misp-circl-feed/feeds/circl/misp/5788c19e-ee40-43b8-9160-47da950d210f.json

156 lines
207 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "0",
"date": "2016-07-15",
"extends_uuid": "",
"info": "Malspam 2016-07-15 .zip/.jse",
"publish_timestamp": "1468580742",
"published": true,
"threat_level_id": "3",
"timestamp": "1468580293",
"uuid": "5788c19e-ee40-43b8-9160-47da950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
},
{
"colour": "#3a7300",
"local": "0",
"name": "circl:incident-classification=\"malware\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580279",
"to_ids": true,
"type": "url",
"uuid": "5788c1b7-d1a8-4830-bf05-4d18950d210f",
"value": "http://cosdoshhp.top/log.php?f=2.gif"
},
{
"category": "Payload delivery",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580280",
"to_ids": true,
"type": "filename",
"uuid": "5788c1b8-68f4-4ac5-8cf4-4979950d210f",
"value": "cosdoshhp.top"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580280",
"to_ids": true,
"type": "ip-dst",
"uuid": "5788c1b8-2bb4-435c-ae16-45bf950d210f",
"value": "216.170.117.124"
},
{
"category": "Network activity",
"comment": "download location",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580281",
"to_ids": true,
"type": "ip-dst",
"uuid": "5788c1b9-ad88-4892-b0f1-45d4950d210f",
"value": "104.238.213.26"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580293",
"to_ids": false,
"type": "user-agent",
"uuid": "5788c1c5-71bc-4849-aba3-4add950d210f",
"value": "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.3; Trident/7.0; .NET4.0E; .NET4.0C)"
},
{
"category": "Payload delivery",
"comment": ".jse example",
"data": "UEsDBBQACQAIAAVY70iaZwo/ayQAAB5hAAAgABwAMTU2Y2Q4M2I2YWM2MDg4ZWI4ZjFjOWVmOWE1YjI2MDNVVAkAAzrCiFc6wohXdXgLAAEEIQAAAAQhAAAAdVAca0cr+ZFIdepWVXglm7bC+4VjhaabGGcfGsK3/onGVNgGApvzlicUV67Q5YjxExeXDNScOFEy4xHl/HI5TpqX2WgSY3R6x3GDeHM2Yax7Voe3Dx9b8HnbvssDkdMGikSqNVZ4r3X8rrZKh4brnidUrooBH9LPjlYXzhHXf/JwWriQM+bjzrX96tYZjheUaRVwPbVq1HjPoCAQE7WuMI0XCCIEB0ZthNY/o02ISQ/UykBVDva2wyRIZN9zJK95K+Cow9P2XKZjlTDFm1j92jxPM8wVls789c8SLpLuU+AIc9VP+wulmlUKKDwsjF4wJBYsp8XRLItaiQ51gDakiLSnF1O85Uic/T0pFZd5acTeh9J1pWEMO85Z9ZnU3fkd29oKga6j0Z1Am+0SF6M1fhYReF6eD7Kdo6o3j27+h67GCDrTJ/OF1s7XslmIvQH9/lyw4UDdLufLdqgPssvaBx0xrys/YcTjilpMxwNrWEMPNmLemkBDpX8tFDW5CmSbSG4JRdCVdhtW5O4W2LzKJ80