adulau/misp-circl-feed
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Packages Wiki Activity Actions
misp-circl-feed/feeds/circl/misp/5d3145a8-b2c4-49d7-9b5c-4f4368f8e8cf.json

260 lines
98 KiB
JSON
Raw Normal View History

chg: [feed] added
2023-04-21 13:25:09 +00:00
{
chg: [gen] updated
2023-12-14 14:30:15 +00:00
"Event": {
"analysis": "2",
"date": "2019-07-19",
"extends_uuid": "",
"info": "2019-07-18: Newer \"PoSeidon\" aka \"FindPOS\" aka \"FindStr\" 15.10 Point-of-Sale Malware",
"publish_timestamp": "1589183728",
"published": true,
"threat_level_id": "2",
"timestamp": "1621850183",
"uuid": "5d3145a8-b2c4-49d7-9b5c-4f4368f8e8cf",
"Orgc": {
"name": "VK_INTEL_EVIL",
"uuid": "5d2fbc3a-e520-4bf9-89b7-1b0a68f8e8cf"
},
"Tag": [
{
"colour": "#7bd107",
"local": "0",
"name": "PoSeidon",
"relationship_type": ""
},
{
"colour": "#0235a3",
"local": "0",
"name": "FindPOS",
"relationship_type": ""
},
{
"colour": "#62459e",
"local": "0",
"name": "FindStr",
"relationship_type": ""
},
{
"colour": "#37d4e6",
"local": "0",
"name": "Point-of-Sale",
"relationship_type": ""
},
{
"colour": "#787ad7",
"local": "0",
"name": "RAWINPUT",
"relationship_type": ""
},
{
"colour": "#2be799",
"local": "0",
"name": "Keylogger",
"relationship_type": ""
},
{
"colour": "#0dd733",
"local": "0",
"name": "Memory Scraper",
"relationship_type": ""
},
{
"colour": "#3b947c",
"local": "0",
"name": "Signed",
"relationship_type": ""
},
{
"colour": "#e8ece2",
"local": "0",
"name": "\"Lingarder Limited\"",
"relationship_type": ""
},
{
"colour": "#2ac804",
"local": "0",
"name": "Thawte",
"relationship_type": ""
},
{
"colour": "#ef7f5c",
"local": "0",
"name": "Version 15.10",
"relationship_type": ""
},
{
"colour": "#0088cc",
"local": "1",
"name": "misp-galaxy:malpedia=\"FindPOS\"",
"relationship_type": ""
},
{
"colour": "#004646",
"local": "0",
"name": "type:OSINT",
"relationship_type": ""
},
{
"colour": "#0071c3",
"local": "0",
"name": "osint:lifetime=\"perpetual\"",
"relationship_type": ""
},
{
"colour": "#0087e8",
"local": "0",
"name": "osint:certainty=\"50\"",
"relationship_type": ""
},
{
"colour": "#ffffff",
"local": "0",
"name": "tlp:white",
"relationship_type": ""
}
],
"Attribute": [
{
"category": "Network activity",
"comment": "FindPOS configuration",
"deleted": false,
"disable_correlation": false,
"timestamp": "1563510277",
"to_ids": true,
"type": "url",
"uuid": "5d314605-0088-41c5-bf03-57e368f8e8cf",
"value": "http://kethetrecsin.com/hrvm/viewtopic.php"
