2023-04-21 13:25:09 +00:00
|
|
|
{
|
2023-12-14 14:30:15 +00:00
|
|
|
"Event": {
|
|
|
|
"analysis": "2",
|
|
|
|
"date": "2017-07-21",
|
|
|
|
"extends_uuid": "",
|
|
|
|
"info": "Finding Nemo(hosts) from Sofacy by ThreatConnect",
|
|
|
|
"publish_timestamp": "1516105510",
|
|
|
|
"published": true,
|
|
|
|
"threat_level_id": "1",
|
|
|
|
"timestamp": "1516105507",
|
|
|
|
"uuid": "5a5de39e-cb60-4839-af53-c1be950d210f",
|
|
|
|
"Orgc": {
|
|
|
|
"name": "CthulhuSPRL.be",
|
|
|
|
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
|
|
|
|
},
|
|
|
|
"Tag": [
|
|
|
|
{
|
|
|
|
"colour": "#11d000",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "admiralty-scale:information-credibility=\"3\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#086200",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "admiralty-scale:source-reliability=\"c\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#12e000",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "misp-galaxy:threat-actor=\"Sofacy\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#00223b",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "osint:source-type=\"blog-post\"",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#ffffff",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "tlp:white",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#f71212",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "APT",
|
|
|
|
"relationship_type": ""
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"colour": "#f1ee1d",
|
2024-04-05 12:15:17 +00:00
|
|
|
"local": false,
|
2023-12-14 14:30:15 +00:00
|
|
|
"name": "Threat:Sofacy/APT28",
|
|
|
|
"relationship_type": ""
|
|
|
|
}
|
|
|
|
],
|
|
|
|
"Attribute": [
|
|
|
|
{
|
|
|
|
"category": "External analysis",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516102570",
|
|
|
|
"to_ids": false,
|
|
|
|
"type": "link",
|
|
|
|
"uuid": "5a5de3aa-9528-4f42-bb53-c23a950d210f",
|
|
|
|
"value": "https://www.threatconnect.com/blog/finding-nemohost-fancy-bear-infrastructure/"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516102589",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5de3bd-2a70-4b29-9a3b-bec8950d210f",
|
|
|
|
"value": "unisecproper.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516102590",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5de3be-7050-413e-9696-bec8950d210f",
|
|
|
|
"value": "92.114.92.134"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Attribution",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516102780",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "x509-fingerprint-sha256",
|
|
|
|
"uuid": "5a5de471-f70c-4b95-bd94-c23a950d210f",
|
|
|
|
"value": "f27c4270b9b9291f465ba5962c36ce38f438377acff300b5c82b3b145f0c9e94"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Attribution",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104113",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "x509-fingerprint-md5",
|
|
|
|
"uuid": "5a5de99c-b3cc-4956-bb91-49ab950d210f",
|
|
|
|
"value": "6e51db99647450387e583ecb67de7f6e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104093",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "x509-fingerprint-sha1",
|
|
|
|
"uuid": "5a5de99d-d700-46a5-b239-44f7950d210f",
|
|
|
|
"value": "a1833c32d5f61d6ef9d1bb0133585112069d770e"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104276",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dea54-e838-4396-bf7c-4ce7950d210f",
|
|
|
|
"value": "86.107.42.11"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104398",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5deace-b2b0-4540-9f0d-4ea8950d210f",
|
|
|
|
"value": "179.43.128.218"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104436",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5deaf4-4f08-48d8-bb3f-4bf3950d210f",
|
|
|
|
"value": "208.91.197.91"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104437",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deaf5-adbc-4c58-b662-4563950d210f",
|
|
|
|
"value": "wmiapp.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104437",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deaf5-8704-4ddf-a777-4962950d210f",
|
|
|
|
"value": "networkxc.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104438",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5deaf6-0fa0-4c54-b78a-410e950d210f",
|
|
|
|
"value": "185.183.107.38"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104438",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deaf6-1d38-4a77-a829-4364950d210f",
|
|
|
|
"value": "ndsee.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104439",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5deaf7-c018-46f6-a75b-4407950d210f",
|
|
|
|
"value": "185.86.150.26"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104439",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deaf7-48fc-499e-92bc-4abc950d210f",
|
|
|
|
"value": "neoderb.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104439",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5deaf7-ac9c-42f9-9a06-49ca950d210f",
|
|
|
|
"value": "188.40.155.241"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104440",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deaf8-035c-4bd6-8ff2-4649950d210f",
|
|
|
|
"value": "remnet.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104440",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deaf8-5b10-4fd3-a016-499d950d210f",
|
|
|
|
"value": "remotemanagesvc.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104441",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deaf9-2d20-4ca2-aeba-4a1b950d210f",
|
|
|
|
"value": "netcorpscanprotect.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104441",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5deaf9-e390-42d9-98b3-4511950d210f",
|
|
|
|
"value": "94.177.12.157"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104441",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deaf9-6130-46ac-bc41-47b4950d210f",
|
|
|
|
