adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5e67e70a-9666-4c32-b3ec-4b51d43a8e4b.json

373 lines
1.2 MiB
JSON
Raw Permalink Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2022-06-01",
"extends_uuid": "",
"info": "Sample Linux miner - XMring",
"publish_timestamp": "1654067784",
"published": true,
"threat_level_id": "1",
"timestamp": "1654067773",
"uuid": "5e67e70a-9666-4c32-b3ec-4b51d43a8e4b",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#0088cc",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:mitre-attack-pattern=\"Leverage compromised 3rd party resources - T1375\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:mitre-attack-pattern=\"Application or System Exploitation - T1499.004\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:mitre-attack-pattern=\"Resource Hijacking - T1496\"",
"relationship_type": ""
},
{
"colour": "#004646",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#0071c3",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "osint:lifetime=\"perpetual\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:white",
"relationship_type": ""
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "Object describing a Executable and Linkable Format",
"meta-category": "file",
"name": "elf",
"template_uuid": "fa6534ae-ad74-4ce0-8f23-15a66c82c7fa",
"template_version": "5",
"timestamp": "1654067521",
"uuid": "c00a4152-4bb4-4d06-ac6e-12af821f773d",
"Attribute": [
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "type",
"timestamp": "1654067521",
"to_ids": false,
"type": "text",
"uuid": "f303e90d-75a8-4d23-b1ca-2e1122087af7",
"value": "DYNAMIC"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entrypoint-address",
"timestamp": "1654067521",
"to_ids": false,
"type": "text",
"uuid": "8912305f-25b0-4ecb-802f-bf7245b5e992",
"value": "940656"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "arch",
"timestamp": "1654067521",
"to_ids": false,
"type": "text",
"uuid": "e8d91314-1769-40ef-b396-b511bcfcbd68",
"value": "x86_64"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "os_abi",
"timestamp": "1654067521",
"to_ids": false,
"type": "text",
"uuid": "d36ea4b8-d8be-44db-b799-6532ece94f62",
"value": "SYSTEMV"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "number-sections",
"timestamp": "1654067521",
"to_ids": false,
"type": "counter",
"uuid": "e7cba7a4-09a7-4568-9d31-a4665c33ebe0",
"value": "0"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "20",
"timestamp": "1654067522",
"uuid": "9cff63dc-2a41-42e9-aa0f-de04ebd5770f",
"ObjectReference": [
{
"comment": "ELF indicators",
"object_uuid": "9cff63dc-2a41-42e9-aa0f-de04ebd5770f",
"referenced_uuid": "c00a4152-4bb4-4d06-ac6e-12af821f773d",
chg: [feed] added
2023-04-21 13:25:09 +00:00
"relationship_type": "includes",
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"timestamp": "1654067522",
"uuid": "edaba6ce-9947-4fa1-a0d2-7d2c7cc0ef4d"
}
],
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1654067521",
"to_ids": true,
"type": "filename",
"uuid": "fc161ef2-f66c-4aa6-a175-ee676e5fbe0e",
