misp-circl-feed/feeds/circl/misp/5b3a4543-e5d4-485c-8960-fe190acd0835.json

101 lines
3.2 MiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2018-07-02",
"extends_uuid": "",
"info": "Malware with legit company names in metadata",
"publish_timestamp": "1530552904",
"published": true,
"threat_level_id": "2",
"timestamp": "1530552872",
"uuid": "5b3a4543-e5d4-485c-8960-fe190acd0835",
"Orgc": {
"name": "Synovus Financial",
"uuid": "5a68c02d-959c-4c8a-a571-0dcac0a8060a"
},
"Tag": [
{
"colour": "#0088cc",
"local": "0",
"name": "misp-galaxy:rat=\"NanoCore\"",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": "0",
"name": "misp-galaxy:ransomware=\"Razy\"",
"relationship_type": ""
},
{
"colour": "#054000",
"local": "0",
"name": "misp-galaxy:tool=\"njRAT\"",
"relationship_type": ""
},
{
"colour": "#001739",
"local": "0",
"name": "ms-caro-malware-full:malware-type=\"RemoteAccess\"",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "C2",
"deleted": false,
"disable_correlation": false,
"timestamp": "1530552868",
"to_ids": true,
"type": "ip-src",
"uuid": "5b3a4930-61c4-46a5-b199-61330acd0835",
"value": "217.66.231.245"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1530546480",
"to_ids": true,
"type": "url",
"uuid": "5b3a4930-53f0-49bd-bf05-61330acd0835",
"value": "http://bongdacongdong.vn/authorization.exe"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1530552872",
"to_ids": true,
"type": "ip-src",
"uuid": "5b3a4930-450c-4e13-b948-61330acd0835",
"value": "112.213.89.144"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1530546480",
"to_ids": true,
"type": "ip-dst",
"uuid": "5b3a4930-39ec-4631-b056-61330acd0835",
"value": "31.170.165.90"
},
{
"category": "Support Tool",
"comment": "Sandbox Report",