"value": "zpfgr.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104442",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5deafa-a520-4f9d-a97f-4d60950d210f",
|
|
|
|
"value": "94.177.12.74"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104442",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deafa-b4c0-4fca-9b1f-4ba4950d210f",
|
|
|
|
"value": "connectsmd.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104443",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5deafb-f7a8-485f-a305-4cbb950d210f",
|
|
|
|
"value": "ckgob.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104443",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5deafb-08cc-4537-890e-414e950d210f",
|
|
|
|
"value": "88.99.21.169"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104538",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "whois-registrant-email",
|
|
|
|
"uuid": "5a5deb5a-d0fc-453a-a5d9-489b950d210f",
|
|
|
|
"value": "le0nard0@mail.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104539",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "whois-registrant-email",
|
|
|
|
"uuid": "5a5deb5b-767c-49fc-bb8f-49e9950d210f",
|
|
|
|
"value": "bertfuhrmann@gmx.de"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104539",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "whois-registrant-email",
|
|
|
|
"uuid": "5a5deb5b-8e34-448f-91fb-4a6c950d210f",
|
|
|
|
"value": "manuel.herez@centrum.cz"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104540",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "whois-registrant-email",
|
|
|
|
"uuid": "5a5deb5c-701c-41cf-a0d4-4498950d210f",
|
|
|
|
"value": "cameron_gordon@centrum.cz"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104540",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "whois-registrant-email",
|
|
|
|
"uuid": "5a5deb5c-3f7c-4619-a3db-422b950d210f",
|
|
|
|
"value": "ernesto.rivero@mail.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104541",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "whois-registrant-email",
|
|
|
|
"uuid": "5a5deb5d-e5f4-41ee-b3b1-4590950d210f",
|
|
|
|
"value": "olavi_nieminen@suomi24.fi"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Payload delivery",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104541",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "whois-registrant-email",
|
|
|
|
"uuid": "5a5deb5d-0858-429c-86ed-4ff3950d210f",
|
|
|
|
"value": "luc_ma@iname.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104713",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec09-d1cc-436a-82f5-4452950d210f",
|
|
|
|
"value": "dmsclock.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104713",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec09-00a8-407b-97cb-4de7950d210f",
|
|
|
|
"value": "89.187.151.16"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104714",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec0a-694c-4ea8-bf32-421e950d210f",
|
|
|
|
"value": "systemfromcuriousmoment.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104714",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec0a-3ba4-4130-8e4f-41d6950d210f",
|
|
|
|
"value": "185.86.150.188"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104714",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec0a-5de4-4a46-b062-4baa950d210f",
|
|
|
|
"value": "driverfordell.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104715",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec0b-7610-4a5c-9b80-4d70950d210f",
|
|
|
|
"value": "5.255.80.50"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104715",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec0b-8794-4b86-b6f5-4590950d210f",
|
|
|
|
"value": "hostsvcnet.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104716",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec0c-1698-4d87-bdbd-495a950d210f",
|
|
|
|
"value": "185.94.190.199"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104716",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec0c-d9e0-4f0b-a0bb-40de950d210f",
|
|
|
|
"value": "intelstatistics.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104716",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec0d-ccb0-46ce-8c91-40ab950d210f",
|
|
|
|
"value": "5.135.199.10"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104717",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec0d-7150-4857-8097-4e5b950d210f",
|
|
|
|
"value": "knightconsults.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104717",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec0d-61e0-4718-8d78-4404950d210f",
|
|
|
|
"value": "174.128.253.215"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104718",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec0e-62e8-4215-b8ff-412f950d210f",
|
|
|
|
"value": "lopback.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104718",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec0e-c9ac-4d4e-a9ef-4f5f950d210f",
|
|
|
|
"value": "185.86.150.151"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104718",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec0e-61a4-40a0-b316-491e950d210f",
|
|
|
|
"value": "nethostnet.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104719",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec0f-5c38-4d8a-9d88-4bee950d210f",
|
|
|
|
"value": "86.105.1.12"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104719",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec0f-1bc4-4a8d-9e98-4196950d210f",
|
|
|
|
"value": "perfect-remote-service.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104720",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec10-52a8-4562-815d-4ebc950d210f",
|
|
|
|
"value": "188.241.68.175"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104720",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec10-0f44-4341-90de-4092950d210f",
|
|
|
|
"value": "probenet.eu"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104720",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec10-fbbc-4796-a000-40ef950d210f",
|
|
|
|
