misp-circl-feed/feeds/circl/misp/593fae82-db94-4c16-b623-42d9950d210f.json

{"Event": {"info": "OSINT - CRASHOVERRIDE Analyzing the Threat to Electric Grid Operations", "Tag": [{"colour": "#14ff00", "exportable": true, "name": "admiralty-scale:information-credibility=\"6\""}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#73e700", "exportable": true, "name": "circl:topic=\"industry\""}], "publish_timestamp": "1497347375", "timestamp": "1497536012", "analysis": "2", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "593fb528-8dd0-46f6-8593-44e7950d210f", "timestamp": "1497347368", "to_ids": false, "value": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1)", "disable_correlation": false, "object_relation": null, "type": "user-agent"}, {"comment": "Custom-built port scanner. ,Stage 2: Develop,Recon - Xchecked via VT: b335163e6eb854df5e08e85026b2c3518891eda8", "category": "External analysis", "uuid": "593fb0fa-c9ec-4df2-8cfc-4aa802de0b81", "timestamp": "1497346298", "to_ids": false, "value": "https://www.virustotal.com/file/893e4cca7fe58191d2f6722b383b5e8009d3885b5913dcd2e3577e5a763cdb3f/analysis/1497333819/", "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "Custom-built port scanner. ,Stage 2: Develop,Recon - Xchecked via VT: b335163e6eb854df5e08e85026b2c3518891eda8", "category": "Payload delivery", "uuid": "593fb0fa-aab8-4283-abb0-4aa802de0b81", "timestamp": "1497346298", "to_ids": true, "value": "497de9d388d23bf8ae7230d80652af69", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "Custom-built port scanner. ,Stage 2: Develop,Recon - Xchecked via VT: b335163e6eb854df5e08e85026b2c3518891eda8", "category": "Payload delivery", "uuid": "593fb0f9-6978-4081-9c12-45c502de0b81", "timestamp": "1497346297", "to_ids": true, "value": "893e4cca7fe58191d2f6722b383b5e8009d3885b5913dcd2e3577e5a763cdb3f", "disable_correlation": false, "object_relation": null, "type": "sha256"}, {"comment": "\"Wiper module, wipes list of files by extension, removes system processes, and makes registry changes to prevent system boot. \",Stage 2: Attack,Destruction - Xchecked via VT: b92149f046f00bb69de329b8457d32c24726ee00", "category": "External analysis", "uuid": "593fb0f9-7008-4064-86a8-4ae802de0b81", "timestamp": "1497346297", "to_ids": false, "value": "https://www.virustotal.com/file/ad23c7930dae02de1ea3c6836091b5fb3c62a89bf2bcfb83b4b39ede15904910/analysis/1487157094/", "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "\"Wiper module, wipes list of files by extension, removes system processes, and makes registry changes to prevent system boot. \",Stage 2: Attack,Destruction - Xchecked via VT: b92149f046f00bb69de329b8457d32c24726ee00", "category": "Payload delivery", "uuid": "593fb0f9-57f8-40b8-a4fb-41b202de0b81", "timestamp": "1497346297", "to_ids": true, "value": "7a7ace486dbb046f588331a08e869d58", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "\"Wiper module, wipes list of files by extension, removes system processes, and makes registry changes to prevent system boot. \",Stage 2: Attack,Destruction - Xchecked via VT: b92149f046f00bb69de329b8457d32c24726ee00", "category": "Payload delivery", "uuid": "593fb0f8-0b84-4af5-a9ae-4ef002de0b81", "timestamp": "1497346296", "to_ids": true, "value": "ad23c7930dae02de1ea3c6836091b5fb3c62a89bf2bcfb83b4b39ede15904910", "disable_correlation": false, "object_relation": null, "type": "sha256"}, {"comment": "\"Wiper module, wipes list of files by extension, removes system processes, and makes registry changes to prevent system boot. \",Stage 2: Attack,Destruction - Xchecked via VT: 5a5fafbc3fec8d36fd57b075ebf34119ba3bff04", "category": "External analysis", "uuid": "593fb0f8-3900-43b4-91d7-4a7402de0b81", "timestamp": "1497346296", "to_ids": false, "value": "https://www.virustotal.com/file/018eb62e174efdcdb3af011d34b0bf2284ed1a803718fba6edffe5bc0b446b81/analysis/1497287042/", "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "\"Wiper module, wipes list of file