"data": "JVBERi0xLjQKMSAwIG9iago8PAovVGl0bGUgKP7/AEEAdQB0AG8AbQBhAHQAZQBkACAATQBhAGwAdwBhAHIAZQAgAEEAbgBhAGwAeQBzAGkAcwAgAFIAZQBwAG8AcgB0ACAAZgBvAHIAIABoAHQAdABwADoALwAvAGQAZQBuAG0AYQByAGsAaABlAGEAdABpAG4AZwAuAG4AZQB0AC8AYgB1AHQAdABvAG4AcwAvAG0AYQBuAC8AbQB4AGEAbgBuAGEAbgAuAGUAeABlACAALQAgAEcAZQBuAGUAcgBhAHQAZQBkACAAYgB5ACAASgBvAGUAIABTAGEAbgBkAGIAbwB4KQovQ3JlYXRvciAo/v8AdwBrAGgAdABtAGwAdABvAHAAZABmACAAMAAuADEAMgAuADEpCi9Qcm9kdWNlciAo/v8AUQB0ACAANAAuADgALgA2KQovQ3JlYXRpb25EYXRlIChEOjIwMTgwNzAyMTczNDQwKzAyJzAwJykKPj4KZW5kb2JqCjMgMCBvYmoKPDwKL1R5cGUgL0V4dEdTdGF0ZQovU0EgdHJ1ZQovU00gMC4wMgovY2EgMS4wCi9DQSAxLjAKL0FJUyBmYWxzZQovU01hc2sgL05vbmU+PgplbmRvYmoKNCAwIG9iagpbL1BhdHRlcm4gL0RldmljZVJHQl0KZW5kb2JqCjYgMCBvYmoKPDwKL1R5cGUgL1hPYmplY3QKL1N1YnR5cGUgL0ltYWdlCi9XaWR0aCAxMDYwCi9IZWlnaHQgMjYxCi9JbWFnZU1hc2sgdHJ1ZQovRGVjb2RlIFsxIDBdCi9MZW5ndGggNyAwIFIKL0ZpbHRlciAvRmxhdGVEZWNvZGUKPj4Kc3RyZWFtCniczZ09juS4FYApyICcKXWwMH0Ehw4Gw6vsEXwAY6nFBpN5jzBXUWOCCX2EVaODDq1BB9bCsmi+H1KUyOqf6dJTEbsDNUslfiL5fkg+spSSTsb14mXuk3bnQ9TuBiDMDUBARZwOoW8Bwt0ARHMLEOYWINwNQDS3AKFvAcLeAETlbgCCusR0JgJ3iflcBuoS3bkM1Q00BlnQ7mSI9gZ6BBqO4WwIewOtUd1Ca0C/HLdZvThEm7VGNZbvPDB5fblsc2p5pWEyTVXLd5FcQBsnzVDlAtqKSywIB140kaYV9ywa1hJoxqiH6r3IHp5a1hLkZw5wacRtqqGS2cVbKEtaPCz1hJr9zAGzlue/c/XE/TJAzCuXXKq4XwYIR1y9KETN+jK4/b49KnH/ouECI8SEl7Iy2nLVR4gFW0ZWRnXohAHCdY24l2OCOEaIoXGZcT842fDSEWJqXTAnUik2f4RYWulxSBUFwUaKX6VH6HVUCSvEl2jJhFIT39m6oDa/OWFF0cTWNwCD3WGywoqijXLwAf/FnmmEIfROI2BVaGFttfdfUHt/FdZWdl/v0BQPwtrK7sWgDeLRyUFkCgHaY5KFqHLV6OVztqIqs87fWLN4DJIQ+6yGrYecymxyUaxZRuUg2oJSYhmVU5klCEMyKqcydeGFNcmonMo0haZvSEYlIQb1p12e75mLldTb1uukD7s80JlGEgIU40/7TF8NnyX1NhSVQRjSVr0QQwWVnsmiJm0lCVFlQtqSthqEIGoY/mYQXjyeBCEarxebTFP4+vld0HggxJBle20laDxaX1LbZ9kWVaYcxKh0l2UbVJlSFkyXITSqTDmIQZk8u0UHT8qCgf3KFCZCfJaEKJgONOb/krNgYERD0zdrH6hJb4tBdFFr21VFem31KGdG3QpRp+JAelsMQtWsndu0/snV7eUgBro0aakWjYcMROXFsBkCT2I3DfrbghA9X6YmS6MFGy587bqp9n2R7RfO28WeqdGCCUJ0eIkBRlFHtmjBNg5FfRzEFOwXTphF8WhwBm/c3HoURAMQdKldOjvToBlNIcyBEGMwosalE9o1mtHUqzlOiYNP85EuaWZ74Lev0YwmEIXJlGtCsBGlqfVHLqvC4c+U3nmYi9N6KfxHChFbxLnfNq6VSZyLv1wXovIQM1+FNK5MM3/gszD7j8RzbU1qejXtIAjKhkuK+qlQbn7gO6/cMk2AiOvDrLBsuCSIelGaBWljba+T+moPQSWYANEgRDPBhKfpFCmU/soUHM3UrBBdAaIdYa3MQuH2gAFiDgElsQJVVPt+bNJDV7DDW8Mm/Xfr7G7tep28r0/s0yQQQwHCdBVLTrS2GYod7bArDp76SwnCpOogQrQrRBLbwo8alY01AJoePmizrlGAgLK+lCBs8r5FiGn9O0L43tFTABBEP2n/v3F7f6MAYS9