2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-12-14 14:30:15 +00:00
|
|
|
"Event": {
|
|
|
|
"analysis": "0",
|
|
|
|
"date": "2016-10-16",
|
|
|
|
"extends_uuid": "",
|
|
|
|
"info": "Spam 2016-10-16 (mule acquisition) - probably related to Locky resources",
|
|
|
|
"publish_timestamp": "1476594598",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "3",
|
|
|
|
"timestamp": "1476594574",
|
|
|
|
"uuid": "58030b52-b52c-41e7-93f6-43ae950d210f",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CIRCL",
|
|
|
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594567",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "58030b87-8db0-460f-b10d-4da6950d210f",
|
|
|
|
"value": "http://bidprogroup.com/wp-content/plugins/contact-form-7/admin/images/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594568",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "58030b88-30e4-4f4c-8cdf-4a01950d210f",
|
|
|
|
"value": "bidprogroup.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594568",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "58030b88-b5d0-4119-a90c-4edd950d210f",
|
|
|
|
"value": "50.62.172.113"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594569",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "58030b89-5a44-44fd-97a6-4f39950d210f",
|
|
|
|
"value": "http://bigway.com/installation2/tmp/rohi5l/par/users/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594569",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "58030b89-350c-41fe-a6a2-407e950d210f",
|
|
|
|
"value": "bigway.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594570",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "58030b8a-08f8-4977-91d6-4986950d210f",
|
|
|
|
"value": "69.168.8.211"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594570",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "58030b8a-aa0c-49f6-84f9-4d49950d210f",
|
|
|
|
"value": "http://bikebreeze.com/wp-content/themes/CherryFramework/admin/images/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594571",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "58030b8b-4ba4-4d92-bb27-474f950d210f",
|
|
|
|
"value": "bikebreeze.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594571",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "58030b8b-def8-4a45-a71a-4b40950d210f",
|
|
|
|
"value": "166.62.10.183"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594572",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "url",
|
|
|
|
"uuid": "58030b8c-86fc-4621-948a-42a4950d210f",
|
|
|
|
"value": "http://billfoundation.org/wp-includes/js/tinymce/plugins/wptextpattern/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594573",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "58030b8d-7518-449b-8492-43d3950d210f",
|
|
|
|
"value": "billfoundation.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "compromised resource",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1476594573",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "58030b8d-c9f8-4946-8dda-462c950d210f",
|
|
|
|
"value": "52.202.112.204"
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
2023-12-14 14:30:15 +00:00
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|