misp-circl-feed/feeds/circl/misp/577e3339-2418-48f2-ade0-034eac1064c3.json

{"Event": {"info": "YellowAlbatross/Sphinx malware by 360-Qihoo and some OSINT", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#004646", "exportable": true, "name": "type:OSINT"}], "publish_timestamp": "1469534911", "timestamp": "1469534890", "analysis": "0", "Attribute": [{"comment": "", "category": "Antivirus detection", "uuid": "577e68a9-f888-477e-ba15-0a24ac1064c3", "timestamp": "1467902121", "to_ids": false, "value": "Win32.YellowAlbatross", "disable_correlation": false, "object_relation": null, "type": "text"}, {"comment": "Source", "category": "External analysis", "uuid": "5782579d-67a8-4cf7-bd6f-0618ac1064c3", "timestamp": "1468159901", "to_ids": false, "value": "http://www.aqniu.com/threat-alert/17332.html", "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-966c-47a1-bc72-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "ss4m1.dnsdojo.com", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-9394-4f4f-b5a5-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "avg99.does-it.net", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-0714-4478-af1c-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "adobe.sells-it.net", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-cf84-404b-9e7c-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "microwindows.is-by.us", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-5ac0-4f77-8bcf-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "wolfxx.esy.es", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-213c-4a52-ac38-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "avg999.hot.es", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-fa14-4c47-9afe-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "israelleaks.is-a-chef.com", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "", "category": "Network activity", "uuid": "577e3c71-5964-4e89-9983-034eac1064c3", "timestamp": "1467902163", "to_ids": true, "value": "196.205.194.60", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "577e3c71-2db0-48dc-8c5b-034eac1064c3", "timestamp": "1467902160", "to_ids": true, "value": "196.205.194.61", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-4530-4078-a679-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "31.170.168.61", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-24d0-47c7-8672-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "37.157.250.48", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "577e6881-1474-4ca8-9e4a-058aac1064c3", "timestamp": "1467902081", "to_ids": true, "value": "86.105.18.107", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "577e68c3-9ae0-4044-bb67-0605ac1064c3", "timestamp": "1467902147", "to_ids": true, "value": "/nouba/gadling.php", "disable_correlation": false, "object_relation": null, "type": "pattern-in-traffic"}, {"comment": "", "category": "Network activity", "uuid": "577e3c71-b410-4956-8d3e-034e