misp-circl-feed/feeds/circl/misp/59496390-0cf4-4bf9-a93a-e1c402de0b81.json

1 line
28 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{"Event": {"info": "OSINT - CVE-\u00ad2017-\u00ad0199 life of an exploit", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"LATENTBOT\""}, {"colour": "#086300", "exportable": true, "name": "misp-galaxy:tool=\"AmmyAdmin\""}], "publish_timestamp": "0", "timestamp": "1498054746", "analysis": "2", "Attribute": [{"comment": "", "category": "External analysis", "uuid": "5949639b-2504-4a32-a9cf-467d02de0b81", "timestamp": "1497981851", "to_ids": false, "value": "https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/CVE-2017-0199-life-of-an-exploit.pdf", "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "", "category": "Payload delivery", "uuid": "594963d5-5adc-45c4-b379-458902de0b81", "timestamp": "1497981909", "to_ids": false, "value": "CVE-2017-0199", "disable_correlation": false, "object_relation": null, "type": "vulnerability"}, {"comment": "decoy", "category": "Network activity", "uuid": "594a220b-a534-4ffb-a2c6-4eda950d210f", "timestamp": "1498030603", "to_ids": true, "value": "http://95.141.38.110/mo/dnr/tmp/template.doc", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "payload", "category": "Network activity", "uuid": "594a220b-4738-4d7c-96c1-40f9950d210f", "timestamp": "1498030603", "to_ids": true, "value": "http://95.141.38.110/mo/dnr/copy.jpg", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Payload delivery", "uuid": "594a221e-ce00-4660-a80b-4e15950d210f", "timestamp": "1498030622", "to_ids": true, "value": "fceffd0fb6959cca75c781bc3310b6e50f9b5941", "disable_correlation": false, "object_relation": null, "type": "sha1"}, {"comment": "", "category": "Network activity", "uuid": "594a223b-6c90-45ce-98b4-4233950d210f", "timestamp": "1498030651", "to_ids": true, "value": "http://185.168.186.36/up/dnr/scan/", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "594a23a9-d138-42cb-8cc9-42e3950d210f", "timestamp": "1498031017", "to_ids": true, "value": "http://46.102.152.129/template.doc", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "payload", "category": "Network activity", "uuid": "594a23a9-375c-4511-b1ca-48bd950d210f", "timestamp": "1498031017", "to_ids": true, "value": "wood.exe/dcihprianeeyirdeuceulx.exe", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "decoy", "category": "Network activity", "uuid": "594a23a9-6ed4-4dbc-917a-4b1c950d210f", "timestamp": "1498031017", "to_ids": true, "value": "questions.doc/document.doc", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Payload delivery", "uuid": "594a2617-65fc-4e66-ad9a-42e0950d210f", "timestamp": "1498031639", "to_ids": true, "value": "testThis.txt|fceffd0fb6959cca75c781bc3310b6e50f9b5941", "disable_correlation": false, "object_relation": null, "type": "filename|sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "594a2617-b818-400a-81b0-4c13950d210f", "timestamp": "1498031639", "to_ids": true, "value": "\u0420\u0410\u0417\u0412\u0415\u0414\u0427\u0418\u041a\u0410.doc|9aed05edab5d0200eb509ed22c8c30f19652814c", "disable_correlation": false, "object_relation": null, "type": "filename|sha1"}, {"comment": "Latentbot", "category": "Payload delivery", "uuid": "594a2737-0014-4d78-a4dc-4fc7950d210f", "timestamp": "1498031927", "to_ids": true, "value": "hire_form.doc|0f3b135fd9eb3c6befbeb69f418ac182aeb56557", "disable_correlation": false, "object_relation": null, "type": "filename|sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "594a2a4a-7994-47ca-a723-4404950d210f", "timestamp": "1498032714", "to_ids": true, "value": "~WRD0000.tmp|79679d2a9f5e9065b74369ab3724b1033b6659b4", "disable_correlation": false, "object_relation": null, "type": "filename|sha1"}, {"comment": "", "category": "Payload delivery", "uuid": "594a2a4b-f370-45df-846