",
"dst_ref": "ipv4-addr--59ef2c85-5314-42a1-a075-415e950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c85-5314-42a1-a075-415e950d210f",
"value": "82.146.44.189"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c85-3b58-4312-b1a1-44e6950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c85-3b58-4312-b1a1-44e6950d210f",
"ipv4-addr--59ef2c85-3b58-4312-b1a1-44e6950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c85-3b58-4312-b1a1-44e6950d210f",
"dst_ref": "ipv4-addr--59ef2c85-3b58-4312-b1a1-44e6950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c85-3b58-4312-b1a1-44e6950d210f",
"value": "82.146.60.211"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c85-dc2c-4378-a47a-4f5f950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c85-dc2c-4378-a47a-4f5f950d210f",
"ipv4-addr--59ef2c85-dc2c-4378-a47a-4f5f950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c85-dc2c-4378-a47a-4f5f950d210f",
"dst_ref": "ipv4-addr--59ef2c85-dc2c-4378-a47a-4f5f950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c85-dc2c-4378-a47a-4f5f950d210f",
"value": "194.87.238.205"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c86-d55c-493c-a31d-9959950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c86-d55c-493c-a31d-9959950d210f",
"ipv4-addr--59ef2c86-d55c-493c-a31d-9959950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c86-d55c-493c-a31d-9959950d210f",
"dst_ref": "ipv4-addr--59ef2c86-d55c-493c-a31d-9959950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c86-d55c-493c-a31d-9959950d210f",
"value": "195.133.49.20"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c86-f1e4-46be-9130-d493950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c86-f1e4-46be-9130-d493950d210f",
"ipv4-addr--59ef2c86-f1e4-46be-9130-d493950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c86-f1e4-46be-9130-d493950d210f",
"dst_ref": "ipv4-addr--59ef2c86-f1e4-46be-9130-d493950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c86-f1e4-46be-9130-d493950d210f",
"value": "46.17.40.97"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c86-68b4-4551-9bbf-4e6c950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c86-68b4-4551-9bbf-4e6c950d210f",
"ipv4-addr--59ef2c86-68b4-4551-9bbf-4e6c950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c86-68b4-4551-9bbf-4e6c950d210f",
"dst_ref": "ipv4-addr--59ef2c86-68b4-4551-9bbf-4e6c950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c86-68b4-4551-9bbf-4e6c950d210f",
"value": "141.255.167.112"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c86-e07c-4196-9613-4611950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c86-e07c-4196-9613-4611950d210f",
"ipv4-addr--59ef2c86-e07c-4196-9613-4611950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c86-e07c-4196-9613-4611950d210f",
"dst_ref": "ipv4-addr--59ef2c86-e07c-4196-9613-4611950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c86-e07c-4196-9613-4611950d210f",
"value": "194.87.92.6"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c87-c048-4a44-b72f-4946950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c87-c048-4a44-b72f-4946950d210f",
"ipv4-addr--59ef2c87-c048-4a44-b72f-4946950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c87-c048-4a44-b72f-4946950d210f",
"dst_ref": "ipv4-addr--59ef2c87-c048-4a44-b72f-4946950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c87-c048-4a44-b72f-4946950d210f",
"value": "62.109.30.96"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c87-74c0-4f83-a815-4bfc950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c87-74c0-4f83-a815-4bfc950d210f",
"ipv4-addr--59ef2c87-74c0-4f83-a815-4bfc950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c87-74c0-4f83-a815-4bfc950d210f",
"dst_ref": "ipv4-addr--59ef2c87-74c0-4f83-a815-4bfc950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c87-74c0-4f83-a815-4bfc950d210f",
"value": "194.87.146.161"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c87-10d4-434a-8329-9959950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c87-10d4-434a-8329-9959950d210f",
"ipv4-addr--59ef2c87-10d4-434a-8329-9959950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c87-10d4-434a-8329-9959950d210f",
"dst_ref": "ipv4-addr--59ef2c87-10d4-434a-8329-9959950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c87-10d4-434a-8329-9959950d210f",
"value": "62.109.4.137"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c88-c3ac-45fc-adeb-4b79950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c88-c3ac-45fc-adeb-4b79950d210f",
"ipv4-addr--59ef2c88-c3ac-45fc-adeb-4b79950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c88-c3ac-45fc-adeb-4b79950d210f",
"dst_ref": "ipv4-addr--59ef2c88-c3ac-45fc-adeb-4b79950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c88-c3ac-45fc-adeb-4b79950d210f",
"value": "194.87.239.60"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c88-ef80-43bf-9b36-4672950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c88-ef80-43bf-9b36-4672950d210f",
"ipv4-addr--59ef2c88-ef80-43bf-9b36-4672950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c88-ef80-43bf-9b36-4672950d210f",
"dst_ref": "ipv4-addr--59ef2c88-ef80-43bf-9b36-4672950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c88-ef80-43bf-9b36-4672950d210f",
"value": "185.125.46.88"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c88-fbc0-40c9-971b-40ff950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c88-fbc0-40c9-971b-40ff950d210f",
"ipv4-addr--59ef2c88-fbc0-40c9-971b-40ff950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c88-fbc0-40c9-971b-40ff950d210f",
"dst_ref": "ipv4-addr--59ef2c88-fbc0-40c9-971b-40ff950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c88-fbc0-40c9-971b-40ff950d210f",
"value": "5.101.78.97"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c88-bc0c-456b-b74a-48d1950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c88-bc0c-456b-b74a-48d1950d210f",
"ipv4-addr--59ef2c88-bc0c-456b-b74a-48d1950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c88-bc0c-456b-b74a-48d1950d210f",
"dst_ref": "ipv4-addr--59ef2c88-bc0c-456b-b74a-48d1950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c88-bc0c-456b-b74a-48d1950d210f",
"value": "185.12.94.101"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c89-5940-40d5-bdc9-d493950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c89-5940-40d5-bdc9-d493950d210f",
"ipv4-addr--59ef2c89-5940-40d5-bdc9-d493950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c89-5940-40d5-bdc9-d493950d210f",
"dst_ref": "ipv4-addr--59ef2c89-5940-40d5-bdc9-d493950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c89-5940-40d5-bdc9-d493950d210f",
"value": "193.19.119.190"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c89-5dc0-498e-a5e5-422b950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c89-5dc0-498e-a5e5-422b950d210f",
"ipv4-addr--59ef2c89-5dc0-498e-a5e5-422b950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c89-5dc0-498e-a5e5-422b950d210f",
"dst_ref": "ipv4-addr--59ef2c89-5dc0-498e-a5e5-422b950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c89-5dc0-498e-a5e5-422b950d210f",
"value": "179.43.147.232"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c89-56f8-4434-8088-4c64950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c89-56f8-4434-8088-4c64950d210f",
"ipv4-addr--59ef2c89-56f8-4434-8088-4c64950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c89-56f8-4434-8088-4c64950d210f",
"dst_ref": "ipv4-addr--59ef2c89-56f8-4434-8088-4c64950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c89-56f8-4434-8088-4c64950d210f",
"value": "195.133.197.198"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c89-9b00-4fc7-8cef-4399950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:58.000Z",
"modified": "2017-10-25T08:23:58.000Z",
"first_observed": "2017-10-25T08:23:58Z",
"last_observed": "2017-10-25T08:23:58Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c89-9b00-4fc7-8cef-4399950d210f",
"ipv4-addr--59ef2c89-9b00-4fc7-8cef-4399950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c89-9b00-4fc7-8cef-4399950d210f",
"dst_ref": "ipv4-addr--59ef2c89-9b00-4fc7-8cef-4399950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c89-9b00-4fc7-8cef-4399950d210f",
"value": "188.227.17.104"
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59ef2c89-1018-4272-8bdd-4a80950d210f",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"first_observed": "2017-10-25T08:23:59Z",
"last_observed": "2017-10-25T08:23:59Z",
"number_observed": 1,
"object_refs": [
"network-traffic--59ef2c89-1018-4272-8bdd-4a80950d210f",
"ipv4-addr--59ef2c89-1018-4272-8bdd-4a80950d210f"
],
"labels": [
"misp:type=\"ip-dst\"",
"misp:category=\"Network activity\""
]
},
{
"type": "network-traffic",
"spec_version": "2.1",
"id": "network-traffic--59ef2c89-1018-4272-8bdd-4a80950d210f",
