872 lines
27 KiB
JSON
872 lines
27 KiB
JSON
|
{
|
||
|
"Event": {
|
||
|
"analysis": "0",
|
||
|
"date": "2016-10-12",
|
||
|
"extends_uuid": "",
|
||
|
"info": "Spam 2016-10-12 (mule acquisition) - probably related to Locky resources",
|
||
|
"publish_timestamp": "1476277788",
|
||
|
"published": true,
|
||
|
"threat_level_id": "3",
|
||
|
"timestamp": "1476273211",
|
||
|
"uuid": "57fdfd37-72a8-4308-a5e2-4b98950d210f",
|
||
|
"Orgc": {
|
||
|
"name": "CIRCL",
|
||
|
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
||
|
},
|
||
|
"Tag": [
|
||
|
{
|
||
|
"colour": "#ffffff",
|
||
|
"name": "tlp:white"
|
||
|
}
|
||
|
],
|
||
|
"Attribute": [
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263650",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfee2-bd24-4b26-9cc8-418e950d210f",
|
||
|
"value": "http://7gpj.com/wp-content/plugins/dx-seo-tool/extends/image-att/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263651",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfee3-ce38-4be1-b79c-4b47950d210f",
|
||
|
"value": "7gpj.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263651",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfee3-c1b8-481b-8da3-4df5950d210f",
|
||
|
"value": "121.127.255.40"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263652",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfee4-9ee0-49c1-8fa0-449e950d210f",
|
||
|
"value": "http://alexnetdev.com/wp-content/themes/twentyfourteen/genericons/font/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263652",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfee4-5794-40f4-ad85-4250950d210f",
|
||
|
"value": "alexnetdev.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263653",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfee5-586c-4cd3-8217-4181950d210f",
|
||
|
"value": "98.220.156.84"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263654",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfee6-cc18-46b1-bc8f-465f950d210f",
|
||
|
"value": "http://almarest.kz/kblco3/par/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263654",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfee6-7890-4c33-a946-40e0950d210f",
|
||
|
"value": "almarest.kz"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263654",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfee6-e0ec-492f-992e-4234950d210f",
|
||
|
"value": "91.201.215.202"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263655",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfee7-56cc-4ed6-9c4d-49e0950d210f",
|
||
|
"value": "http://avtomarket21.com/administrator/components/com_jce/views/preferences/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263655",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfee7-2c10-43de-9297-4746950d210f",
|
||
|
"value": "avtomarket21.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263656",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfee8-b4bc-422f-89c9-4a57950d210f",
|
||
|
"value": "81.177.141.48"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263657",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfee9-8194-456c-b2a4-4ff0950d210f",
|
||
|
"value": "http://boostsales360.com/wp-includes/js/tinymce/plugins/wordpress/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263657",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfee9-1fcc-4ea6-be3a-467f950d210f",
|
||
|
"value": "boostsales360.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263658",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfeea-9188-4c1a-ab9f-4643950d210f",
|
||
|
"value": "184.168.203.1"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263658",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfeea-c948-4098-86a3-42ab950d210f",
|
||
|
"value": "http://cristalinteriordesign.com/wp-content/plugins/jetpack/scss/templates/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263659",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfeeb-c430-4531-9d7b-4399950d210f",
|
||
|
"value": "cristalinteriordesign.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263659",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfeeb-e074-48dc-b039-4cdf950d210f",
|
||
|
"value": "166.62.109.21"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263660",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfeec-b37c-4b95-96e6-4bd5950d210f",
|
||
|
"value": "http://d.mspyplus.com/img/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263660",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "57fdfeec-3950-4412-aaff-4547950d210f",
|
||
|
"value": "d.mspyplus.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263661",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfeed-d1ec-4a6c-9e91-4d14950d210f",
|
||
|
"value": "69.64.75.200"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263662",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfeee-ff34-4019-b5fc-4ce6950d210f",
|
||
|
"value": "http://dmrburo.com/catalog/view/javascript/jquery/colorpicker/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263662",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfeee-c4ac-4232-8219-4cd8950d210f",
|
||
|
"value": "dmrburo.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263663",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfeef-9df0-4dc9-9add-4db9950d210f",
|
||
|
