misp-circl-feed/feeds/circl/misp/5a37ccac-13e4-4703-9487-4070950d210f.json

{"Event": {"info": "OSINT - Graftor - But I Never Asked for This\u2026", "Tag": [{"colour": "#0b8d00", "exportable": true, "name": "misp-galaxy:tool=\"Aumlib\""}, {"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#00223b", "exportable": true, "name": "osint:source-type=\"blog-post\""}, {"colour": "#3b0020", "exportable": true, "name": "workflow:todo=\"expansion\""}, {"colour": "#620035", "exportable": true, "name": "workflow:todo=\"review-for-false-positive\""}, {"colour": "#52002c", "exportable": true, "name": "workflow:todo=\"review-before-publication\""}], "publish_timestamp": "0", "timestamp": "1513630056", "Object": [{"comment": "Graftor Dropper", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5a37cfe7-03a8-43cf-91d9-4b46950d210f", "sharing_group_id": "0", "timestamp": "1513607143", "description": "File object describing a file with meta-information", "template_version": "8", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a37cfe7-6f98-4315-a202-4c06950d210f", "timestamp": "1513607143", "to_ids": true, "value": "2263387661.exe", "disable_correlation": false, "object_relation": "filename", "type": "filename"}, {"comment": "", "category": "Payload delivery", "uuid": "5a37cfe7-5374-4801-9361-4974950d210f", "timestamp": "1513607143", "to_ids": true, "value": "fd3ccf65eab21a77d2e440bd23c59d52e96a03a4", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "5a37cfe7-6a24-4e14-9dd3-43e3950d210f", "timestamp": "1513607143", "to_ids": true, "value": "41474cd23ff0a861625ec1304f882891826829ed26ed1662aae2e7ebbe3605f2", "disable_correlation": false, "object_relation": "sha256", "type": "sha256"}, {"comment": "", "category": "Payload delivery", "uuid": "5a37cfe7-d618-44f9-a0b5-493f950d210f", "timestamp": "1513607143", "to_ids": true, "value": "9b9ce661a764d84a4636812e1dfcb03b", "disable_correlation": false, "object_relation": "md5", "type": "md5"}], "distribution": "5", "meta-category": "file", "name": "file"}, {"comment": "Dumped 2nd stage", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5a37d02b-66d0-4d32-a418-4ae4950d210f", "sharing_group_id": "0", "timestamp": "1513607211", "description": "File object describing a file with meta-information", "template_version": "8", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a37d02b-4e68-4736-96c4-48f0950d210f", "timestamp": "1513607211", "to_ids": true, "value": "99c7627708c4ab1fca3222738c573e7376ab4070", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "5a37d02b-e8ac-444b-b393-45bd950d210f", "timestamp": "1513607211", "to_ids": true, "value": "eefdbe891e35390b84181eabe0ace6e202f5b2a050e800fb8e82327d5e57336d", "disable_correlation": false, "object_relation": "sha256", "type": "sha256"}, {"comment": "", "category": "Payload delivery", "uuid": "5a37d02b-3e24-4ca7-a2f6-454a950d210f", "timestamp": "1513607211", "to_ids": true, "value": "40bde09fc059f205f67b181c34de666b", "disable_correlation": false, "object_relation": "md5", "type": "md5"}], "distribution": "5", "meta-category": "file", "name": "file"}, {"comment": "Dumped 3rd stage", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5a37d070-e818-4ed7-ab3b-4a9c950d210f", "sharing_group_id": "0", "timestamp": "1513607280", "description": "File object describing a file with meta-information", "template_version": "8", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a37d071-5040-4414-b6ab-421d950d210f", "timestamp": "1513607281", "to_ids": true, "value": "7c4cd0ff0e004a62c9ab7f8bd991094226eca842", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "5a37d071-be28-4dbc-bc30-45b2950d210f", "timestamp": "1513607281", "to_ids": true, "value": "5eb2333956bebb81da365a26e56fea874797fa003107f95cda21273045