"value": "86.105.1.114"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104721",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec11-aa90-4fbf-8668-46fb950d210f",
|
|
|
|
"value": "remonitor.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104721",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec11-fdb4-4a07-b615-42da950d210f",
|
|
|
|
"value": "185.94.192.101"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104722",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec12-566c-4636-aeb3-41f3950d210f",
|
|
|
|
"value": "societyatcuriousteacher.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104722",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec12-049c-44a5-8f0d-4cd6950d210f",
|
|
|
|
"value": "spelns.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104722",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec12-af94-4539-92c1-4e3a950d210f",
|
|
|
|
"value": "89.44.103.18"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104723",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec13-3588-4d2b-bc4e-46de950d210f",
|
|
|
|
"value": "unitedprosoftcompany.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104723",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec13-5360-4b7a-817e-4999950d210f",
|
|
|
|
"value": "95.153.31.197"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104835",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec83-b510-42c1-9000-4df4950d210f",
|
|
|
|
"value": "90update.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104836",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec84-7140-4201-8f2b-4c6e950d210f",
|
|
|
|
"value": "213.252.244.105"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104836",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec84-55a4-449e-b4ad-4533950d210f",
|
|
|
|
"value": "aljazeera-news.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104837",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec85-9a44-4bfe-99de-4d4d950d210f",
|
|
|
|
"value": "213.252.244.114"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104837",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec85-2ec0-4717-a571-46fd950d210f",
|
|
|
|
"value": "ambcomission.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104838",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec86-9f6c-4562-85dd-415f950d210f",
|
|
|
|
"value": "185.25.51.38"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104838",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec86-bb04-45d4-bf71-4048950d210f",
|
|
|
|
"value": "cryptokind.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104838",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec86-598c-4136-8df3-4cec950d210f",
|
|
|
|
"value": "213.252.246.24"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104839",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec87-ca40-4461-953b-4014950d210f",
|
|
|
|
"value": "deshcoin.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104839",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec87-d6c0-4e32-9fd7-476f950d210f",
|
|
|
|
"value": "185.25.48.249"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104840",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec88-b2ec-4d09-b552-422c950d210f",
|
|
|
|
"value": "dochardproofing.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104840",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec88-2010-49ba-9452-4c09950d210f",
|
|
|
|
"value": "185.25.51.173"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104841",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec89-8ab8-4acc-bdc8-4107950d210f",
|
|
|
|
"value": "ebramka.info"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104841",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec89-b4a8-4297-88de-4fbd950d210f",
|
|
|
|
"value": "185.25.50.156"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104842",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec8a-62d8-42a1-b520-40ed950d210f",
|
|
|
|
"value": "fes-auth.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104842",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec8a-d078-4166-8004-47d5950d210f",
|
|
|
|
"value": "91.108.68.209"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104842",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec8a-9ffc-421f-8192-4a42950d210f",
|
|
|
|
"value": "hello76.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104843",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec8b-74b4-495a-879c-4190950d210f",
|
|
|
|
"value": "185.64.105.7"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104843",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec8b-2328-4f6e-bc5e-4df1950d210f",
|
|
|
|
"value": "hostedopenfiles.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104844",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec8c-9c08-44e4-aae1-475f950d210f",
|
|
|
|
"value": "185.25.50.93"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104844",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec8c-9848-4f12-9d60-47a0950d210f",
|
|
|
|
"value": "kiteim.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104845",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec8d-8000-4e9d-94db-4223950d210f",
|
|
|
|
"value": "5.255.80.68"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104845",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec8d-9cbc-4543-914a-41ee950d210f",
|
|
|
|
"value": "kremotevn.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104846",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec8e-62e8-405f-b58b-4666950d210f",
|
|
|
|
"value": "86.105.1.128"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104846",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec8e-92f4-4ea0-824b-487b950d210f",
|
|
|
|
"value": "lasarenas.lt"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104847",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec8f-e274-4ed5-9ba1-4d31950d210f",
|
|
|
|
"value": "91.216.163.204"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104847",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec8f-6e74-4ba5-a3ff-40a8950d210f",