"value": "77.245.149.65"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263663",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfeef-2e78-4d60-8896-4fb8950d210f",
|
||
|
"value": "http://e-formulas.com/nouse/include/ckeditor/plugins/about/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263664",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfef0-b488-4659-a95a-445c950d210f",
|
||
|
"value": "e-formulas.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263665",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfef1-4ce4-4ca5-92d6-4752950d210f",
|
||
|
"value": "47.89.47.187"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263665",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfef1-8644-4d2f-843a-497a950d210f",
|
||
|
"value": "http://eurosib.net/phone/css/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263666",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfef2-3934-49cf-9d6e-44ff950d210f",
|
||
|
"value": "eurosib.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263666",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfef2-0330-4f18-9075-4d23950d210f",
|
||
|
"value": "81.177.140.42"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263667",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfef3-d350-42e2-96af-4ec0950d210f",
|
||
|
"value": "http://forum.personyze.com/uploads/monthly_04_2011/Royal Bank of Canada Access ClientSignin/XMPPHP/.svn/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263668",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "57fdfef4-4cbc-4f06-ac69-409e950d210f",
|
||
|
"value": "forum.personyze.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263668",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfef4-54f0-43de-a665-4859950d210f",
|
||
|
"value": "79.125.111.42"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263669",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfef5-679c-46af-a391-4177950d210f",
|
||
|
"value": "http://goted-help.unionecso.gov.it/wp-includes/js/tinymce/plugins/inlinepopups/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263669",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "57fdfef5-c934-45e3-bba4-472f950d210f",
|
||
|
"value": "goted-help.unionecso.gov.it"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263670",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfef6-f038-42fc-937b-47dc950d210f",
|
||
|
"value": "151.13.213.118"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263671",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfef7-2044-4a02-bff5-4818950d210f",
|
||
|
"value": "http://groovetravelers.com/wp-content/uploads/2016/10/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263671",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfef7-f728-489f-a6a4-4bed950d210f",
|
||
|
"value": "groovetravelers.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263672",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfef8-a558-4388-8810-4f5a950d210f",
|
||
|
"value": "104.27.133.231"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263672",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfef8-24c4-4a2d-8384-4bf1950d210f",
|
||
|
"value": "104.27.132.231"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263673",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfef9-e684-40bd-b826-4f53950d210f",
|
||
|
"value": "http://hibatoallahschool.com/wp-content/uploads/2016/02/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263673",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfef9-f648-4b01-8965-4c6a950d210f",
|
||
|
"value": "hibatoallahschool.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263674",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfefa-1a0c-4907-9d1d-4969950d210f",
|
||
|
"value": "205.144.171.104"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263674",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfefa-f1f8-4707-978e-40fb950d210f",
|
||
|
"value": "http://hit45hk.com/wp-content/uploads/revslider/templates/websitebuilder-clients/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263675",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfefb-d924-4ec8-89dd-411a950d210f",
|
||
|
"value": "hit45hk.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263676",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfefc-fde4-4a64-81d8-4673950d210f",
|
||
|
"value": "108.59.253.44"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263676",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfefc-754c-43da-9b92-4e5e950d210f",
|
||
|
"value": "http://hivein.com.br/wp-includes/js/tinymce/plugins/textcolor/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263677",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "57fdfefd-0134-40c2-8c36-4250950d210f",
|
||
|
"value": "hivein.com.br"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263678",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfefe-8910-4b93-975d-42eb950d210f",
|
||
|
"value": "186.202.127.27"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263678",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdfefe-61c4-4d15-93a2-418e950d210f",
|
||
|
"value": "http://housepedia.net/wp-includes/js/tinymce/plugins/colorpicker/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263679",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdfeff-3bd8-446a-ad4c-4e39950d210f",
|
||
|
"value": "housepedia.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263679",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdfeff-5ecc-4244-99e8-49b5950d210f",