},
{
"category": "Network activity",
"comment": "FindPOS configuration",
"deleted": false,
"disable_correlation": false,
"timestamp": "1563510277",
"to_ids": true,
"type": "url",
"uuid": "5d314605-4204-4a48-b4ca-57e368f8e8cf",
"value": "http://haponebitold.com/hrvm/viewtopic.php"
},
{
"category": "Network activity",
"comment": "FindPOS configuration",
"deleted": false,
"disable_correlation": false,
"timestamp": "1563510277",
"to_ids": true,
"type": "url",
"uuid": "5d314605-5d9c-4c9e-abea-57e368f8e8cf",
"value": "http://rygotunren.ru/hrvm/viewtopic.php"
},
{
"category": "Network activity",
"comment": "FindPOS configuration",
"deleted": false,
"disable_correlation": false,
"timestamp": "1563510277",
"to_ids": true,
"type": "url",
"uuid": "5d314605-6cb4-4c67-b3d0-57e368f8e8cf",
"value": "http://enrewhetons.ru/hrvm/viewtopic.php"
},
{
"category": "Network activity",
"comment": "FindPOS configuration",
"deleted": false,
"disable_correlation": false,
"timestamp": "1563510277",
"to_ids": true,
"type": "url",
"uuid": "5d314605-d478-4c6b-a037-57e368f8e8cf",
"value": "http://ughrenhertwi.ru/hrvm/viewtopic.php"
}
],
"Object": [
{
"comment": "Original Malware",
"deleted": false,
"description": "File object describing a file with meta-information",
"meta-category": "file",
"name": "file",
"template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215",
"template_version": "1",
"timestamp": "1563510205",
"uuid": "5d3145bd-9384-4c5b-b415-57d868f8e8cf",
"Attribute": [
{
"category": "Payload delivery",
"comment": "",
"data": "UEsDBBQACQAIAO0i8046wjrtMA8BAAjkAQAgABwAYTNjZTJlYzFlOGIxMjdkZjdmOTJiZTJhNzQ0NTljOGNVVAkAA71FMV29RTFddXgLAAEEIQAAAAQhAAAA6HkpVxjBZ/aWOSP7a9jYCEVdW11DSRBepQdShQXQOm0JVVUDnxxK6dTw6dUcQGk0G85y6TYgb6Rggfif/qp5C2D2qIdHEROtg1ILyj9R2r5mrGIFO8kpF/4GY+Fiq9/iOcJu9MFhvFVVAux1Op0cogGPP57ju2a4znmadlpXgWztq2SApYZeiXC+2AmWXGYsBPLHplPag0zQSxb0sLzVVjSiNT+EtQ74aTaoj2ANWY5s+dnfUwyJL4/usIkG9IYHCKQKBCWWLeio4QkYjprY4UobOEYEYLJW//MV3HTbev4ASOMOyfvkiMP8HlmKS3XHV8RmBvQ12p0oHAtTePRRGcAi7zUEjb95PY9F+H2IZP2tmgfb++u5zOZ8ECr23cR6bPg9uOxYMiet4pBtFaQxV6tADdl/vf0+eTPlymsIWyhfKASWuo+CEWMXHflLHVoJX1QH/j2Bulzhp6Qjp10EyETA2OWnx4/pJYysFDKHfKmiOfJ0WSoQNSe/i96+iyKteobo2CaVz7ccN4MyBs8c4Czs6LIrkW1pBDh3Rwf83l1OT3MUyC85/HEpBbxaRhGZop7t0jlJqq8cyeYhWSmz1xHMTZoTKlOesc6RPWEZ2Bt5OiOybw8oSIsXiTq5sUmL5HqmttmAAfqN4P0pbDbJJfgjNTXd/q8Lw6tAI4Tlm1LgbKNuMw9Pfvn+OnZmRZFzBsWg22os4qgSNo4JovHoA8K13sWq2mWzSHufaTx4CvWslJyHxSNa17K9roHVX0uWDCiTrNIpFhn0Ip+sJdLfIPqP2eQugS+t30i5sCKVcRli/SsqSwRv2NrK7f6khw6DN/8rqfOeiws47FF3H1PoI5AIlwNrplY0VXGRoPFEJhz0lrFQ3m1P3LbSunMrIwDxQ68qhYLNoohBLE68s9e2ppk96pB/SpdE9/8VXmJddhcAUbnNz+H7kKZpp2MYLroleyv3BdDGwEyGeCM8/seWDEHWPDfiDZTCvvZxB0dica5r7sxW9dEujzHj4ls6JyCtj5yqS+2Ht314NVNLKsBh7zqWswXCN0NCDsIqlx2E3WCuHhmrg8JVvRGl/v1sTygER8h56gGBY4hzqru+QShj0raYiRC2lTee0CKnajHagDQZaIJDngN7LZr5nW6h5pwGh6KLXt1ha8SgT1+6agMRu3pH+vuzP70WoiBAQD88aNddh9Epzc+/0hchak9hlYRKxpvQ0PWZHs2NXJhwxdBWs4wpEk+pp4xtQpm1l0liz5VbmQ9uU6soRMMrh4Pu/ZGSBXFzzsA7mZWRGZdO6g+ZYiXtl0eIlW8wMLc6yxsrtZHXI0NDoVq9wlWBXvoNjV9rFuFnE5FjaZ8Wp//4JPDrpUpfr3AUZ2pyIURC/MlxboliL6O5tgL/CNEjvADTeOFm6vNHgkCx9KwqS+l2X6O71zvhTtgknNZ2SlSeCIxHR5K1E04XDaGpMiR5/eIoMvZM+ma8ilR/NBCtB8/End3dGBGrsIK31MkWObjZfMlBi6TwIi4qGfCY8IARd6OjIfxXIVrm4JHBsGG83VafEyRe86ZAbuVZRHW00pYCYb7fSwdxkyMlBsdq6+yy8zDgefaVl7bXRotFyuy9oDei/6UzoIAvbzkd6aMIM1D/NGEy75LMwIC6Pow5bH6Wony4LeGmD9KFsTFNh022YdIycqk19QgSKOlD90VWtRV81OomZTSyX8wgiJ91YXmFoj/t3M53YRb0fU2IOgRPpsgdChB/7sMGzcFY7sxVn++V1/IDrvhTZY0n2iH3QiKYGVOj4a3yXeNyw69dFRW2Q4PfkTxUWky+mVWxDBYJF46OaMgelbd7uaJ7rFe1CPsq9AADHLREGWwNjkeCpRMO5GUXobuqDjuHO3capSbJggCMgr+gQFD3tMMak+fKkRaWqQFPksyqyyV197KtIJau4+JAw+cZBjU3VJ36VP0zXt6KlZvOkDdW6J13GlVaqYXPC7tlBM/Uao4+ML1aKNT9pPLPF6qoH7mCTO+wxYismu5/hJbtzFb3Km+1e/USWiSFr8Tt+pkZq+x2dzsH2VQGkLwpQDfue4Nef7MCsgmv8PqZHmL4iVENqGqSoZmeaxn4zx59THxRQ5FAMYcEao1CyLOr46gQBN/7Oi0kzXcY63ZJmzJTgue2DdSNx1xUF0jD6PTXsgr8eKfl+ZOUDhTlBjB6MWAeXHguuo1uIJ/cbmU+MCE8SWnMASMMHjAQYmPCJle6tVxkRJLVLhy+NrP0PGBbykaz0rdITo6kyEwz5PkcE+mK07VZlq8cC1ZhrPpm3b32S0LxTCBJ8C9PIzGWaWoRzSKEfwul5Mehbyf72QW4UhAKg7ff309mO/+bvZGJNcgbM+lCGOWCStreUtSPrnJE3RGp7QjwGCejtVQ/wFH4zR2nBOLgKEOFcjQSPalfOk6Xoycvx5BVb4fezvdz/MqV0+t2sFryt/8jMdGGzL8bLdsb2ZqQpYtlDKC6XJY3fPyVx3iv2edZ8UvFxO40007a+rv1KdGJDEkBKZemAar2riCA2FEwWJc08skHph2ZZm4TsKf0179w2rFE8NkqMDu3ZnawzDwSzQKxjCMMEfghtpTkF6l569OqSU8kT1orI/+MXapEbntsN85PsXHULkNeHZgQX3kZ8s2ZBg9+HNyzPIoWc+R2dJ8sOW0sDhmfNPIkTDhWWGtWkeDnrlnCxLMIGbu42w5IHQCIU8BZ+cCEkMZ+fezGr+cfQH0AdNYr/k9gXgJzixMblWbvQ79LIq3lRgv+1vTAXtTPeyter7DBa1pOaa+l7TnQROPW8RIPekjr/1JR47HQ5k6UsZcBDQ6Rwkpq+R361eUNlTwM72Ys0Odmiag4DiZbjen/3aO4W2UNPlizv91diCWqT4Xf267MKlAPD8gx6nF6gukmuNaOyY/yZG2vuP+xAQMORGz7oK2qq0V2kSBX7ockCwnnNlhstKvuO3KjVQAKaB7mwJznI1yt4JlPoGzqVHHHiUYhDOb1KIdJjogdRYTn+TdD3/Lc22+iRK40l9i/FmBagzh6NBkvB528jRcwxtMcOWqJCaSiiAwHsbfoN5gFBlSZfAMULxc5xECdqmc+xGOfMZpTwER4Ej3uggAsN64dC++m1hI2cD4Xavi2pkto4HgKKZcQOEEJj7Cga39y1yFj1fASl1p68dSDWKi74j2+OMpZUoFGBBjvYoZeLv/F3PRBQisT0q2NM80+GQETOLZW0s3Pgt6kSVdM3RtK640Witbi4c8vBWO6v49FE+ntDTneS/lG6rpe6DqXhPYRQ/lvaRxmg4mfDgfX5++Npnv0X0hpb5Wu6IauAgQVC4bZHz6uj2vADZQZ+OluT/9GiJ3h6hUps+eD+y/KcnTC17KwBGQh+5zk4EB4DntdeBx/RPo35QLRpzoYveFVzd0ElSPrUllR0obymPMT+GozKjEWMwYdmAQnlTFJyBdYM9PNnQ1LPBs0/iBJiHDfjf74nb5PYgRb1fw38G2puS1E0K1ZPe2UBUNhuv8u91eI2+mYLJPmnRt1wus3hx1GOv8LlKWF69jzkN6/aD3FD6v0BXr22T5eFv43WNU/xxT6ibnPxWG2+SIG7rrCWf5Y+91FQ71YNNAWkZebG3cD/R1a7fGefYoFgma2UFeb3r9k0diGBG4rF7lfPEP2twQsoa8jJImu7j5FjxrQ48x0tRaqAtTqnB+YnX5vvUzJRQIIQN6b+o4ivMfWQYkqaaZTtubqs6q+DGjeFHedgH5AJEyYZw/M4iffh5aSSEA7FdayjLcgdZDo0KvwXoCaY6cwNB1dsM8hOyUMKz+quwxHhCanI+HCYBoFVEe9oF9/0W19vGItZu5Ev4/aLbZVic/3od+GtuMMpCcF0sGDVuo0DCcX2taYeo9vJk0MVpDx9q8nr3uaYidiBBu6EFGYFeS8AmqYgJisdRX9BOb3IOXJxSbcAI
"deleted": false,
"disable_correlation": false,
"object_relation": "malware-sample",
"timestamp": "1563510205",
"to_ids": true,
"type": "malware-sample",
"uuid": "5d3145bd-a44c-4f20-ac1b-57d868f8e8cf",
"value": "ce718a6309e66c881e946b458a383fc10881b05c508742344c5a5e086f385c60|a3ce2ec1e8b127df7f92be2a74459c8c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "filename",
"timestamp": "1563510205",
"to_ids": false,
"type": "filename",
"uuid": "5d3145bd-2640-4b54-a1fb-57d868f8e8cf",
"value": "ce718a6309e66c881e946b458a383fc10881b05c508742344c5a5e086f385c60"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "md5",
"timestamp": "1563510205",
"to_ids": true,
"type": "md5",
"uuid": "5d3145bd-5b2c-4f8a-ac46-57d868f8e8cf",
"value": "a3ce2ec1e8b127df7f92be2a74459c8c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha1",
"timestamp": "1563510205",
"to_ids": true,
"type": "sha1",
"uuid": "5d3145bd-91a8-45bd-9b05-57d868f8e8cf",
"value": "a1e1b5611d70fe4a6c224c60e15da9c3efe29a2d"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"object_relation": "sha256",
"timestamp": "1563510205",
"to_ids": true,
"type": "sha256",
"uuid": "5d3145bd-9ebc-44d3-8f05-57d868f8e8cf",
"value": "ce718a6309e66c881e946b458a383fc10881b05c508742344c5a5e086f385c60"
},
{
"category": "Other",
"comment": "",
"deleted": false,
"disable_correlation": true,
"object_relation": "size-in-bytes",
"timestamp": "1563510205",
"to_ids": false,
"type": "size-in-bytes",
"uuid": "5d3145bd-15ac-4e77-95be-57d868f8e8cf",
"value": "123912"
}
]
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
]
chg: [gen] updated
2023-12-14 14:30:15 +00:00
}
chg: [feed] added
2023-04-21 13:25:09 +00:00
}
Reference in a new issue Copy permalink