"value": "31fe8c12206d590afe61ebaff9d277793af34c8f201e9025f10d7a44a7f52e35"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1654067521",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "838e1e95-69ea-44b6-a5a0-95e6f3a09adf",
"value": "945904"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "entropy",
"timestamp": "1654067521",
"to_ids": false,
"type": "float",
"uuid": "c8eda78d-6ce5-450b-a229-4fe7fcdb8a54",
"value": "7.9996700818425"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1654067521",
"to_ids": true,
"type": "md5",
"uuid": "9fd06713-cbc0-49d0-9673-89d683164c37",
"value": "a3d50f130c57b5f9b3c81bb237912c83"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1654067521",
"to_ids": true,
"type": "sha1",
"uuid": "12797d41-7e16-4711-81a6-d505356b2212",
"value": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1654067521",
"to_ids": true,
"type": "sha256",
"uuid": "dbe88b9a-c9f4-4c82-8c15-4dd93682aeb1",
"value": "31fe8c12206d590afe61ebaff9d277793af34c8f201e9025f10d7a44a7f52e35"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha512",
"timestamp": "1654067521",
"to_ids": true,
"type": "sha512",
"uuid": "86334c38-72d1-4aa2-8645-ee0135d10922",
"value": "8a402df5632b6a85535d5532e46d8c3a52c0ffaf5dbaed6f58a19e64177bb91a231efa82262b1a10b2e5226521391cbfd0855984c3e29ca487a99a3e0b690c5c"
},
{
"category": "Payload delivery",
"comment": "",
"data": "UEsDBBQACQAIAIE5wVS0KYLX9GoOAPBuDgAgABwAYTNkNTBmMTMwYzU3YjVmOWIzYzgxYmIyMzc5MTJjODNVVAkAA0IRl2JCEZdidXgLAAEEIQAAAAQhAAAANI50tEvfO9bLL1z6K+tY4cGB/fOzPTBA4rFYSEjvtgHJna1gxRh/BLwrUPLsYzb0Js79Ggutx/MA9mMBrT8353/pQ53Zx2XsZtynUF4wJCmw6HPlpfGUyi2eWIgRnwZ/SsA4df9wAZBjIwhXkN54bdrQXXB3yOydOx9UvNTN3KLtAe66MiRilLPtjF8m7OXk630crFBd8W/Z3b0Ykl2xVpCllpzJOK0CWS6PPZTwENf8/Wsp7qUoPakzl+epV2xu5bhDUP6sJiHRiKh0Fh25qlh3v9cdCijl+54sSg5eynawnpD1fwJJGH15e5TWHQ0rcy0rgWR1xzE3BF+dpJfbwIY0Dt5Qwhc7w9x44p7U/WbsaesYIM6wrYMjoN+oKuCauKnsd7pcSy5H21yVQUZ8/OzgwTj00oZZUM43Zpgm4fv/ov8+5cxUWgbj7mIcVRAR6JhEsRagWsuoOQy/UaBoly+edhMCuxlUEw/6TosvHN5bdGiv6nofFuFCj4Gdjp5FHY6SfI3iRgloZRAi+RjU5QOxSqIIPvTArCX1eP4heTR/SarY51Dy0F5L3RtNWPejRGYg+F9lLxwa4GpwqOZXURkQpuXTqunSctSsriiBgoSBtmvMFOrdF4DXlT8sM3WbWvqiYCEKUtTaXxB8bE5OnIjgS7i+1tqe5nR56+c7XDmzjrZ7Lgb974K07VWsx+VzAp2a4WlaunoDGV+vwkWzWMvMJUERRQwKI4L+CZ+VIGlSCyMuWYG6tTPSS/j3ATEs8JilI1ysi6moQ+owTHfTK3JGMo5JcKUICyhb4qv94nyVOJC7KJs5OZl62WTYCs7gqBatDT2iH3C1u8OzG/sD5KMDJa/6sVEbcAbk9RKDEMeeDSfpfuC4HFxumWFR47wIOxf+MMVgoErXKiepP8PQxfHFSn78FR4JSZ706ELTt4cXESY/t5W7GOGtyqFKewMUBJuPdwtaRlo+zfII1Wk6FVVW25R9Z/+5tabCTsyEpNhil4Gym77czCg1MEOZaAWNFoGz8g1hvL4Iw3pE1x3TbqbtWgbNCd4Lwl1Lz5E/1+ZvjcpwKTWxlwO9IeKJSPS77Bo+L6fbNf/hH2luN5whJvM9275sJA4dmB9ekgJr0SQhmbu3zrhs4IyQ8m/+gsrrG2SuiTfFMM2qmG4QuwVDc08KWzG9TJQvLXytTx1BIdeyD61loeMtu6WI6H5RUfDXz0FOwL6ghhmwOV0hZioEwV7/7B18uV6cp+LYE0frPUaOO4WAJWZ3/bwZs0Yd6C/voY5kJRRWN/fV76NiMdn+5y+c16jyhrGFOcpsgn19Y5w+UmTLAxHaC+JhpzAAZ31Txz11Q09BiZkUPf/sDkLYhzQltYcbrgDlSzgooWEWGzowVLMLsQiWbuqmpl29E7wqwN39+thQqwVwveLfmGAu+VtJLCb9yccmE7MCmtsrtO/Zb2OQmA+190grF2I5cenhi0AboisJUiyPaVDpMXECb8Qw3dS22tcDVvPe38epkpc/sudmH/KXGXAtyfueYIWox8q4jVRGV96fKeUcMNnXlWuzszhrjb7l3omn4PdOBlwvBANA5Qm/J8onn30D5alQsGkLfKsi2oZ+XM/b7i45LMP/T+MF7P8XP/kTjDjfM6cE3411ZICMi2I8NBkk1qojTH5Ngvp2D9nhOM3uArdUleeXdyEZAnaH2o82NDHrh1dsvhl3hWQovmY6JJSAND2NFfgTDgQw2qHlUOx01jzIGlBYB/x7SpR95MT+pFbNXjilAH6SEf6rlD8zzqTA0t6EVU6PZdiuR4fjluRmi3EdUjjYh5tyFbAtEIBkk0ezqWyR1v0lWFBl610rQUbaMxceE0rZawRB+Mu8B3iQ6eLVIrJB4E8foTPHqAnfKmFfnOpetFjzZOsw2QdyTG0hlxkCIgaBhT7QsEkEt8hzB+STXeqs+yVpR5W5WxT2j93VshLVSsp/t6WA3ciB9jjwlQeGa0D9DBkues++w3flikr2OeumXJi/fwopvx/z24s2yzBaDBx8FH6I01oS7HSzSxR0xfITPuYMw8AWVNd48FODYtZXBWNM8XVQ8luNBZtkLPsWzCHB93wGWXLWBimZnW3TvhbmmmL6lg9jgz04X8qxEQSirzoevcJzZnO6N+8LtOsrBwWgJWEn8GfIgNqWZq4fowH2lSzQr4w4NBmCFXMM34RYQJr6Pft2D2rUJuPqOJvmiUg+0U8cVYfRuSZU4Vbg66wt67+SS5cCYb3X+BOwC3I96//Ezgx9ZlW3PQVkQgbgwZa7Vjt/v25lojTm2HqF/iM3gyLxwYwpLxPEmz2FjtacwF31ruqlGQH1LbkGHlRHLUSsJ/nLsDhoOjXn/ljUqFg9n4IHpK9N2IGoeXI5W8kGeIaKvLTnbiaAE3x0+mqR4gIeAQs69E/edLluOu/aP8/t458SoXSYc2Gc8qZNLD2hHmHX/nPb2kACxGt9vrjPVXF+QRZXy1bZZkra6sawEl6GTsThxqebMlkdPp+nfPzogFSNUy+Ax1KBUf3ZkCYTMewW5T8OgzUDefUnZRLkWPcRJOQY/TtjKUukjhXGuVRZYo3IwlCCHx9wu7qrQFY6Ea0jor9ppFNamPmQ61ke+KQqOSXnEbZFNKqf0+CmFELVGtjDkWtkq5QXfQYP2ly8nyGSmNisl3VAKsFcOzh0AXuG6B5ssrl0db8b90jPdMzTTW+IQk22LbIwx9AwOD3c4I9q2MA2vRwHDNiTCo0KtwNgQo1bIq1y2p8I+d1RgtBwXgpUbrbcHhGRqe5awCEtGxemSBRQun1bOILxh6YbGPWfRfni5N3EkHzc5Y7ktObojYMIXSbze3+QQZl9fYdxbKE6Ci1iq7hjNVs/nGfoHNJfoYPydNIUzwSu1d+ZBKBtzQjqN3fO8Hj2S+6Gi43CMInRbYWwPyvYndgBJYddgoTgNlXjHNE60k3he3TJQlKHHcOTl3QE9CUtJHeJH6t0lByxesjn2pARkdhslmbLH24ohz37opGEzlPjlrxWayzSsw2NDv51JLlKyFjT9Wvz9/GPz9F0xp/Wlas5jzQNkTGyXwwOyjM6vdcOxpJiqzCymJMp0Ej1nXz4cuAiNlJhPne2q1jzW/67NKuWxB2Wi7x7d/FyjPE9UDuONl2JQJwwga25QmDn/IF/Fl0e8QLu4VfhU1pRp9dhwEgVm9Nz6RvF7EjxsSgqTPZKQhniqQIXdSHzGiJYAUqAQgKCiGF49a2mBwi/21XDO8/qvSCRLPbKcIzMCufmFHOhMH/B/DZ94O4RHuXXe08kd/iH+Mlr6KN1aRcB4nY1dTv7adFh3L8eOlplaCq/FO0RTocStRPxkKaOZgGt0dFTNBhU24BmIPgb9H6EatNTXwK8l0e2infhzpykQq6h/5zVGxMIgaPGFmyt5Q/cRWPun6rK+aoxvZVRK06kY0o6Ltm3H8nE2mRZqSYbI9yQvlrWfUnAUZ3ANRGj0LwDiNdFZ67XRflEIAWh97o/qhI6zB0NHZ/ZXWEbmwBwWE7YPfwLnKdYcGLuUFLB9dogwpjqMgu1604NT131evUmoA6No5sNkYOw+zTLwU5wI8jFYt7uGJNjq0GiYqB1J+yxzS6AtMvYBPKbsyU67a+N6vp9ZhDlxfAGZULQqxkW8TFSpjSVjEoOBzreHEw/+Ba7MJ8ycnyGsPIxJd+KSdTZiiwYeSBrzcYmFDVtF6P/uC5y38tXXm6hv9xY+n/KM/i+qVHy7KLs8BnXUCA8GopJvnsJLt+ZZlna1bDwTprlFfke7XuUBzUZ8DZymwg7HIUfJHdxRO1XC7zu1AnYyFhZx9dR90Wqugs4qavIkLgEs9vCJXGOgFUwdZ0aziD3GYMGV5drJ1+9CliDPt7g73k8MunKhIwSe034w2wJmi/xSw3HgOmi+Jn+JMtngveObSpcsfagy7rEeMTg74xstn
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1654067522",
"to_ids": true,
"type": "malware-sample",
"uuid": "207a552c-9f09-4851-a696-e0072e8fbf1b",
"value": "31fe8c12206d590afe61ebaff9d277793af34c8f201e9025f10d7a44a7f52e35|a3d50f130c57b5f9b3c81bb237912c83"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "mimetype",
"timestamp": "1654067522",
"to_ids": false,
"type": "mime-type",
"uuid": "623343ad-4582-4763-88dc-7875ca916a22",
"value": "ELF 64-bit LSB shared object, x86-64, version 1 (SYSV)"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "ssdeep",
"timestamp": "1654067522",
"to_ids": true,
"type": "ssdeep",
"uuid": "3254d934-4759-4c5c-93d6-0bbdaac0f88e",