|
||
|
"value": "128.199.55.81"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263680",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdff00-6198-4683-a530-43f3950d210f",
|
||
|
"value": "http://informatike.it/wp-includes/js/tinymce/plugins/wpembed/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263681",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdff01-4fcc-4161-bfac-46ed950d210f",
|
||
|
"value": "informatike.it"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263681",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdff01-cac8-42fa-8db0-4adc950d210f",
|
||
|
"value": "92.48.103.22"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263682",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdff02-fb84-4c55-9f0b-4b0a950d210f",
|
||
|
"value": "http://kiwitemplates.com/administrator/components/com_xmap/helpers/html/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263682",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdff02-2070-48d9-a8e3-4616950d210f",
|
||
|
"value": "kiwitemplates.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263683",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdff03-6874-43c5-b2f6-4cd9950d210f",
|
||
|
"value": "81.177.141.143"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263684",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdff04-afc0-451c-a1ff-44a6950d210f",
|
||
|
"value": "http://mpbrc.cnr.it/administrator/components/bring/par/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263684",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "57fdff04-87c4-4b36-bcae-45da950d210f",
|
||
|
"value": "mpbrc.cnr.it"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263685",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdff05-1464-4102-b295-4e84950d210f",
|
||
|
"value": "150.146.204.90"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263685",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdff05-4af8-47ab-aac3-4671950d210f",
|
||
|
"value": "http://phongvehoanggia.net/plugins/editors/jckeditor/install/models/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263686",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdff06-1b20-41e7-b193-4acf950d210f",
|
||
|
"value": "phongvehoanggia.net"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263687",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdff07-4114-41c7-a6a7-4a00950d210f",
|
||
|
"value": "222.255.239.118"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263687",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdff07-537c-47eb-9eca-4482950d210f",
|
||
|
"value": "http://suahdd.com/components/com_content/views/article/tmpl/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263688",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdff08-4128-4582-a0dd-4f0c950d210f",
|
||
|
"value": "suahdd.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263689",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdff09-3b30-4bb1-b4a9-4786950d210f",
|
||
|
"value": "103.254.12.144"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263689",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdff09-848c-411d-b4fe-4c42950d210f",
|
||
|
"value": "http://tvsanok.pl/administrator/components/com_imageshow/models/forms/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263690",
|
||
|
"to_ids": true,
|
||
|
"type": "domain",
|
||
|
"uuid": "57fdff0a-0e6c-4541-abe1-4970950d210f",
|
||
|
"value": "tvsanok.pl"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263690",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdff0a-4248-4002-a482-4575950d210f",
|
||
|
"value": "178.33.210.137"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263691",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdff0b-c250-4173-bf02-4865950d210f",
|
||
|
"value": "http://www.guyaneetpetrole.fr/administrator/cache/_system/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263691",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "57fdff0b-8df4-4f0d-a8cd-416c950d210f",
|
||
|
"value": "www.guyaneetpetrole.fr"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263692",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdff0c-3148-473e-963f-473f950d210f",
|
||
|
"value": "192.99.4.137"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263693",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fdff0d-8a5c-4f9b-bf0b-415c950d210f",
|
||
|
"value": "http://www.peopleace.com/js/zithromax/sessions/"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263693",
|
||
|
"to_ids": true,
|
||
|
"type": "hostname",
|
||
|
"uuid": "57fdff0d-2a14-49a9-aa36-42e8950d210f",
|
||
|
"value": "www.peopleace.com"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476263694",
|
||
|
"to_ids": true,
|
||
|
"type": "ip-dst",
|
||
|
"uuid": "57fdff0e-7398-4d4e-8dff-4cc5950d210f",
|
||
|
"value": "66.33.12.182"
|
||
|
},
|
||
|
{
|
||
|
"category": "Network activity",
|
||
|
"comment": "compromised location",
|
||
|
"deleted": false,
|
||
|
"disable_correlation": false,
|
||
|
"timestamp": "1476273211",
|
||
|
"to_ids": true,
|
||
|
"type": "url",
|
||
|
"uuid": "57fe2421-9a8c-4b55-ab95-4229950d210f",
|
||
|
"value": "http://forum.personyze.com/uploads/monthly_04_2011/Royal%20Bank%20of%20Canada%20Access%20ClientSignin/XMPPHP/.svn/"
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
}
|