misp-circl-feed/feeds/circl/misp/5c533c72-f6c4-4811-b06f-4982950d210f.json

{"Event": {"info": "OSINT - 2019-01-31: Gozi ISFB Malware v2 Group -> Loads Dridex Botnet ID \"3101\"", "Tag": [{"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:banker=\"Dridex\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:banker=\"Gozi\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"Dridex\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"Gozi\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"ISFB\""}, {"colour": "#0da700", "exportable": true, "name": "misp-galaxy:tool=\"Dridex\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:banker=\"Gozi ISFB\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:banker=\"Goziv2\""}, {"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#0071c3", "exportable": true, "name": "osint:lifetime=\"perpetual\""}, {"colour": "#0087e8", "exportable": true, "name": "osint:certainty=\"50\""}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#22681c", "exportable": true, "name": "\tmalware_classification:malware-category=\"Botnet\""}, {"colour": "#bcdb18", "exportable": true, "name": "Botnet \"3101\""}, {"colour": "#22681c", "exportable": true, "name": "malware_classification:malware-category=\"Botnet\""}], "publish_timestamp": "0", "timestamp": "1548960127", "Object": [{"comment": "", "template_uuid": "8ec8c911-ddbe-4f5b-895b-fbff70c42a60", "uuid": "5c53409b-e0a8-47ab-b443-cdf9950d210f", "sharing_group_id": "0", "timestamp": "1548959899", "description": "Microblog post like a Twitter tweet or a post on a Facebook wall.", "template_version": "5", "Attribute": [{"comment": "", "category": "Other", "uuid": "5c53409b-a2a0-492b-9040-cdf9950d210f", "timestamp": "1548959899", "to_ids": false, "value": "2019-01-31: #Gozi #ISFB #Malware v2 Group -> Loads #Dridex Botnet ID \"3101\" {ISFB Ver: '2.14', Build: '62', Group: '3172'} Release w/ New Build: \"January 28, 2019\" \ud83d\ude09 Best ISFBv2/Dridex Duo Going Strong After Holidays -> #MISP JSON with IOCs (unpacked): https://pastebin.com/x5FG3ZPd", "disable_correlation": false, "object_relation": "post", "type": "text"}, {"comment": "", "category": "Other", "uuid": "5c53409b-c388-4586-b9a2-cdf9950d210f", "timestamp": "1548959899", "to_ids": false, "value": "Twitter", "disable_correlation": true, "object_relation": "type", "type": "text"}, {"comment": "", "category": "Network activity", "uuid": "5c53409b-4fe4-4a5e-8491-cdf9950d210f", "timestamp": "1548959899", "to_ids": true, "value": "https://twitter.com/VK_Intel/status/1091034487146856448", "disable_correlation": false, "object_relation": "url", "type": "url"}, {"comment": "", "category": "Other", "uuid": "5c53409b-7df0-4389-bec7-cdf9950d210f", "timestamp": "1548959899", "to_ids": false, "value": "31 Jan 2019 10:04 AM", "disable_correlation": false, "object_relation": "creation-date", "type": "datetime"}], "distribution": "5", "meta-category": "misc", "name": "microblog"}], "analysis": "2", "extends_uuid": "5c5331ac-c160-4a17-a34f-3da568f8e8cf", "published": false, "date": "2019-01-31", "Orgc": {"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f", "name": "CIRCL"}, "threat_level_id": "3", "uuid": "5c533c72-f6c4-4811-b06f-4982950d210f"}}