adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5464c1d9-3d78-434d-a936-51e4950d210b.json

622 lines
18 KiB
JSON
Raw Permalink Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2014-11-13",
"extends_uuid": "",
"info": "OSINT Expansion on Snake",
"publish_timestamp": "1498162630",
"published": true,
"threat_level_id": "1",
"timestamp": "1498162614",
"uuid": "5464c1d9-3d78-434d-a936-51e4950d210b",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#004646",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#33FF00",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:green",
"relationship_type": ""
},
{
"colour": "#12e200",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:threat-actor=\"Turla Group\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889391",
"to_ids": true,
"type": "ip-dst",
"uuid": "5464c1ef-e49c-4ddc-86b5-9034950d210b",
"value": "41.190.233.29"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889391",
"to_ids": true,
"type": "ip-dst",
"uuid": "5464c1ef-cc80-4f72-9083-9034950d210b",
"value": "190.194.224.149"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889391",
"to_ids": true,
"type": "ip-dst",
"uuid": "5464c1ef-09f4-4345-a778-9034950d210b",
"value": "192.241.211.213"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889391",
"to_ids": true,
"type": "ip-dst",
"uuid": "5464c1ef-fe28-4697-a9c8-9034950d210b",
"value": "62.65.252.12"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889391",
"to_ids": true,
"type": "ip-dst",
"uuid": "5464c1ef-0198-40ca-92fe-9034950d210b",
"value": "80.246.199.24"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889391",
"to_ids": true,
"type": "ip-dst",
"uuid": "5464c1ef-f01c-4008-9330-9034950d210b",
"value": "62.1.82.32"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-e42c-4f97-86ff-9051950d210b",
"value": "tiles.cebarrett.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-8400-4c99-9d83-9051950d210b",
"value": "alosh66.linkpc.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-2034-4dec-b85d-9051950d210b",
"value": "darksun.sytes.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-8a28-4ca4-8e26-9051950d210b",
"value": "luck-babys.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-c9ec-4451-a95b-9051950d210b",
"value": "newsweek.serveblog.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-5d38-4891-9bab-9051950d210b",
"value": "weather-online.hopto.org"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-617c-44f9-bbed-9051950d210b",
"value": "airlinenewspaper.info"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-8a48-40e3-bbe1-9051950d210b",
"value": "easport-news.publicvm.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-0698-4712-aca4-9051950d210b",
"value": "tn5.linkpc.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-89b0-4cb2-931f-9051950d210b",
"value": "marketing.ntmdt.eu"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-2400-43c9-a6f6-9051950d210b",
"value": "brstcjjcmoc.myfw.us"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889422",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20e-e410-4f54-ba87-9051950d210b",
"value": "twtw.mrface.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-c6a8-4490-8529-9051950d210b",
"value": "image.servepics.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-52a8-4eaa-9074-9051950d210b",
"value": "new-book.linkpc.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-73cc-40c7-8d47-9051950d210b",
"value": "biznews.podzone.org"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-8d90-4222-b489-9051950d210b",
"value": "cqcount.servehttp.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-4e10-4259-aa31-9051950d210b",
"value": "hotnews.ath.cx"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-1954-4b0b-946a-9051950d210b",
"value": "easycounter.sytes.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-03e8-42d8-aa97-9051950d210b",
"value": "3366.passas.us"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-7858-4f68-8c43-9051950d210b",
"value": "51hongling.onthenetas.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-fea0-4176-9c80-9051950d210b",
"value": "boy.podzone.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-171c-4249-bdf5-9051950d210b",
"value": "ftpmicrosoft.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-2188-44e0-abe4-9051950d210b",
"value": "allnews.ath.cx"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-571c-47cb-b47b-9051950d210b",
"value": "downmicrisoft.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-91b0-41ef-96e4-9051950d210b",
"value": "webmail-login.org"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-96d4-40b7-a509-9051950d210b",
"value": "zgtlohzofi.kwik.to"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-60c4-4aaf-9ce8-9051950d210b",
"value": "723.kwik.to"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889423",
"to_ids": true,
"type": "hostname",
"uuid": "5464c20f-ea1c-4660-882a-9051950d210b",
"value": "zjhao.dtdns.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-2730-4266-a7cb-9051950d210b",
"value": "freshdns.org"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-c450-4b32-9ed2-9051950d210b",
"value": "support-adobe.endofinternet.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-7958-4cff-95d5-9051950d210b",
"value": "pressforum.serveblog.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-9654-41d7-9427-9051950d210b",
"value": "intellicast.ath.cx"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-b8fc-4818-b30b-9051950d210b",
"value": "sportacademy.my03.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-9f7c-4994-8f5e-9051950d210b",
"value": "webonline.mefound.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-1178-4748-b1f1-9051950d210b",
"value": "breakingnews.ath.cx"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-d4b4-4b06-bcc4-9051950d210b",
"value": "today-news.office-on-the.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-5d34-4a63-96db-9051950d210b",
"value": "newgame.2waky.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-65c4-4bf1-b5af-9051950d210b",
"value": "nifty-user.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-a3f0-416a-8450-9051950d210b",
"value": "euronews.ath.cx"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-546c-4358-b93e-9051950d210b",
"value": "marketplace.servehttp.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-b964-4cbc-9f14-9051950d210b",
"value": "attack1.linkpc.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-950c-4ca8-9e31-9051950d210b",
"value": "novbl.ssh01.com"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889424",
"to_ids": true,
"type": "hostname",
"uuid": "5464c210-caa0-4206-99e6-9051950d210b",
"value": "z07.dyndns.info"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1415889500",
"to_ids": false,
"type": "comment",
"uuid": "5464c25c-3eb4-4012-97b5-969a950d210b",
"value": "Expansion done by David Andr\u00c3\u00a9 based on passive DNS database"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1443708260",
"to_ids": false,
"type": "text",
"uuid": "560d3d64-884c-418e-9f12-46ca950d210b",
"value": "Snake"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1443708260",
"to_ids": false,
"type": "text",
"uuid": "560d3d64-6060-42ad-9b33-4911950d210b",
"value": "Turla"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1443708261",
"to_ids": false,
"type": "text",
"uuid": "560d3d65-3444-4937-ba0c-47f9950d210b",
"value": "Uroburos"
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink