adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/c98a638f-29c5-4233-a283-34ddbcc40be4.json

329 lines
42 KiB
JSON
Raw Permalink Normal View History

chg: [feeder] updated
2023-12-14 13:47:04 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "0",
"date": "2023-12-06",
"extends_uuid": "",
"info": "AA23-339A Threat Actors Exploit Adobe ColdFusion CVE- 2023-26360 for Initial Access to Government Servers",
"publish_timestamp": "1701872210",
"published": true,
"threat_level_id": "3",
"timestamp": "1701872197",
"uuid": "c98a638f-29c5-4233-a283-34ddbcc40be4",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#68efec",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"f0a904f4-b3f5-4e42-b565-418dc6932d44\"",
"relationship_type": ""
},
{
"colour": "#51be74",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"e8b9ef62-f34a-4d8c-8095-196c7e6f607d\"",
"relationship_type": ""
},
{
"colour": "#d38736",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"84783d50-c513-428f-b288-17b4bd24821b\"",
"relationship_type": ""
},
{
"colour": "#53b733",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"2d41cc0d-be1b-47e5-8491-ada86f624ec4\"",
"relationship_type": ""
},
{
"colour": "#113234",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"a1fe1a1c-ae50-4812-a064-dbec116d1fc3\"",
"relationship_type": ""
},
{
"colour": "#bd998c",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"4ff7e674-9bdb-43bf-bce4-406351ac1188\"",
"relationship_type": ""
},
{
"colour": "#6eb6e0",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"4c312255-f721-4a07-b49a-006387d79a2d\"",
"relationship_type": ""
},
{
"colour": "#7fd8f6",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"7a388102-a1e3-4f69-99a0-23d4d2344312\"",
"relationship_type": ""
},
{
"colour": "#ecdd8b",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"23a9ad16-95c1-4b7d-98b8-049fdd9ef8b2\"",
"relationship_type": ""
},
{
"colour": "#90085c",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"75868d94-271e-4dac-8885-b51843a4c9d4\"",
"relationship_type": ""
},
{
"colour": "#fe0ad8",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"2fd37eac-035a-48f7-83da-cefa8937d859\"",
"relationship_type": ""
},
{
"colour": "#c7b048",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"be2cdeb0-048c-4aa2-8cee-0dba9687e975\"",
"relationship_type": ""
},
{
"colour": "#0e06f8",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"d6d7c433-a139-43b7-9f6c-8cc6e97b8a72\"",
"relationship_type": ""
},
{
"colour": "#e38422",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"c31d692e-0be1-4678-abf0-2e64dfb24890\"",
"relationship_type": ""
},
{
"colour": "#11d9bc",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"a6c90d18-9b9d-4bdf-9cfa-b0abb5889f86\"",
"relationship_type": ""
},
{
"colour": "#0ce7dd",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"f8695dd5-3fa7-40c8-941f-ee8f7d8d0080\"",
"relationship_type": ""
},
{
"colour": "#7640b6",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"9a9fd346-3ca7-42ee-874b-ba706dbdcb03\"",
"relationship_type": ""
},
{
"colour": "#9d71ee",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"22b606d1-33c8-4182-9ad1-9d5c7fbd7daf\"",
"relationship_type": ""
},
{
"colour": "#085f9e",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"96115b0f-f094-4ae6-bad4-e5a6715f48e0\"",
"relationship_type": ""
},
{
"colour": "#189e0b",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"9c44b26b-ebfa-402b-bf16-10fe3551bbc7\"",
"relationship_type": ""
},
{
"colour": "#d9e051",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"11d0fed1-9205-4d0f-85e5-d8b76cc3b3c1\"",
"relationship_type": ""
},
{