"value": "24576:yn7lwq/OfYQ2e7fXF1geyzUBjp5XLU8E0sM+E7DOoI:YDdeZihzUBfL9sMRCR"
}
]
},
{
"comment": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73: Enriched via the virustotal module",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "4",
"timestamp": "1654067549",
"uuid": "a09b02e5-99ed-48fe-8ca8-65efa7a084e2",
"Attribute": [
{
"category": "External analysis",
"comment": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73: Enriched via the virustotal module",
"deleted": false,
"disable_correlation": true,
"object_relation": "permalink",
"timestamp": "1654067549",
"to_ids": false,
"type": "link",
"uuid": "bd2689e5-4c6e-49cb-bea2-a1880a8b7fa7",
"value": "https://www.virustotal.com/gui/file/31fe8c12206d590afe61ebaff9d277793af34c8f201e9025f10d7a44a7f52e35"
},
{
"category": "Other",
"comment": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73: Enriched via the virustotal module",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1654067549",
"to_ids": false,
"type": "text",
"uuid": "47dbcc3d-0e56-44d3-913a-9a13e085cef7",
"value": "14/59"
}
]
},
{
"comment": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73: Enriched via the virustotal module",
"deleted": false,
"description": "VirusTotal report",
"meta-category": "misc",
"name": "virustotal-report",
"template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4",
"template_version": "4",
"timestamp": "1654067549",
"uuid": "24c72dcd-a2d4-4283-8e2d-ed7a438fc3f0",
"Attribute": [
{
"category": "External analysis",
"comment": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73: Enriched via the virustotal module",
"deleted": false,
"disable_correlation": true,
"object_relation": "permalink",
"timestamp": "1654067549",
"to_ids": false,
"type": "link",
"uuid": "0e94aa43-d907-4979-8e4e-8d7c13eeb00d",
"value": "https://www.virustotal.com/gui/ip_address/136.243.90.99"
},
{
"category": "Other",
"comment": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73: Enriched via the virustotal module",
"deleted": false,
"disable_correlation": true,
"object_relation": "detection-ratio",
"timestamp": "1654067549",
"to_ids": false,
"type": "text",
"uuid": "3a5db87d-c339-4549-bb8c-afcbcee798d3",
"value": "3/91"
}
]
},
{
"comment": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73: Enriched via the virustotal module",
"deleted": false,
"description": "A domain/hostname and IP address seen as a tuple in a specific time frame.",
"meta-category": "network",
"name": "domain-ip",
"template_uuid": "43b3b146-77eb-4931-b4cc-b66c60f28734",
"template_version": "10",
"timestamp": "1654067594",
"uuid": "3a6fbda8-bd96-48d0-842d-1d0b1c114e51",
"Attribute": [
{
"category": "Network activity",
"comment": "b8e9bb170890e44785cdfbb0b00ea4233ba6dd73: Enriched via the virustotal module",
"deleted": false,
"disable_correlation": false,
"object_relation": "ip",
"timestamp": "1654067594",
"to_ids": false,
"type": "ip-dst",
"uuid": "c4ade9f2-5e89-4667-91c6-7bef350cae87",
"value": "136.243.90.99"
}
]
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink