-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathipv4-addr-with-email-addr-pattern.xml
42 lines (42 loc) · 2.61 KB
/
ipv4-addr-with-email-addr-pattern.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<stix:STIX_Package
xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2"
xmlns:stixVocabs="http://stix.mitre.org/default_vocabularies-1"
xmlns:cybox="http://cybox.mitre.org/cybox-2"
xmlns:cyboxCommon="http://cybox.mitre.org/common-2"
xmlns:stix="http://stix.mitre.org/stix-1"
xmlns:indicator="http://stix.mitre.org/Indicator-2"
xmlns:stixCommon="http://stix.mitre.org/common-1"
xmlns:example="http://example.com"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
id="example:STIXPackage-84c61aa5-0fc8-45bb-b9d8-42df3636b5b8" version="1.2">
<stix:Indicators>
<stix:Indicator id="example:indicator-53fe3b22-0201-47cf-85d0-97c02164528d" timestamp="2014-05-08T09:00:00+00:00" xsi:type='indicator:IndicatorType'>
<indicator:Title>IP Address for known C2 channel</indicator:Title>
<indicator:Type xsi:type="stixVocabs:IndicatorTypeVocab-1.1">IP Watchlist</indicator:Type>
<indicator:Valid_Time_Position>
<indicator:Start_Time precision="second">2014-05-08T09:00:00+00:00</indicator:Start_Time>
</indicator:Valid_Time_Position>
<indicator:Observable id="example:Observable-c128f1d0-132c-458b-935b-c1a54745ec3f">
<cybox:Observable_Composition operator="AND">
<cybox:Observable id="example:Observable-47755c65-d17a-452f-b4db-8345dd5a6d42">
<cybox:Object id="example:Address-4ed7809b-38fc-48ad-a081-214ca3805484">
<cybox:Properties xsi:type="AddressObj:AddressObjectType" category="ipv4-addr">
<AddressObj:Address_Value condition="Equals">10.0.0.0</AddressObj:Address_Value>
</cybox:Properties>
</cybox:Object>
</cybox:Observable>
<cybox:Observable id="example:Observable-0afb39b6-1665-485d-a55e-6fbd8baafe8c">
<cybox:Object id="example:Address-f0364a49-f474-43e4-885a-a28abbeb4e24">
<cybox:Properties xsi:type="AddressObj:AddressObjectType" category="e-mail">
<AddressObj:Address_Value condition="Equals">fred@bedrock.gov</AddressObj:Address_Value>
</cybox:Properties>
</cybox:Object>
</cybox:Observable>
</cybox:Observable_Composition>
</indicator:Observable>
</stix:Indicator>
</stix:Indicators>
</stix:STIX_Package>