"colour": "#29cae6",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "misp-galaxy:stix-2.1-attack-pattern=\"351cb297-4ddc-4ee1-8e65-40b054834106\"",
"relationship_type": ""
},
{
"colour": "#004646",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#0071c3",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "osint:lifetime=\"perpetual\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#ffffff",
chg: [feed] updated
2024-04-05 12:15:17 +00:00
"local": false,
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"name": "tlp:clear",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"first_seen": "2023-06-02T00:00:00+00:00",
"timestamp": "1701723710",
"to_ids": true,
"type": "ip-dst",
"uuid": "e10f5ebe-8c4d-4ec9-8a17-63e07348efa5",
"value": "125.227.50.97"
}
],
"Object": [
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"first_seen": "2023-06-02T00:00:00+00:00",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "24",
"timestamp": "1701723710",
"uuid": "d267f6c6-a29b-47f6-8646-84496be09fa6",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1701860593",
"to_ids": true,
"type": "filename",
"uuid": "433c23b8-401b-4952-b2ae-d0e033467b66",
"value": "fscan.exe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1701860593",
"to_ids": true,
"type": "sha1",
"uuid": "ed4cc6a0-54d8-4644-b038-2eb8f8c3b447",
"value": "be332b6e2e2ed9e1e57d8aafa0c00aa77d4b8656"
}
]
},
{
"comment": "",
"deleted": false,
"description": "File object describing a file with meta-information",
"first_seen": "2023-06-02T00:00:00+00:00",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "24",
"timestamp": "1701723710",
"uuid": "2c455592-2569-4ca6-b6e1-a7ac9dd2745e",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "filename",
"timestamp": "1701860593",
"to_ids": true,
"type": "filename",
"uuid": "f961ef93-fce3-450b-ace2-6de47b8765b3",
"value": "eee.exe"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1701860593",
"to_ids": true,
"type": "md5",
"uuid": "99f8b6ff-78cb-4d24-80b3-ee3da6294d44",
"value": "ba69669818ef9ccec174d647a8021a7b"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1701860593",
"to_ids": true,
"type": "sha1",
"uuid": "c3cbb323-76ea-4eac-a2c6-ca3536276c83",
"value": "b6818d2d5cbd902ce23461f24fc47e24937250e6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1701860593",
"to_ids": true,
"type": "sha256",
"uuid": "59d40ba9-401c-4e48-838c-aa74a95bce09",
"value": "a3acb9f79647f813671c1a21097a51836b0b95397ebc9cd178bc806e1773c864"
}
]
},
{
"comment": "",
"deleted": false,
"description": "Object describing the original file used to import data in MISP.",
"meta-category": "file",
"name": "original-imported-file",
"template_uuid": "4cd560e9-2cfe-40a1-9964-7b2e797ecac5",
"template_version": "2",
"timestamp": "1701860630",
"uuid": "c09384c7-640e-4779-910e-9de0fe0fa00b",
"Attribute": [
{
"category": "External analysis",
"comment": "",
"data": "ewogICAgInR5cGUiOiAiYnVuZGxlIiwKICAgICJpZCI6ICJidW5kbGUtLTZiMjc5M2FjLTA4MTItNDhhZC1hOGQ1LWYyNzA4ODE5ZTIzYSIsCiAgICAib2JqZWN0cyI6IFsKICAgICAgICB7CiAgICAgICAgICAgICJpZCI6ICJsb2NhdGlvbi0tYTdhODg5ZTctOTc3YS00NDAwLWE1YzQtOTUxN2FlZmNjNmY5IiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAidHlwZSI6ICJsb2NhdGlvbiIsCiAgICAgICAgICAgICJjb3VudHJ5IjogIlVTIiwKICAgICAgICAgICAgImFkbWluaXN0cmF0aXZlX2FyZWEiOiAiVVMtREMiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTEyLTA0VDIxOjAxOjUwLjAwMFoiLAogICAgICAgICAgICAibW9kaWZpZWQiOiAiMjAyMy0xMi0wNFQyMTowMTo1MC4wMDBaIiwKICAgICAgICAgICAgImNyZWF0ZWRfYnlfcmVmIjogImlkZW50aXR5LS1iM2JjYTNjMi0xZjNkLTRiNTQtYjQ0Zi1kYWM0MmMzYThmMDEiLAogICAgICAgICAgICAib2JqZWN0X21hcmtpbmdfcmVmcyI6IFsKICAgICAgICAgICAgICAgICJtYXJraW5nLWRlZmluaXRpb24tLTQ3OTA4MWM4LTNhNjAtNGViOC1iNDEwLTk2YTMwZjM5NWRlZiIsCiAgICAgICAgICAgICAgICAibWFya2luZy1kZWZpbml0aW9uLS02MTNmMmUyNi00MDdkLTQ4YzctOWVjYS1iOGU5MWRmOTlkYzkiCiAgICAgICAgICAgIF0KICAgICAgICB9LAogICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAibWFya2luZy1kZWZpbml0aW9uIiwKICAgICAgICAgICAgInNwZWNfdmVyc2lvbiI6ICIyLjEiLAogICAgICAgICAgICAiaWQiOiAibWFya2luZy1kZWZpbml0aW9uLS00NzkwODFjOC0zYTYwLTRlYjgtYjQxMC05NmEzMGYzOTVkZWYiLAogICAgICAgICAgICAiY3JlYXRlZCI6ICIyMDIzLTAzLTAyVDE2OjQ4OjU3Ljk1OVoiLAogICAgICAgICAgICAiZXh0ZW5zaW9ucyI6IHsKICAgICAgICAgICAgICAgICJleHRlbnNpb24tZGVmaW5pdGlvbi0tM2E2NTg4NGQtMDA1YS00MjkwLTgzMzUtY2IyZDc3OGE4M2NlIjogewogICAgICAgICAgICAgICAgICAgICJleHRlbnNpb25fdHlwZSI6ICJwcm9wZXJ0eS1leHRlbnNpb24iLAogICAgICAgICAgICAgICAgICAgICJpZGVudGlmaWVyIjogImlzYTpndWlkZS4xOTAwMS5BQ1MzLTllMGNkNTBlLTZlZmMtNDViMy04YTNkLWI2Mzc2NTQxYzljNSIsCiAgICAgICAgICAgICAgICAgICAgImNyZWF0ZV9kYXRlX3RpbWUiOiAiMjAyMy0wMy0wMlQxNjo0ODo1Ny45NTlaIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X2N1c3RvZGlhbiI6ICJVU0EuREhTLk5DQ0lDIiwKICAgICAgICAgICAgICAgICAgICAicmVzcG9uc2libGVfZW50aXR5X29yaWdpbmF0b3IiOiAiVVNBLkRIUy5OQ0NJQyIsCiAgICAgICAgICAgICAgICAgICAgInBvbGljeV9yZWZlcmVuY2UiOiAidXJuOmlzYTpwb2xpY3k6YWNzOm5zOnYzLjA/cHJpdmRlZmF1bHQ9ZGVueSZzaGFyZWRlZmF1bHQ9cGVybWl0IiwKICAgICAgICAgICAgICAgICAgICAiY29udHJvbF9zZXQiOiB7CiAgICAgICAgICAgICAgICAgICAgICAgICJjbGFzc2lmaWNhdGlvbiI6ICJVIiwKICAgICAgICAgICAgICAgICAgICAgICAgImZvcm1hbF9kZXRlcm1pbmF0aW9uIjogWwogICAgICAgICAgICAgICAgICAgICAgICAgICAgIklORk9STUFUSU9OLURJUkVDVExZLVJFTEFURUQtVE8tQ1lCRVJTRUNVUklUWS1USFJFQVQiLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgIlBVQlJFTCIKICAgICAgICAgICAgICAgICAgICAgICAgXQogICAgICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICAgICAgImF1dGhvcml0eV9yZWZlcmVuY2UiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICJ1cm46aXNhOmF1dGhvcml0eTphaXMiCiAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAiYWNjZXNzX3ByaXZpbGVnZSI6IFsKICAgICAgICAgICAgICAgICAgICAgICAgewogICAgICAgICAgICAgICAgICAgICAgICAgICAgInByaXZpbGVnZV9hY3Rpb24iOiAiQ0lTQVVTRVMiLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgInJ1bGVfZWZmZWN0IjogInBlcm1pdCIsCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAicHJpdmlsZWdlX3Njb3BlIjogewogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJlbnRpdHkiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAicGVybWl0dGVkX25hdGlvbmFsaXRpZXMiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAicGVybWl0dGVkX29yZ2FuaXphdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICJBTEwiCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAic2hhcmVhYmlsaXR5IjogWwogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAiQUxMIgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIF0KICAgICAgICAgICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgICAgIF0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgfQogICAgICAgIH0sCiAgICAgICAgewogICAgICAgICAgICAiaWQiOiAiYXR0YWNrLXBhdHRlcm4tLWYwYTkwNGY0LWIzZjUtNGU0Mi1iNTY1LTQxOGRjNjkzMmQ0NCIsCiAgICAgICAgICAgICJ0eXBlIjogImF0dGFjay1wYXR0ZXJuIiwKICAgICAgICAgICAgImNyZWF0ZWQiOiAiMjAyMy0xMi0wNFQyMTowMTo1MC4wMDBaIiwKICAgICAgICAgICAgIm1vZGlmaWVkIjogIjIwMjMtMTItMDRUMjE6MDE6NTAuMDAwWiIsCiAgICAgICAgICAgICJzcGVjX3ZlcnNpb24iOiAiMi
"deleted": false,
"disable_correlation": true,
"object_relation": "imported-sample",
"timestamp": "1701860630",
"to_ids": false,
"type": "attachment",
"uuid": "a7af729f-85da-48ee-8848-0f18febd2ddc",
"value": "AA23-339A-Threat-Actors-Exploit-Adobe-ColdFusion-CVE-2023-26360-for-Initial-Access-to-Government-Servers.stix_.json"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "format",
"timestamp": "1701860630",
"to_ids": false,
"type": "text",
"uuid": "ef359ef2-81cf-46da-94b5-43f804854632",
"value": "STIX 2.1"
}
]
}
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feeder] updated
2023-12-14 13:47:04 +00:00
}
Reference in a new issue Copy permalink