misp-circl-feed/feeds/circl/misp/59bfc43f-c1ac-4a3b-b271-4420950d210f.json

{"Event": {"info": "M2M - ***SPAM***  Locky: \"Status of invoice\" with .7z\n\tattachment", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#006c6c", "exportable": true, "name": "ecsirt:malicious-code=\"ransomware\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:ransomware=\"Locky\""}], "publish_timestamp": "0", "timestamp": "1508773187", "analysis": "1", "Attribute": [{"comment": "", "category": "Artifacts dropped", "uuid": "59bfc440-11c0-40ba-97c7-1914950d210f", "timestamp": "1508773171", "to_ids": true, "value": "20f2ca720cb4dcca9195113f258ca4ef", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "", "category": "Artifacts dropped", "uuid": "59bfc441-8e8c-49eb-88e5-190a950d210f", "timestamp": "1508773171", "to_ids": true, "value": "24888615662135054bb9a28d50ae2c0f6711975ba5251f0862ecc8b95b2512de", "disable_correlation": false, "object_relation": null, "type": "sha256"}, {"comment": "", "category": "Artifacts dropped", "uuid": "59bfc441-450c-4bee-92af-167b950d210f", "timestamp": "1508773171", "to_ids": true, "value": "0faf7bb76b212bafe2949ed9c0d04c87a5aea40deefb11d360fb6912be84fbd8", "disable_correlation": false, "object_relation": null, "type": "sha256"}, {"comment": "", "category": "Artifacts dropped", "uuid": "59bfc441-f604-4ec5-b075-1916950d210f", "timestamp": "1508773171", "to_ids": true, "value": "c674da5f1c063a0bec896d03492620ac94687e7687a1b91944d93c1d6527c8a7", "disable_correlation": false, "object_relation": null, "type": "sha256"}, {"comment": "", "category": "Network activity", "uuid": "59bfc442-b6c4-4fce-972c-167b950d210f", "timestamp": "1508773171", "to_ids": true, "value": "http://abelfaria.pt/87thiuh3gfDGS", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "59bfc442-ff64-4234-9246-413f950d210f", "timestamp": "1508773171", "to_ids": true, "value": "abelfaria.pt", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "abelfaria.pt", "category": "Network activity", "uuid": "59bfc443-1550-4cfe-ac10-1916950d210f", "timestamp": "1508773171", "to_ids": false, "value": "109.71.42.24", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "59bfc443-90b0-41f4-8882-1677950d210f", "timestamp": "1508773171", "to_ids": true, "value": "http://cedipsa.com/87thiuh3gfDGS", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "59bfc443-6ef4-4a1e-a822-425c950d210f", "timestamp": "1508773171", "to_ids": true, "value": "cedipsa.com", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "cedipsa.com", "category": "Network activity", "uuid": "59bfc444-79f4-49af-a9f2-91d9950d210f", "timestamp": "1508773171", "to_ids": false, "value": "93.189.91.20", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "59bfc445-4c4c-4d5d-88d4-496b950d210f", "timestamp": "1508773171", "to_ids": true, "value": "http://grovecreative.co.uk/87thiuh3gfDGS", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "59bfc445-3a30-440b-a11d-18ff950d210f", "timestamp": "1508773171", "to_ids": true, "value": "grovecreative.co.uk", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "grovecreative.co.uk", "category": "Network activity", "uuid": "59bfc445-d310-4d3c-b58c-4096950d210f", "timestamp": "1508773171", "to_ids": false, "value": "188.165.73.151", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "59bfc446-c580-4458-8786-190b950d210f", "timestamp": "1508773171", "to_ids": true, "value": "http://lanzensberger.de/87thiuh3gfDGS", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "c