misp-circl-feed/feeds/circl/misp/5c5331ac-c160-4a17-a34f-3da568f8e8cf.json

207 lines
5.7 KiB
JSON
Raw Permalink Normal View History

2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "0",
"date": "2019-01-31",
"extends_uuid": "",
"info": "2019-01-31: ISFB v2 Installs Dridex \"3101\"",
"publish_timestamp": "1548966939",
"published": true,
"threat_level_id": "2",
"timestamp": "1548966934",
"uuid": "5c5331ac-c160-4a17-a34f-3da568f8e8cf",
"Orgc": {
"name": "VK-Intel",
"uuid": "5bfa439e-c978-4dcd-b474-73f568f8e8cf"
},
"Tag": [
{
"colour": "#20ad13",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "Banker: Gozi ISFB v2",
"relationship_type": ""
},
{
"colour": "#6f236b",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "Banker: Dridex",
"relationship_type": ""
},
{
"colour": "#bcdb18",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "Botnet \"3101\"",
"relationship_type": ""
},
{
"colour": "#000000",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "10291029JSJUYNHG",
"relationship_type": ""
},
{
"colour": "#0088cc",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:malpedia=\"Dridex\"",
"relationship_type": ""
},
{
"colour": "#004646",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#0071c3",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "osint:lifetime=\"perpetual\"",
"relationship_type": ""
},
{
"colour": "#0087e8",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "osint:certainty=\"50\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
2024-04-05 12:15:17 +00:00
"local": false,
2023-12-14 14:30:15 +00:00
"name": "tlp:white",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956076",
"to_ids": true,
"type": "md5",
"uuid": "5c5331ac-9784-4e2e-8d87-3da568f8e8cf",
"value": "dc0cf61f5118914e13699fc94419815a"
},
{
"category": "Payload installation",
"comment": "ISFB v2 Unpacked",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956643",
"to_ids": true,
"type": "md5",
"uuid": "5c5333e3-bdc0-4d4d-88bc-3a8868f8e8cf",
"value": "dc0cf61f5118914e13699fc94419815a"
},
{
"category": "Payload installation",
"comment": "ISFB v2 Loader packed",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956664",
"to_ids": true,
"type": "md5",
"uuid": "5c5333f8-415c-4a90-9d03-3a8768f8e8cf",
"value": "d81e207b6ab5630b9f77b8ef383d9adc"
},
{
"category": "Payload installation",
"comment": "Dridex Loader 3101",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956738",
"to_ids": true,
"type": "md5",
"uuid": "5c533442-dcc4-4cf9-96b3-3da768f8e8cf",
"value": "80c732191c362d74f1bad004335e4432"
},
{
"category": "Payload installation",
"comment": "Dridex Hooker",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956766",
"to_ids": true,
"type": "md5",
"uuid": "5c53345e-faf4-4d87-a9d4-3daa68f8e8cf",
"value": "d987c99fb2afc70bf0df8e05216da356"
},
{
"category": "Network activity",
"comment": "Gozi ISFB v2 Config",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956800",
"to_ids": true,
"type": "domain",
"uuid": "5c533480-1348-48e5-a808-512d68f8e8cf",
"value": "taileenanahi.company"
},
{
"category": "Network activity",
"comment": "Gozi ISFB v2 Config",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956800",
"to_ids": true,
"type": "domain",
"uuid": "5c533480-206c-40d1-9d3c-512d68f8e8cf",
"value": "f60vinnie75.city"
},
{
"category": "Network activity",
"comment": "Gozi ISFB v2 Config",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956800",
"to_ids": true,
"type": "domain",
"uuid": "5c533480-1eb8-458f-8481-512d68f8e8cf",
"value": "h5441eqzey.fun"
},
{
"category": "Network activity",
"comment": "Dridex 3101 Config",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956877",
"to_ids": true,
"type": "url",
"uuid": "5c5334cd-ffdc-4fd3-8666-3a8f68f8e8cf",
"value": "185.236.76.35:443"
},
{
"category": "Network activity",
"comment": "Dridex 3101 Config",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956877",
"to_ids": true,
"type": "url",
"uuid": "5c5334cd-32e4-47ec-90a2-3a8f68f8e8cf",
"value": "185.158.251.13:443"
},
{
"category": "Network activity",
"comment": "Dridex 3101 Config",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548956877",
"to_ids": true,
"type": "url",
"uuid": "5c5334cd-93e0-4733-a743-3a8f68f8e8cf",
"value": "5.188.232.210:443"
},
{
"category": "Payload installation",
"comment": "ISFB v214.06 Loader Unpacked",
"deleted": false,
"disable_correlation": false,
"timestamp": "1548957342",
"to_ids": true,
"type": "md5",
"uuid": "5c53369e-a31c-4875-9c94-513268f8e8cf",
"value": "96deee3639b433eedebbbbc15ee56787"
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}