misp-circl-feed/feeds/circl/misp/5d01f1fa-cc24-4adb-b6b6-4c88950d210f.json

1 line
105 KiB
JSON
Raw Permalink Normal View History

2023-12-14 14:30:15 +00:00
{"Event": {"info": "OSINT - TA505 once again launched an offensive", "Tag": [{"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:threat-actor=\"TA505\""}, {"colour": "#3b0020", "exportable": true, "name": "workflow:todo=\"expansion\""}, {"colour": "#002642", "exportable": true, "name": "osint:source-type=\"microblog-post\""}, {"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#0071c3", "exportable": true, "name": "osint:lifetime=\"perpetual\""}, {"colour": "#0087e8", "exportable": true, "name": "osint:certainty=\"50\""}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}], "publish_timestamp": "0", "timestamp": "1560411463", "Object": [{"comment": "", "template_uuid": "8ec8c911-ddbe-4f5b-895b-fbff70c42a60", "uuid": "5d01f635-5f40-4b48-8510-4009950d210f", "sharing_group_id": "0", "timestamp": "1560410194", "description": "Microblog post like a Twitter tweet or a post on a Facebook wall.", "template_version": "6", "ObjectReference": [{"comment": "", "object_uuid": "5d01f635-5f40-4b48-8510-4009950d210f", "uuid": "5d01f852-3880-4216-ad00-4605950d210f", "timestamp": "1560410194", "referenced_uuid": "5d01f830-fcd4-4cec-9d3d-4158950d210f", "relationship_type": "contains"}], "Attribute": [{"comment": "", "category": "Other", "uuid": "5d01f635-a958-4d5a-8a9d-40b8950d210f", "timestamp": "1560409653", "to_ids": false, "value": "#TA505 once again launched an offensive. This time, the bill-themed email was launched for Chinese users. This time, the Excel 4.0 macro and the back door of the same family are still used.\r\n\r\n(link: https://www.virustotal.com/gui/file/d538b3aa5da1d0e506b531fb5c1ef514f7251e7f922857b21167767b11c57ce6/detection) virustotal.com/gui/file/d538b\u2026", "disable_correlation": false, "object_relation": "post", "type": "text"}, {"comment": "", "category": "Other", "uuid": "5d01f635-b3ac-49cd-adc1-45d9950d210f", "timestamp": "1560409653", "to_ids": false, "value": "Twitter", "disable_correlation": true, "object_relation": "type", "type": "text"}, {"comment": "", "category": "Network activity", "uuid": "5d01f635-dc30-49c2-b45c-4383950d210f", "timestamp": "1560409653", "to_ids": true, "value": "https://mobile.twitter.com/RedDrip7/status/1138764217123655680", "disable_correlation": false, "object_relation": "url", "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5d01f635-be8c-4f63-a126-4117950d210f", "timestamp": "1560409653", "to_ids": true, "value": "https://t.co/2RTo3djsqt?amp=1", "disable_correlation": false, "object_relation": "link", "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5d01f635-82e4-48a6-a760-41f8950d210f", "timestamp": "1560409653", "to_ids": true, "value": "https://www.virustotal.com/gui/file/d538b3aa5da1d0e506b531fb5c1ef514f7251e7f922857b21167767b11c57ce6/detection", "disable_correlation": false, "object_relation": "link", "type": "url"}, {"comment": "", "category": "Other", "uuid": "5d01f635-03e8-475f-b619-49a9950d210f", "timestamp": "1560409653", "to_ids": false, "value": "RedDrip7", "disable_correlation": false, "object_relation": "username", "type": "text"}, {"comment": "", "category": "Other", "uuid": "5d01f635-a488-49c7-81ce-4ad1950d210f", "timestamp": "1560409653", "to_ids": false, "value": "Informative", "disable_correlation": true, "object_relation": "state", "type": "text"}, {"comment": "", "category": "Other", "uuid": "5d01f635-225c-4350-b0df-4984950d210f", "timestamp": "1560409653", "to_ids": false, "value": "Jun 12, 2019 1:05 PM", "disable_correlation": false, "object_relation": "creation-date", "type": "datetime"}], "distribution": "5", "meta-category": "misc", "name": "microblog"}, {"comment": "", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5d01f7ef-5530-4732-abf6-4795950d210f", "sharing_group_id": "0", "timestamp": "1560410095", "description": "File object describing a file with meta-information", "template_version": "17", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5d01f7ef-90e4-4f7c-9ca1-4575950d210f", "timestamp": "1560410095", "to