misp-circl-feed/feeds/circl/misp/54b62236-69d4-4154-854a-4862950d210b.json

337 lines
10 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "2",
"date": "2014-09-05",
"extends_uuid": "",
"info": "OSINT Cridex, Feodo, Geodo, Dridex, whats next? by abuse.ch",
"publish_timestamp": "1456154166",
"published": true,
"threat_level_id": "3",
"timestamp": "1421222846",
"uuid": "54b62236-69d4-4154-854a-4862950d210b",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#33FF00",
"name": "tlp:green"
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222530",
"to_ids": false,
"type": "link",
"uuid": "54b62282-9be0-4a87-ae0f-acbf950d210b",
"value": "https://www.abuse.ch/?p=8332"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222538",
"to_ids": false,
"type": "text",
"uuid": "54b6228a-01e8-4c71-852d-d563950d210b",
"value": "Dridex"
},
{
"category": "Network activity",
"comment": "port 443",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222599",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b622c7-5828-428f-9a06-0d21950d210b",
"value": "5.135.28.113"
},
{
"category": "Network activity",
"comment": "port 9955",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222620",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b622dc-aae0-4660-a75e-5d3c950d210b",
"value": "5.135.28.109"
},
{
"category": "Network activity",
"comment": "port 8080",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222694",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b62326-9260-4552-b9ae-4856950d210b",
"value": "62.76.44.174"
},
{
"category": "Network activity",
"comment": "port 8080",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222694",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b62326-c8a4-43f9-af29-4e1a950d210b",
"value": "50.56.34.20"
},
{
"category": "Network activity",
"comment": "port 8080",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222694",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b62326-4b78-4984-a5f1-4aae950d210b",
"value": "37.139.47.177"
},
{
"category": "Network activity",
"comment": "port 8080",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222694",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b62326-78c0-451a-b5ba-4416950d210b",
"value": "108.166.70.44"
},
{
"category": "Network activity",
"comment": "port 8080",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222694",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b62326-03ac-49ba-b4d6-4db9950d210b",
"value": "202.124.205.84"
},
{
"category": "Network activity",
"comment": "port 8080",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222694",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b62326-bacc-49ff-9b51-4922950d210b",
"value": "85.214.26.248"
},
{
"category": "Network activity",
"comment": "port 8080",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222694",
"to_ids": true,
"type": "ip-dst",
"uuid": "54b62326-9210-4889-ab0a-4522950d210b",
"value": "178.208.81.204"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222710",
"to_ids": true,
"type": "md5",
"uuid": "54b62336-65f0-4e17-ab96-6099950d210b",
"value": "532e7924f759aab014dedca651398ce6"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222710",
"to_ids": true,
"type": "md5",
"uuid": "54b62336-da60-4905-86f6-6099950d210b",
"value": "818bb82d1845eacedabdd5d0a5de310c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222710",
"to_ids": true,
"type": "md5",
"uuid": "54b62336-e04c-43d3-956b-6099950d210b",
"value": "fab100a415254de5c8af70eb1c7eb2d0"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222710",
"to_ids": true,
"type": "md5",
"uuid": "54b62336-5334-4353-b414-6099950d210b",
"value": "95d4a587ac1a128db890035793483885"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222710",
"to_ids": true,
"type": "md5",
"uuid": "54b62336-6dd4-45cf-8651-6099950d210b",
"value": "f8edaacbfc88a8f045bf2bbbd75c435b"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222846",
"to_ids": true,
"type": "url",
"uuid": "54b623be-2ac4-41ec-be31-5d3c950d210b",
"value": "/logs/ukvbvg/js.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222846",
"to_ids": true,
"type": "url",
"uuid": "54b623be-e808-4f42-b450-5d3c950d210b",
"value": "/logs/ukvbvg/in.php"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222846",
"to_ids": true,
"type": "url",
"uuid": "54b623be-9ff4-4e01-802b-5d3c950d210b",
"value": "/injectgate"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1421222846",
"to_ids": true,
"type": "url",
"uuid": "54b623be-7534-4356-a730-5d3c950d210b",
"value": "/tokengate"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via f8edaacbfc88a8f045bf2bbbd75c435b)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455836015",
"to_ids": true,
"type": "sha1",
"uuid": "56c64b6f-bc64-44f1-a5ba-4fd5950d210f",
"value": "444a3133c619eae0c899422684787372ec2291ba"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via 95d4a587ac1a128db890035793483885)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455836017",
"to_ids": true,
"type": "sha1",
"uuid": "56c64b71-3f28-4405-be9e-c651950d210f",
"value": "233de4235c7ca7534f19d97bf482b72776e2deb3"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via fab100a415254de5c8af70eb1c7eb2d0)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455836019",
"to_ids": true,
"type": "sha1",
"uuid": "56c64b73-32ec-4ea5-9653-4f63950d210f",
"value": "70a2151dbdf1deff221e3c712054320a35751b7b"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via 532e7924f759aab014dedca651398ce6)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455836021",
"to_ids": true,
"type": "sha1",
"uuid": "56c64b75-5360-49ac-a393-5ca1950d210f",
"value": "8f1dd9903815fad8ecfdb55fe277f425e8aa7cfc"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via f8edaacbfc88a8f045bf2bbbd75c435b)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455836016",
"to_ids": true,
"type": "sha256",
"uuid": "56c64b70-fce4-47da-8cbf-c652950d210f",
"value": "ebb5c47f46954c5a6786cc040e5cc1a16d3765584f3f58cf1a3bf3fe7c9eceae"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via 95d4a587ac1a128db890035793483885)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455836018",
"to_ids": true,
"type": "sha256",
"uuid": "56c64b72-e594-4851-86d5-48a0950d210f",
"value": "76d759ff75723d76f3aa8cfe1785d220359c5b298a13db9d853cbca32d4752be"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via fab100a415254de5c8af70eb1c7eb2d0)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455836020",
"to_ids": true,
"type": "sha256",
"uuid": "56c64b74-caf8-4c9b-8abe-599d950d210f",
"value": "62ba5cff1f48a529a6eb5f43fb790bc49433a9f0ed219f1ca0d890563eaea218"
},
{
"category": "Payload delivery",
"comment": "Automatically added (via 532e7924f759aab014dedca651398ce6)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455836021",
"to_ids": true,
"type": "sha256",
"uuid": "56c64b75-459c-4f0c-8daa-599e950d210f",
"value": "960ed795dca89e50745251adf6712719a1af1aa5fd1a66c9424c777574180548"
}
]
}
}