-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathemail-raw-observable.xml
90 lines (84 loc) · 4.16 KB
/
email-raw-observable.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<stix:STIX_Package
xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2"
xmlns:URIObj="http://cybox.mitre.org/objects#URIObject-2"
xmlns:EmailMessageObj="http://cybox.mitre.org/objects#EmailMessageObject-2"
xmlns:cybox="http://cybox.mitre.org/cybox-2"
xmlns:stix="http://stix.mitre.org/stix-1"
xmlns:cyboxCommon="http://cybox.mitre.org/common-2"
xmlns:example="http://example.com"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
id="example:STIXPackage-7d188f68-9b6d-40d8-96a6-667ce3677874" version="1.2">
<stix:Observables cybox_major_version="2" cybox_minor_version="1" cybox_update_version="0">
<cybox:Observable id="example:observable-6355649f-ad9a-4cc1-8edc-28effcf451c5">
<cybox:Object id="example:URI-c784e9dc-6559-5d6c-8d97-06ff2113d14c">
<cybox:Properties xsi:type="URIObj:URIObjectType" type="URL">
<URIObj:Value>http://thereelin.com/mac/htm</URIObj:Value>
</cybox:Properties>
</cybox:Object>
</cybox:Observable>
<cybox:Observable id="example:observable-5e1bff77-0150-4deb-8e17-1ae29588b501">
<cybox:Object id="example:EmailMessage-feb2c5bf-dd52-5bc2-a355-ad7e7498583e">
<cybox:Properties xsi:type="EmailMessageObj:EmailMessageObjectType">
<EmailMessageObj:Header>
<EmailMessageObj:From xsi:type="AddressObj:AddressObjectType" category="e-mail">
<AddressObj:Address_Value>chase@ee.duke.edu</AddressObj:Address_Value>
</EmailMessageObj:From>
<EmailMessageObj:Subject>Fix The Error On Your Account.</EmailMessageObj:Subject>
</EmailMessageObj:Header>
<EmailMessageObj:Raw_Body><![CDATA[<!DOCTYPE html>Received: from BL0PR0901MB3124.namprd09.prod.outlook.com
(2603:10b6:208:d4::22) by BL0PR0901MB3204.namprd09.prod.outlook.com with
HTTPS via MN2PR04CA0009.NAMPRD04.PROD.OUTLOOK.COM; Wed, 12 Feb 2020 18:45:43
+0000
Authentication-Results: mitre.org; dkim=none (message not signed)
header.d=none;mitre.org; dmarc=none action=none header.from=mitre.org;
Received: from BL0PR0901MB3204.namprd09.prod.outlook.com (20.177.243.16) by
BL0PR0901MB3124.namprd09.prod.outlook.com (20.177.241.75) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.2707.23; Wed, 12 Feb 2020 18:45:42 +0000
Received: from BL0PR0901MB3204.namprd09.prod.outlook.com
([fe80::c8b6:8d06:3bbd:cef3]) by BL0PR0901MB3204.namprd09.prod.outlook.com
([fe80::c8b6:8d06:3bbd:cef3%6]) with mapi id 15.20.2707.030; Wed, 12 Feb 2020
18:45:42 +0000
From: "Piazza, Rich" <rpiazza@mitre.org>
To: "Piazza, Rich" <rpiazza@mitre.org>
Subject: testing
Thread-Topic: testing
Thread-Index: AQHV4dSge8PgoMgfRUqipxh3ho7xDg==
Date: Wed, 12 Feb 2020 18:45:41 +0000
Message-ID: <484759C2-CC69-4AD1-8687-7E1A3F7C61A7@mitre.org>
Accept-Language: en-US
Content-Language: en-US
> This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
--B_3664359956_690441552
Content-type: text/plain;
charset="UTF-8"
Content-transfer-encoding: 7bit
--B_3664359956_690441552
Content-type: text/html;
charset="UTF-8"
Content-transfer-encoding: quoted-printable
<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:schema=
s-microsoft-com:office:word" xmlns:m=3D"http://schemas.microsoft.com/office/20=
04/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
</head>
<body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span style=3D"font-size:11.0pt"><o:p> </o:p></span=
></p>
</div>
</body>
</html>
--B_3664359956_690441552--
]]></EmailMessageObj:Raw_Body>
</cybox:Properties>
</cybox:Object>
</cybox:Observable>
</stix:Observables>
</stix:STIX_Package>