|
|
|
|
"value": "megauploadfiles.org"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104848",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec90-4bc8-4db4-a9c8-42f8950d210f",
|
|
|
|
"value": "5.135.199.24"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104848",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec90-0f8c-47c8-837a-4923950d210f",
|
|
|
|
"value": "nemaskalitnium.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104849",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec91-d268-4585-80ad-4fbb950d210f",
|
|
|
|
"value": "173.44.58.240"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104849",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec91-7fa8-471b-ae4d-4264950d210f",
|
|
|
|
"value": "networkfilehosting.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104850",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec92-4b20-4826-897f-4d2e950d210f",
|
|
|
|
"value": "213.252.247.167"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104850",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec92-59a4-4b8d-b730-433f950d210f",
|
|
|
|
"value": "news-almasirah.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104851",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec93-0cc8-4564-b794-4ff3950d210f",
|
|
|
|
"value": "213.252.244.115"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104851",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec93-0194-4657-96d3-4c99950d210f",
|
|
|
|
"value": "newsfromsource.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104851",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec94-189c-4904-a7e9-43db950d210f",
|
|
|
|
"value": "91.216.163.224"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104852",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec94-7adc-462f-adbb-4c8a950d210f",
|
|
|
|
"value": "platnosci.biz"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104852",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec94-666c-4f5c-a787-4e5d950d210f",
|
|
|
|
"value": "213.252.247.121"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104853",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec95-2a70-4932-8d9e-484b950d210f",
|
|
|
|
"value": "postmarksmtp.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104853",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec95-6aec-4d18-a41f-42c1950d210f",
|
|
|
|
"value": "185.25.51.120"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104854",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec96-e758-42dc-9c9c-4cb3950d210f",
|
|
|
|
"value": "remsvc.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104854",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec96-7c1c-48cd-abf4-425e950d210f",
|
|
|
|
"value": "91.108.68.180"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104855",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec97-ba64-4951-9286-45f8950d210f",
|
|
|
|
"value": "rhfcoin.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104855",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec97-9a74-4f84-b658-4c9f950d210f",
|
|
|
|
"value": "91.216.163.229"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104855",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec97-8840-4f94-9aa2-4ee6950d210f",
|
|
|
|
"value": "sa7efa.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104856",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec98-3d70-4a9d-ba68-4e60950d210f",
|
|
|
|
"value": "91.216.163.237"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104856",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec98-9fd0-4bee-b0a8-416c950d210f",
|
|
|
|
"value": "searchbrain.net"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104857",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec99-00e0-4247-a5a0-443c950d210f",
|
|
|
|
"value": "91.216.163.203"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104857",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec99-0a20-4898-b89b-4c6a950d210f",
|
|
|
|
"value": "serbview.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104858",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec9a-7d78-4cd3-94b5-48a2950d210f",
|
|
|
|
"value": "5.255.93.224"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104858",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec9a-2588-4ab6-b70c-457f950d210f",
|
|
|
|
"value": "startthedownload.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104859",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec9b-40bc-4f31-aa8f-4763950d210f",
|
|
|
|
"value": "213.252.247.168"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104859",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec9b-4218-4f0c-b05c-4182950d210f",
|
|
|
|
"value": "showitem.lt"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104860",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec9c-a4ec-451e-9d21-42c7950d210f",
|
|
|
|
"value": "213.252.247.159"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104860",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec9c-e000-4621-a429-4188950d210f",
|
|
|
|
"value": "uploadsforyou.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104860",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec9c-6864-418d-b7de-4eb7950d210f",
|
|
|
|
"value": "185.25.50.144"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104861",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "domain",
|
|
|
|
"uuid": "5a5dec9d-9ee0-4843-b277-4673950d210f",
|
|
|
|
"value": "wintwinbtc.com"
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"category": "Network activity",
|
|
|
|
"comment": "",
|
|
|
|
"deleted": false,
|
|
|
|
"disable_correlation": false,
|
|
|
|
"timestamp": "1516104861",
|
|
|
|
"to_ids": true,
|
|
|
|
"type": "ip-dst",
|
|
|
|
"uuid": "5a5dec9d-c9f8-4d9f-b28a-4274950d210f",
|
|
|
|
"value": "185.25.48.27"
|
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
]
|
2023-12-14 14:30:15 +00:00
|
|
|
}
|
2023-04-21 13:25:09 +00:00
|
|
|
}
|