BpO+rVHCsyhAdQ1QzPdKz6AVqo8fnv1QTWHvfB4EFNhsImszBNTszkaJ1r4Co3wihn4cYOQ+K8lfXhmDvLoFYcojmvlO8QIMdwYzVayCad0KQBu0Zon3AuxAC8vT0Kghs46KIvgiRBDxFiK9UjOvJkrXzIRDuWQj9CS+8ESd/FyAyU5pD6NdCkJ/b7CGqLcQ/+dtDTT1mqXMj9m6ItDWwwrcQ5ocAQZMY9SEQpgwxbCG8S9pwYFidzxvkEBgzVDRgRQj3PMTHv9GFG9u3QYyvg/izUqlzFyDUBuIngqg9BLugv7wOYmCIJMrUzjnER3r68xAf/soQ0xaCF7n17K9GgDBYYB8heoYA7dNCABcomM9liOYFiD/8XVGFTZqyLEH4W/xTFUww+BH0aO9BtHxeQ/rdBgiM/iUILKoI0b4AoX7cQ9wFCK8xICwHBGG0D/4KlvEAwn85QsDzB4JoL0LoHMIWIWZNVW3usM79LUsFo1Z0lUb7b38FpfxCRsbCo3DkD5++BGE2EH2EGAME0Sg3mz2Eq2D8zhDADQXegX7vVwj4dCIIXYL4EEuMac4h+hxiZIifscpsgBgNQYAMRwj4YCYIU4BISty2xyWILkDMGwi3gRi8fn8LROhgaRouQdgAoQdstRIE/gPlqRUCPl2eg4AbdxDjHiIsk20gvPj/6IXvDp45gOz58js32Rl1xiUIW4YYdgqTXF2zgZgjRKgsG6ztndcS7h5kYbSLspP1ZY5mapcVwj//0wrhlcnO5S9CzK+AMCHu/Q7a/B5kYbSz94P9l+zkIeYNhP8vQHT7wU9VhFheAaGpwgBijBB+vDjDWtKkZ72B8JW1gdD0lC6BqHcQ7hUQLTujII4RYlghwIqUIRLjop6D6F6GCLtCHChwD9FtINolhYA5W8sQ7poQId6fIB4ixP98CXpqFhifvA+ivwzRha9y0HkRYm4c+BZbiF8PgKioY5QhKPL3fRDDKyDA7TXPQPRHQbgUoiYVvYVoCaI6AmKJEMn3vYm4BEE26X0Q4w6ijhA6+b79dhGiOg6iehlCb5ujvyaE414QfEyCePJPe146joFoEwjzBK7kM3rCXAfCEQRNCMBCURh3vASBGjMMfq4MwSOwKkDktoPUNtmOMAxM1TZZ0bdD+ILpa8mA+CJEakVhQNx+ASs6oxX1Xj9A2CLE3p9YIWzHENgV/IgyTA1wx1whgimfEn9CwzO+rKZ8csGzegeEWSdJAkS1gzAEQZ4VQyzBs3Iu+JgbiLJ7t2pMnNfXA00cJhBYH+4JNkoFCHBvh+jejeBjMgREIHx6EWLvbZOMA4SBGjADTqHyxBl2jgm76RN0MoYYaoRgR5e8bSz2wZF6p51E7PJnEONrIHg5zCsnaCBNXvwTuM0IMUCn80VDdYDLT+OOt0HYSxAahyA9zmjnk6kQbRIg3G7wAyOwJoWYmxcgzA6iDxBY7/5P3Nm8TivbASHuV4hYPvoY9zQgrgOEXSH0d0DgzFdHO5s1QEDDVFDGcxBegUaIe379KUL8pwyhdxBdgICWpf/nzVIDLQTBaM4ShC/mN4TAIcUXardAiq8/QuQQzk88liHaCxADTFdq2prV1bzogjn4/A7WxSLEZ4To4FmfaKYGHzLwPj8YJIxYH18LENN+zipsnvVfrEjdBU0yU7SDz8EM2KvDENotGiFUmC6y3My+pbAloAUHsCMecQdhEWJnPJYIobhoFuJw68xnVnhflyFgDsZLKdwLb86rMzhhZn
"deleted": false,
"disable_correlation": false,
"timestamp": "1530546827",
"to_ids": false,
"type": "attachment",
"uuid": "5b3a4a8b-d20c-4aad-8cc2-61330acd0835",
"value": "report-597633.pdf"
}
2023-04-21 13:25:09 +00:00
]
2023-12-14 14:30:15 +00:00
}
2023-04-21 13:25:09 +00:00
}