2023-12-14 14:30:15 +00:00
|
|
|
{"Event": {"info": "Password-protected docs 2017-05-23 : Ursnif 2002 - \"C John Doe\" - \"ab1_c23def4lg56hi#78j.docx\"", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}], "publish_timestamp": "0", "timestamp": "1495554195", "analysis": "1", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "59245893-31c8-42b2-b8c0-c159950d210f", "timestamp": "1495554195", "to_ids": true, "value": "advisedhtdisclaimerth.ru", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5924588d-a82c-4ebd-9de1-6bfa950d210f", "timestamp": "1495554189", "to_ids": true, "value": "http://www.php.net/license/3_0.txt", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5924588f-347c-421e-9bef-46cf950d210f", "timestamp": "1495554191", "to_ids": true, "value": "www.php.net", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "www.php.net", "category": "Network activity", "uuid": "59245892-06a8-4a29-a872-6b79950d210f", "timestamp": "1495554194", "to_ids": true, "value": "82.100.240.32", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Artifacts dropped", "uuid": "59245885-37f4-45e5-a504-180d950d210f", "timestamp": "1495554181", "to_ids": true, "value": "12ffff6f269599e64c1f9ae1a4d7661c", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "", "category": "Network activity", "uuid": "59245888-0318-4f98-a9b3-c150950d210f", "timestamp": "1495554184", "to_ids": true, "value": "http://kosbal.uv.ro/main.txt", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "59245889-bc34-4517-abf1-9198950d210f", "timestamp": "1495554185", "to_ids": true, "value": "kosbal.uv.ro", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "kosbal.uv.ro", "category": "Network activity", "uuid": "5924588a-94bc-4917-88c9-69b6950d210f", "timestamp": "1495554186", "to_ids": true, "value": "91.216.151.56", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "5924588b-3584-454d-a6c9-c154950d210f", "timestamp": "1495554187", "to_ids": true, "value": "http://91.210.166.177/un.jpg", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5924588c-02bc-4e47-b456-c153950d210f", "timestamp": "1495554188", "to_ids": true, "value": "91.210.166.177", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "", "category": "Artifacts dropped", "uuid": "59245884-3dc8-4d88-b419-c14e950d210f", "timestamp": "1495554180", "to_ids": true, "value": "21ecba6d854567d63f59258a49ed0d91", "disable_correlation": false, "object_relation": null, "type": "md5"}], "extends_uuid": "", "published": false, "date": "2017-05-23", "Orgc": {"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f", "name": "CIRCL"}, "threat_level_id": "3", "uuid": "59245883-c54c-4072-b07f-6a00950d210f"}}
|