adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/594b770c-b54c-41b5-b1a9-4edb950d210f.json

1 line
5.8 KiB
JSON
Raw Permalink Normal View History

chg: [gen] updated
2023-12-14 14:30:15 +00:00
{"Event": {"info": "OSINT - SHELLTEA + POSLURP MALWARE", "Tag": [{"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#002b4a", "exportable": true, "name": "osint:source-type=\"technical-report\""}], "publish_timestamp": "0", "timestamp": "1498121691", "analysis": "2", "Attribute": [{"comment": "POWERSNIFF C2 DOMAINS", "category": "Network activity", "uuid": "594b78db-60cc-465b-996d-4fba950d210f", "timestamp": "1498118363", "to_ids": true, "value": "vseflijkoindex.net", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "POWERSNIFF C2 DOMAINS", "category": "Network activity", "uuid": "594b78db-f59c-4e23-9722-4fba950d210f", "timestamp": "1498118363", "to_ids": true, "value": "vortexclothings.biz", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "POWERSNIFF C2 DOMAINS", "category": "Network activity", "uuid": "594b78db-91c0-44ba-b7fa-49e8950d210f", "timestamp": "1498118363", "to_ids": true, "value": "unkerdubsonics.org", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "POWERSNIFF C2 DOMAINS", "category": "Network activity", "uuid": "594b78db-9b14-400c-b5be-419a950d210f", "timestamp": "1498118363", "to_ids": true, "value": "popskentown.com", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "SHELLTEA C2 DOMAIN", "category": "Network activity", "uuid": "594b7980-34e4-453d-8991-4a0d950d210f", "timestamp": "1498118528", "to_ids": true, "value": "neofilgestunin.org", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "SHELLTEA C2 DOMAIN", "category": "Network activity", "uuid": "594b7980-1188-4102-9437-4d8e950d210f", "timestamp": "1498118528", "to_ids": true, "value": "verfgainling.net", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "SHELLTEA C2 DOMAIN", "category": "Network activity", "uuid": "594b7980-bfa0-4d66-b37d-4d3a950d210f", "timestamp": "1498118528", "to_ids": true, "value": "straubeoldscles.org", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "SHELLTEA C2 DOMAIN", "category": "Network activity", "uuid": "594b7980-1ed0-4f03-b209-40ec950d210f", "timestamp": "1498118528", "to_ids": true, "value": "olohvikoend.org", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "SHELLTEA C2 DOMAIN", "category": "Network activity", "uuid": "594b7980-be10-497c-9580-4ced950d210f", "timestamp": "1498118528", "to_ids": true, "value": "menoograskilllev.net", "disable_correlation": false, "object_relation": null, "type": "domain"}, {"comment": "SHELLTEA C2 DOMAIN", "category": "Payload delivery", "uuid": "594b7980-8ac4-4ebf-b66e-480f950d210f", "timestamp": "1498118528", "to_ids": true, "value": "asojinoviesder.org", "disable_correlation": false, "object_relation": null, "type": "filename"}, {"comment": "Function Hash Resolution Tool, IDA Script, and Process Name CRC32 Code:", "category": "External analysis", "uuid": "594b7a1d-5108-41ca-b719-4db5950d210f", "timestamp": "1498118685", "to_ids": false, "value": "https://gist.github.com/root9b/24b9b25f3b0b06a6939881e68d0bd2d0", "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "", "category": "External analysis", "uuid": "594b7a39-1740-4ca2-b45a-4379950d210f", "timestamp": "1498118713", "to_ids": false, "value": "https://www.root9b.com/sites/default/files/whitepapers/PoS%20Malware%20ShellTea%20PoSlurp_1.pdf", "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "", "category": "External analysis", "uuid": "594b7a39-c7cc-4ef2-aa31-410a950d210f", "timestamp": "1498118713", "to_ids": false, "value": "https://www.root9b.com/newsroom/shelltea-poslurp-malware", "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "", "category": "External analysis", "uuid": "594b7adc-c1c4-4ba7-84e4-4612950d210f", "timestamp": "149811887
Reference in a new issue Copy permalink