"dst_ref": "ipv4-addr--59ef2c89-1018-4272-8bdd-4a80950d210f",
"protocols": [
"tcp"
]
},
{
"type": "ipv4-addr",
"spec_version": "2.1",
"id": "ipv4-addr--59ef2c89-1018-4272-8bdd-4a80950d210f",
"value": "194.87.111.47"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59f04a1f-0be8-4be8-9070-4c1102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"description": "- Xchecked via VT: 5f38c8bd1a58a755108d27a7fdf034b1",
"pattern": "[file:hashes.SHA256 = '76e52d91742467b8772799531ba33f43287805753a26c3893d29676f55f5301a']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59f04a1f-0f90-40ec-8cd7-45b602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"description": "- Xchecked via VT: 5f38c8bd1a58a755108d27a7fdf034b1",
"pattern": "[file:hashes.SHA1 = '3a3c813526c60939e8cdd6a119194ee02d062d3c']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59f04a1f-f1b0-4ec7-b297-455902de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"first_observed": "2017-10-25T08:23:59Z",
"last_observed": "2017-10-25T08:23:59Z",
"number_observed": 1,
"object_refs": [
"url--59f04a1f-f1b0-4ec7-b297-455902de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59f04a1f-f1b0-4ec7-b297-455902de0b81",
"value": "https://www.virustotal.com/file/76e52d91742467b8772799531ba33f43287805753a26c3893d29676f55f5301a/analysis/1508852075/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59f04a1f-15f8-4be3-ba6a-49d602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"description": "- Xchecked via VT: 7bbc46655683df7a0e842c0adff987a3",
"pattern": "[file:hashes.SHA256 = '0f5be64bc9be27c4a9cab972f5a5879337cb8cfd155a84e62399ed34e8d5a1dc']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59f04a1f-68e8-417b-a2b6-4eb102de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"description": "- Xchecked via VT: 7bbc46655683df7a0e842c0adff987a3",
"pattern": "[file:hashes.SHA1 = 'c631280d0ae50e708891fa72d73997bdf5f35bf6']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59f04a1f-9980-40e8-97a3-470502de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"first_observed": "2017-10-25T08:23:59Z",
"last_observed": "2017-10-25T08:23:59Z",
"number_observed": 1,
"object_refs": [
"url--59f04a1f-9980-40e8-97a3-470502de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59f04a1f-9980-40e8-97a3-470502de0b81",
"value": "https://www.virustotal.com/file/0f5be64bc9be27c4a9cab972f5a5879337cb8cfd155a84e62399ed34e8d5a1dc/analysis/1508917150/"
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59f04a1f-fa60-409c-8145-419602de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"description": "- Xchecked via VT: eae849f6510db451f4fbdb780b5d49aa",
"pattern": "[file:hashes.SHA256 = '6106d1b5963feb632eee28aaee5b68e85aef1d090c5e5ef2899b3a0f1a3f7c5b']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha256\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "indicator",
"spec_version": "2.1",
"id": "indicator--59f04a1f-4d5c-4b4c-ab21-486a02de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"description": "- Xchecked via VT: eae849f6510db451f4fbdb780b5d49aa",
"pattern": "[file:hashes.SHA1 = '60b9e6798a2099674fb189e262282d06ab7f29be']",
"pattern_type": "stix",
"pattern_version": "2.1",
"valid_from": "2017-10-25T08:23:59Z",
"kill_chain_phases": [
{
"kill_chain_name": "misp-category",
"phase_name": "Artifacts dropped"
}
],
"labels": [
"misp:type=\"sha1\"",
"misp:category=\"Artifacts dropped\"",
"misp:to_ids=\"True\""
]
},
{
"type": "observed-data",
"spec_version": "2.1",
"id": "observed-data--59f04a1f-8130-4600-8161-4e9202de0b81",
"created_by_ref": "identity--55f6ea5e-2c60-40e5-964f-47a8950d210f",
"created": "2017-10-25T08:23:59.000Z",
"modified": "2017-10-25T08:23:59.000Z",
"first_observed": "2017-10-25T08:23:59Z",
"last_observed": "2017-10-25T08:23:59Z",
"number_observed": 1,
"object_refs": [
"url--59f04a1f-8130-4600-8161-4e9202de0b81"
],
"labels": [
"misp:type=\"link\"",
"misp:category=\"External analysis\""
]
},
{
"type": "url",
"spec_version": "2.1",
"id": "url--59f04a1f-8130-4600-8161-4e9202de0b81",
"value": "https://www.virustotal.com/file/6106d1b5963feb632eee28aaee5b68e85aef1d090c5e5ef2899b3a0f1a3f7c5b/analysis/1508916686/"
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"created": "2017-01-20T00:00:00.000Z",
"definition_type": "tlp",
"name": "TLP:WHITE",
"definition": {
"tlp": "white"
}
}
]
}
Reference in a new issue View git blame Copy permalink