st38D8c2RcNnH4cQWETJ+x/VJpq+BBYhJukYbTuxgXCZChJknIq+cnggzA0kvSFd9e7eZvBLElQvJTc3UqVBLJ5LOEYCGlMvrLeQ+EK19hGeqdytpwttCYInKtRrWC5Qiub7bpqxF6DS4eeGhdN+uhqoRBJ8PKx0suZGDxRRjX+gKJjZCNlvOq5V6kHEpyNJ3KKmJXAsd8Djb/r+KaT7O0yiZH/OEzv/Kn+Fjvo1h/1dgy1NmD2vCU0CU8KIHCM/LM62wvWtdVSKs27/1rdxcDEaq1XZGfeaDrUBGQAK6QieZGtY9BTg/4WGerXGgmQouyfHmzw2uhtEH8KTx2Yv2ZAwErg8jsBjWLxjDacPLdd0lUnRooRhr4ica/XbUA403eF5/Q1OUs3I+qF7lMWacSg3kw1AADEgk9NTRDk6MYIOknFBpevBq9DrmayTbHPn0PK2kUPcfY4S/hevQ/M7t97GoALvZLq+/zaJ8rKe4igbCcyaq1Z0ZzmToI8yweQdxDSn7yUGR+HGn8j49/UuoMUcCw/zGCxWBHjYuSXy8SdDtzGdInLX4RTlaEgEIcbeQLAc++X5q2zJRZ1g7qvoGNA0/uVHCSfOx/tC2uKS5jQc+JHHvIsfg85Axaz8ReEP+wSRN/4Rq4lZ3S5DEGw5tDkYd6RNx/g80IJ1+BwyF7qqePNeEg59Fw4cbGzvxLuRZaTYqukYt40sdqOhbk+Y0q8Q1FgMwieKPp7+qLPJiKM1SFEQV/KFn5ecaAMYqRRUCxHcD5XDhk557LkX/w8xJiC0CR/wemKNKxhSBaFcrFVf2JT0x/mVggc0DOJ1bn+DKvXo3cyZ4pdRYTQM289skD/M9zivpzezgtN8EdHV8nkX42p+7cDu3vyqKVozX4fn/BeMlxl1/LOBF6nvf+57XXqPK63TmRZ8yIMwLxN5TCOhSy69yqNwxjHtMgXAG24DVB1TZUiWdBAz4zi3RM1Q7cHfxr4/+Jj32v3R0DXTevbBk8gbLZ3VrVaZEkrQ4MoXCFvWzSOnAhpY6F9Eayx/dprfvKn594bQ+6GW++qtOhYVeUra47a/mfJtoLH3nV7DVdGPi3dickxn4nUkUs5BMIoDjgvGHcIjbkgbixLJFh+vkkgRq88i5xfOLDAT/sKaRL9p48CNUZe3OySAvhihTP0AYH5lrl1Z8i99yFAiRGNFbpNsAjjhSKZJpdJFf4l+pwJ4bCuF2eVl+woCMKj1OlRr6PxrNuJ6A5zfdVhhIWCk4CLvw6WSWZmC8J1vDTF+zc4/6f/ah2P19IFRXOhPh1QagqcC60FZWTlQjDRCS5UIQ/P0JV4XJEQfKXSB5L0fDn7HjIJE9NjQA/mNMDoub7exDHw7NfNOPp6u7+ks/mzfZUcuCFVqpqu6dgIE+H268wZForRxmN0B+kFK06PINejDspsTNClCJ0xrb36PsfJxAoUa7B1RhBRdi+EsmqMWBBklYG0GTJYnGJ5wOd9dYiwe/cm/1aOx4vWlYequ0yG0HweuYW+6iQPIdlCtl3UAoPdzomhFdK/HREApWIJ3oRkj9P8ZNlemHkDLB8Uj5EEs/jdWmJ4hsmSLUhbJZJ/uZDsnERp217epIC5Rp0JiZ7WWvAMnVGrOAijhr3fCDmalbw4ycyRDuEg8tWbNV7/0tSvEsy1ioDr3J4d6dkXfOSzWLPdirJHO+7aSq5y7dxts9YO3WF/pxBO+O9SYgSfn4ZBcFKe0tE8CYfNmm2FNLPTxzPGj+q3oa9W3dGb/O/LR6PnOvTM2invwaZAf4jRdRjp7yCtGrnnFDr/A5ekNIRgnSBhB7KTXYEkH9MDkWOacR7pLBg7kG9/93rP/c6M5kuzsNzgsWeAo1o+goRMWb9Bbo43ty/RSCkUpdeorOMIpS7BvITvnyda38aAhQFjF7hwWq4PAzOB/r8wSOST/r/HawsYR4of1gQx9LDjQyJ9vmC9zUPFqJntFgLHpvHEwbL94Ld2fIuedhNe/IIjP05UagvhGkFxlhOeUpEziKo+1sRg/9Irxkj5XidLXlL+bmpRaWM51FCounv1Zk4xEbyO7DqvNmmhEyBrp7LUs0R9dKgs1b8s3olto/dGef/S9w4X08OrGa6kIfxMDHi3xLbL3X0g3FMY5+DwW5TYAhbkGrADBZGkfnmo6M8u6ksbdGuYt4gQySyQ9gWx9wFi6srCPHrjDBq2q3nz7BoBms1JbWS7es/cZs3b79lTL6SNkll7f2nQI4wdHXw1j5uMKti/ZC4IRDOZwCVTCiglWEfA01DTtOOIq8I/XjtbCjiXCOi7tvWYkS2RxxjVDf1A6LRZd97B6+OWBTPBaU9Wjt1uXsz+b1MyvMBN/TLUco8bJHUO+IyTaOE+/2H3id93iTwBR5rqUxqSaZKAGaHIQMa+9Mm1aw1OuBwM5LtkfK5scKiC5Xf1DWtV0qMQ4vumjvsywJGEH0AtbbPDAxSGwIMIyUDFABkoMUNMu7hf+d+TaGyasnUJLUeb7pV4PKYhonzFUqpPkIHFkHCWQ3/is1dnLZ3dRABUR3hQ8NcTU4cetNbfHnxfxL5QgGCRj9mIZOrAjo/zIk07U2BtC9SJe+sSOU6mCD71Kq+lS6A+8fdoU56zmgH1x3pWrKtPNk/A2J88Zx5O8FCfMbuGom7tzKU5T/TTO3Gswuq8Ss0nEUo1Fh8xEkAn2/OqApY0usKImykmMX5igP6OGmJPcWJpinfEblCBLRdL0ca48wFjUKE7zat7VZ8Qjzi8n2pNcZmqeXAj50aeso/JknUn+t/FVpWIsZvKzIO+7bgDSzAfuKBUozss5CH8PYBlOWlvbgbuxp9UiXmb99AbEsRjszrehnoy7pJVpUJPs9FZsuWXjxycCSE06MVH0RIinxLC7igmyObffemSohScg/6zWRRXZHgIKTulA5Ka8pj4z0zOmba8ck8o45ds5oMcG5wY5oUhwR3WDr/yAOAARSXNTmcBbcSoEx2hyAIhGWDF9EBOOvpBjKMdUCEv5EZkoPJmt6BTiuVtuM268wcR/9KtkwmHq1VlMN+jbr3vUvClmrigeMJ6R7jm2NWyk+QPQqoXu+BvNtnLoPev1ZqT88AQBRiSWY0FWZDrznDFgVswmnRKXGElek28KtsY3rzDf7E+3ZaW2QlYUrfR9uUcqTjr+q5UIGGbXvHLoZ5SKyDuSuep3QPu6MP/gsgkRJpN2C9YfQLmlydg+0qHEDauZABGUTa//o/Wl7YE4NdI74yF5M/QDcmlTEME7n+Z2U4sfOHVsIZ8LkRlfQqIrCYAbXtofRkYp+02tFkVHribqZZtU43asdZuLQEgN9arm5+sLF3YIeamaFpoZOo/r8QmqAv+NcNPX40u4bZYEb/9BFKst3KvFvKXG5UQEb8JJ1204A1URHsLVVeg2dKwYwBC
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580410",
"to_ids": true,
"type": "malware-sample",
"uuid": "5788c23a-0a5c-4760-9ca2-43e7950d210f",
"value": "7.jse|156cd83b6ac6088eb8f1c9ef9a5b2603"
},
{
"category": "Payload delivery",
"comment": ".jse example",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580411",
"to_ids": true,
"type": "filename|sha1",
"uuid": "5788c23b-b280-46cc-b101-41c1950d210f",
"value": "7.jse|cfd4c8391bf4c91c79d46b644df1c066b99ef65c"
},
{
"category": "Payload delivery",
"comment": ".jse example",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580412",
"to_ids": true,
"type": "filename|sha256",
"uuid": "5788c23c-9240-48c2-96f4-4abf950d210f",
"value": "7.jse|ba4963275463eaf55938e110e3665d512bebdb1250610b15e577f25069a04283"
},
{
"category": "Payload delivery",
"comment": "downloaded malware",
"data": "UEsDBBQACQAIABJY70i/cbJQ3jcCAPWwAwAgABwANzAxNjA1ZTIyNGQyNDU1YmQzMGEyYTM3M2EyOWJlYThVVAkAA1PCiFdTwohXdXgLAAEEIQAAAAQhAAAAEbXMmdKxTapV5FgwI5TFGt81h/YpsSZHDyzlPfJXItdSPhP/Vzs1f0GGlW/JZJ+jtDKsWqhWTDZP4feUdohIhb5UxX87iuwQXscRQ3GkcrphKGzxtm6RfUByIx9ORH32w3LqD1M9Ik/EWsc4yXCUZePNt/2xRQZxSHXIx+xvgeaUvNqxzTS4rEmONcBjr0k0MSMFwJ7VYbSneyQxpzi8jYyHq7ruoqMY80pElz8WcMfd06MFfNQ7Wkm+qcqd3aaqNCTcBZesNa6jPSXThHv6uGHZXel9ZJXxpd1joPrs+xuwF/nKaeaWSzKBtg7ilqxKKaAHDkTmJfrDZoG4EaHKgbWQvit3YfY8O6Snp3SEU6o4oLICwkWy6oR0ycEj+n465pO79p7yIAzF1M2kPMg93hqLnqt57QuGobKK/WXcQk/vV0YMBUXDnCMCa+b9kBs3BnbkRRllzJfI9n7VXO41/HFYq9x2FSjegWkuV5TdiqVbirpHT2AQ0/pO9S/V66d+x7jbwj/g6GlmH23WQO6bXG41Za2c5rfZmavKttXM0QwLSvUOKZYNgC0jfWZJ0riYmrTlhx4uPLdFl9r707B6rvqsXbPqq09sVy0HZlWDuT0sQwO+KNEaIXC9dIikq0/NRf/XFGZmF+L8UYmmMed31BnCyrbwaC+kyt5XbnIs5UebXAvweuF5dlZ3452MAdOu6IoZvSkHEU4iL+BIYOkZiAe+pmlron3fCjA9cregA2NMv6lPPPQujGf8OavQHxBHw7P8Ih44e7VPwaMWjopIWEx0fPvvmVHkZwga5rnJn4IbOpt1a2/fPDdY1VHQdjNDJ/+ttKZA7gwTWeYX2jxnev7RDrq07w45An858FnGypqMa/oFFiCzR1drvdUDk71oES3K/cP+lf6AY7ZNUnPcn7WjzKDpgY7zJ13UQZ/sLNPGsdrZCdIxyUDSyPeESgJrv51sfPzyusnUiEJkYyCK1HF/PocofGojpeAvGOjjJKpu4XpMfL8aLouejNecZTFpUIP4BxB2+fgZ8cGpy9miVdzsgnG29wPNYwgn/hKgTwX4J5BHAYb0R+RGpRxTQxw/J29ZgnP8xBsxSinB+o6JyB+NsmRlk+J6RqtynGOEifYTke97Hzx7yZLhRGA4zTPqr0ya/9Wyri1lTfATfd4A2H+9u0+AJD9hUnzUc238zmQBpfB92j7IFkXNYNuD2tKcXB8ifH4Q67TPPDlOKVXu3TBXYHanUbxoZYswlXD8ZDbYl792eEkkBVzhnP7uUiCLOsjMUec9EmH68V7gDlAZeVpL3SiekX6iTLC8FdAaqLaWbdmrU/hK4L1rGBM14kEP8bWhpCFGwTCV8gyxsa3ZwEz+0lB6+vyLu0w4xUGQSGwWjKnwsHDBNlLvWGGiGNXmNwiQjR72Ru5TST1RNYceS+tbJE9bo+3LmfV7jKp9ISqaWXlSqCji6aa4rDwX4DY8Ou1yl7qAl5msEd96PlD85V0Ymc676XAztJG9XXqHQlPwog2LHFa7n1yHXGY7OPn5dkgytDLCRtiktfPlkJgga7B2wr5007oO4s0oCdV2SgaKVZ8s2w6YQuWW1KeC56Z+rm5anRSsb1dpqX10Zq1BY5BHCOuBv6z1Mv2UiVFFbQ4oxt8b/2p3qLZ6k3PM1xuebNwIsOCfjT5W+BYJVcKh8KgyA3J2IQjJo0sVqNlQG9VJIyNmLHEH7rh5rWrd/LV27W/duu9aogiFouAuaX5iBtSYl8YypDGeh0ZxSnKLKe76sLhAujl+KwfOYuUd3p5QHttbbTiOrgjHyprpM2Bbxlg/tuEs7w7hDI11gHmhSmV1w5WSDHwKpL9YLk5jBhU7a7dpEUFpenRO+RQaLtaqlsDxxiw0FW+aZd0U/agx5gDy07rfDQbtAUfQvNPZiYyID5l+ckNyhXPYN150z4ajuDrOH1CWMkpvOBGD/+Gl9ZbsdlzkYyNEJY+ujsWdqoL1REds9di9tGLDdBZTGCVX0AS04xp++jImHXJMNp5Jqty6CkSm94rrSDP7XfdPBm4X7n1TqaQ3fp2WlnfNYNI4EIEYnQsjAmkyYi4dYWKmJzr79w3gzVqby+G9XrO4S2siVPptRV9PzEei4fO5fsfB2tNPQWzX6gorFdHvsOYNqrbvs0dExyTvR6pMEr9n+0GIhZyvmC8WjtiYZc4W+ZTA66kFu987pgixybwhCP7x5mNONSbqaL3DqA/cZPjxq5By3hR05j3O8kR03qQ+zghwgsqyJlbNJxy8ETWhO+JJir3xyPLb8s+wuMMkhz/apH6v8RZa2nRktyRIlDq6q3Djc6bD8lZQHynyghpmjssd/5zdMHsEKQe5pCY3bz8QNozvNg/udYVBXgxWJVi26WPBomBC5SeicJ3QI1ELneLnuAQpdYMtSeR5DX0mFcaebTJwAMzsg0w8MtRyYQg7xJsoysIUpB00LLsgdqQu3iV1YRWWzT4KimI214dRVDZBZIYSSkx5/5cpb7Ia29K2OLGtURhu/ab5LAEsawaJQUXBFIHLkthywJxz27cuJltv3udpSqUaD9zGIYjTyRdn1LT4+zXyqgrqJ7o5UGLN9Uhh8QzCEHWZHJypxtTrdDjuR0p2RbC8KXwW0HQQD+rUXXQhP92P8o8AGnIsGVsDSjW2uu3JkzXh7pcx7eFYYtDxaKXexxJXI++Qm9rUtkB14O5X/Sh5cAlUGOEnxd9N/mwHhNYlVX1EhGSOEIualieskj0T13IC41WRk1JeYIuXZqWYjWLT5bOW39shWub+oppXANc34BMKYLSrhSNhtQdpeR15XWfJcFhA5r/ktc74lEwjM1uNguhB7zvNx4Arw6rpYDw4uMhBE6d8GNvNnPwRlmdg7BGF1F72/GZa/zdi7uTm5uYlD1ru0mGmwK/+thHSIbUf1dPPwvAKd2gsqABRSQrBYWEY1gGsVt4EWqkOtrNoujrDhXbm+lCvs6dV6xNQciRtEznHoU8uVdZapQgbGj7bAzvq74g3uxXuS+ESYmzq2r8Lw5/0HJD0naeInZOmBu9+qiFaKUg2IFhetNNrs0eft/vAhHvQjnWp4hq5iwkvxTX6V4Uz8t2+ifOZ+XZfXkUl7Y+QjSBq18Mm82uqtwT0Jp1PXNTtBKfTc1uB9Rxh1F56FRnlKpfuSp4ENd6aZtYI8CQ7hkVRvAjiqc2B7jELqfH8yd9Y/mx+c4liACZuiZRdPPqq9JATzB6F4VkakyyyMFaOeiP00UxFtBvVI4tOF5e0bsVlXlcmzXkPev6GHJ9AwsDzAaTIE+ST1OwXvR7xGSqMU76OVuUZeDjuDyz0SyOCaXacjD1Eowbm3Z8jdoUXpu/zLqRVBCq4vr1Hi/C/Dvm/d4NnN4RKTOq7GP2lyoy/o1bBmEHaSLTjK7RJH89Z+8hJr3Fx9MSwOGR5N50ySa5Ydtom77kUWp/qS2gh2wB/PR2t1EuwhXiVdy4FUjUX6Zk8FoFeF3gIrkB1D0tfn5Q7lo2KY1qwfUu+BqWmJccb5K3flCmGuiWOvyHC4E4B342d1oV5EztZ/HB6AqOT1lyZjLeZT5hbttt6c+d0FmbJw94bhNCiFnWjL8q93KqMuxvesvIcvklBO2OHpxtQV5dw6rkE44bOpOe51Hr/0UjsgoRLq6rRuxs6gn+eq5UrGtCjF7uujHZ3qyUVLYBcHwG4JN9C4AMxCZt4jP7o3uuj8HKYLW/WV6uUrq3xoyi6LaFGEX+y3DpJKqI/TxLThv4Bt+ucdPjH5lPaY77fPLQmOFA6z1TR0FiG6qi4dkNUzESM4bXFfWkEocmLel0zW7tG/HyuEK+Ho/Su45lyiyDDplgVF03ipexoUi0QznS7TxDrDQYhyS2kyxlbZo+Z/1oeRDTVUodAT3PCMB7WCMQ+ReDcn5hY23GIgqoYxBvb+KupqETyaRlmYfLdzVF+9BXTe/Goop
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580435",
"to_ids": true,
"type": "malware-sample",
"uuid": "5788c253-ed00-4cb9-b8ee-4121950d210f",
"value": "b1|701605e224d2455bd30a2a373a29bea8"
},
{
"category": "Payload delivery",
"comment": "downloaded malware",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580436",
"to_ids": true,
"type": "filename|sha1",
"uuid": "5788c254-42d0-4fe5-a3b8-457d950d210f",
"value": "b1|4d2fc5119c15c7fd88c22224b937fdfcf160c280"
},
{
"category": "Payload delivery",
"comment": "downloaded malware",
"deleted": false,
"disable_correlation": false,
"timestamp": "1468580437",
"to_ids": true,
"type": "filename|sha256",
"uuid": "5788c255-fde0-49c7-a70f-40c0950d210f",
"value": "b1|33e7e1ae86855d57ba51657c122c74a34afa85b8267815462a66ceed965a2297"
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}