misp-circl-feed/feeds/circl/misp/5cd2770d-27fc-4e41-8bfe-476e950d210f.json

1 line
284 KiB
JSON
Raw Normal View History

2023-12-14 14:30:15 +00:00
{"Event": {"info": "OSINT - Spear Phishing Campaign Targets Ukraine Government and Military; Infrastructure Reveals Potential Link to So-Called Luhansk People's Republic", "Tag": [{"colour": "#00223b", "exportable": true, "name": "osint:source-type=\"blog-post\""}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#3b0020", "exportable": true, "name": "workflow:todo=\"expansion\""}, {"colour": "#3bb800", "exportable": true, "name": "enisa:nefarious-activity-abuse=\"spear-phishing-attacks\""}], "publish_timestamp": "0", "timestamp": "1557314623", "Object": [{"comment": "", "template_uuid": "a0c666e0-fc65-4be8-b48f-3423d788b552", "uuid": "5cd27f3c-49f0-4ff5-8fca-40a0950d210f", "sharing_group_id": "0", "timestamp": "1557299737", "description": "Email object describing an email with meta-information", "template_version": "13", "ObjectReference": [{"comment": "", "object_uuid": "5cd27f3c-49f0-4ff5-8fca-40a0950d210f", "uuid": "5cd28012-a314-402a-80ab-4e39950d210f", "timestamp": "1557299218", "referenced_uuid": "5cd27965-10d0-45d5-8cf7-414a950d210f", "relationship_type": "same-as"}, {"comment": "", "object_uuid": "5cd27f3c-49f0-4ff5-8fca-40a0950d210f", "uuid": "5cd28219-ccac-4358-8a75-4faa950d210f", "timestamp": "1557299737", "referenced_uuid": "5cd280c9-a63c-467d-91ec-49c8950d210f", "relationship_type": "contains"}], "Attribute": [{"comment": "Pose as Armtrac, defense manufacturer in the United Kingdom", "category": "Payload delivery", "uuid": "5cd27f3c-5e78-4ffe-9733-4c5d950d210f", "timestamp": "1557299477", "to_ids": false, "value": "Armtrac", "disable_correlation": false, "object_relation": "from-display-name", "type": "email-src-display-name"}, {"comment": "", "category": "Payload delivery", "uuid": "5cd27f3d-3d4c-42d9-b757-4add950d210f", "timestamp": "1557299477", "to_ids": false, "value": "Dear Colleagues,\r\n\r\nPlease accept the best regards from representatives of Armtrac Ltd. which were on the meeting held on 24th May in Astana. My name is Alex Gallil and I'm am responsible person from Armtrac Ltd. for cooperation development with Ukrainian partners. \r\nAs part of conversation held between our sides, were discussed joint opportunities in demining activities, development of demining vehicles, ammunition recycling, participation in tenders with further technology transfer and other. Among other were discussed the border surveillance system which is highly interesting for us.\r\n\r\nSincerely,\r\nAlex Gallil\r\nExecutive manager", "disable_correlation": true, "object_relation": "email-body", "type": "email-body"}, {"comment": "", "category": "Payload delivery", "uuid": "5cd27f3d-c258-4da0-98f8-49ef950d210f", "timestamp": "1557299477", "to_ids": false, "value": "SPEC-20T-MK2-000-ISS-4.10-09-2018-STANDARD", "disable_correlation": false, "object_relation": "subject", "type": "email-subject"}, {"comment": "", "category": "Payload delivery", "uuid": "5cd27f3d-29c4-4fab-b6ec-42e1950d210f", "timestamp": "1557299477", "to_ids": true, "value": "Armtrac-Commercial.7z", "disable_correlation": false, "object_relation": "attachment", "type": "email-attachment"}, {"comment": "", "category": "Other", "uuid": "5cd28115-f1d0-4784-ac16-4466950d210f", "timestamp": "1557299477", "to_ids": false, "value": "2019-01-22 11:35", "disable_correlation": true, "object_relation": "send-date", "type": "datetime"}], "distribution": "5", "meta-category": "network", "name": "email"}, {"comment": "", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5cd280c9-a63c-467d-91ec-49c8950d210f", "sharing_group_id": "0", "timestamp": "1557299770", "description": "File object describing a file with meta-information", "template_version": "17", "ObjectReference": [{"comment": "", "object_uuid": "5cd280c9-a63c-467d-91ec-49c8950d210f", "uuid": "5cd2823a-fb44-4c5b-a61b-4073950d210f", "timestamp": "1557299770", "referenced_uuid": "5cd281d0-85c8-4572-b487-45b1950d210f", "relationship_type": "contains"}], "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5cd280ca-99f8-4441-beab-495e950d210f", "timestamp": "