1 line
6.9 KiB
JSON
1 line
6.9 KiB
JSON
|
{"Event": {"info": "OSINT - AgentTesla Actors Email", "Tag": [{"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#0071c3", "exportable": true, "name": "osint:lifetime=\"perpetual\""}, {"colour": "#0087e8", "exportable": true, "name": "osint:certainty=\"50\""}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}], "publish_timestamp": "0", "timestamp": "1570782678", "analysis": "0", "Attribute": [{"comment": "", "category": "External analysis", "uuid": "5da02f32-bf20-431c-9a78-49e3950d210f", "timestamp": "1570778959", "to_ids": false, "value": "https://pastebin.com/w4YXK3Nx", "Tag": [{"colour": "#003860", "exportable": true, "name": "osint:source-type=\"pastie-website\""}], "disable_correlation": false, "object_relation": null, "type": "link"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff3-8c80-40fd-a346-4cdd950d210f", "timestamp": "1570779123", "to_ids": true, "value": "bezbezkadena.operations@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff3-11c8-439b-bdf4-4787950d210f", "timestamp": "1570779123", "to_ids": true, "value": "harminde.dhesi@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff3-72e0-4ef4-a800-4b77950d210f", "timestamp": "1570779123", "to_ids": true, "value": "gouloisrnarcell@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff3-d588-4952-9220-42ab950d210f", "timestamp": "1570779123", "to_ids": true, "value": "joenwa1993@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff3-285c-4860-b921-4cdd950d210f", "timestamp": "1570779123", "to_ids": true, "value": "mey.etabi@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff4-cd78-4ce2-bac5-4c06950d210f", "timestamp": "1570779124", "to_ids": true, "value": "johnneybrown5@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff4-77c0-4cd7-bf63-40db950d210f", "timestamp": "1570779124", "to_ids": true, "value": "noahlee1777@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff4-5da0-4e66-b5c7-448f950d210f", "timestamp": "1570779124", "to_ids": true, "value": "bibauc95@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff4-19c0-43c8-aaa8-44ef950d210f", "timestamp": "1570779124", "to_ids": true, "value": "officeforwardings@yahoo.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff4-0b7c-4c8d-968f-4ed7950d210f", "timestamp": "1570779124", "to_ids": true, "value": "jasonroberts3947@tutanota.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff4-816c-4233-ad2e-453b950d210f", "timestamp": "1570779124", "to_ids": true, "value": "obicaoffice@gmail.com", "disable_correlation": false, "object_relation": null, "type": "email-src"}, {"comment": "Email used by actors for Exfiltration.", "category": "Payload delivery", "uuid": "5da02ff4-920
|