misp-circl-feed/feeds/circl/misp/59ef2c5a-eed8-4b10-88c4-4685950d210f.json

1 line
20 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{"Event": {"info": "M2M - Locky Affid=3/Trickbot \"mac1\" 2017-10-24 : \"Your\n Invoice 12345\" - \"Invoice_file_654321.doc\"", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"Trick Bot\""}, {"colour": "#006c6c", "exportable": true, "name": "ecsirt:malicious-code=\"ransomware\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:ransomware=\"Locky\""}], "publish_timestamp": "0", "timestamp": "1508919845", "analysis": "1", "Attribute": [{"comment": "", "category": "Artifacts dropped", "uuid": "59ef2c5b-d440-4c0a-b109-4f35950d210f", "timestamp": "1508919837", "to_ids": true, "value": "eae849f6510db451f4fbdb780b5d49aa", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "", "category": "Artifacts dropped", "uuid": "59ef2c5b-0078-4c5a-baae-460d950d210f", "timestamp": "1508919837", "to_ids": true, "value": "7bbc46655683df7a0e842c0adff987a3", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "", "category": "Artifacts dropped", "uuid": "59ef2c5b-24a8-4b42-84ac-44c2950d210f", "timestamp": "1508919837", "to_ids": true, "value": "5f38c8bd1a58a755108d27a7fdf034b1", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "", "category": "Network activity", "uuid": "59ef2c5b-8144-4e6b-9164-d493950d210f", "timestamp": "1508919837", "to_ids": true, "value": "http://transmercasa.com/JHGGsdsw6", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "59ef2c5c-a548-4673-a210-4efa950d210f", "timestamp": "1508919837", "to_ids": true, "value": "transmercasa.com", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "transmercasa.com", "category": "Network activity", "uuid": "59ef2c5c-3fb0-46a9-9b7d-48a6950d210f", "timestamp": "1508919837", "to_ids": false, "value": "75.98.175.70", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "59ef2c5c-d1d8-47bc-88d2-9959950d210f", "timestamp": "1508919837", "to_ids": true, "value": "http://upgrademypc.ie/JHGGsdsw6", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "59ef2c5c-e9e0-467f-b60f-4848950d210f", "timestamp": "1508919837", "to_ids": true, "value": "upgrademypc.ie", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "upgrademypc.ie", "category": "Network activity", "uuid": "59ef2c5d-eff8-4fbb-a5f1-4016950d210f", "timestamp": "1508919837", "to_ids": false, "value": "78.153.200.123", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "59ef2c5d-8098-488a-a937-4706950d210f", "timestamp": "1508919837", "to_ids": true, "value": "http://urcho.com/JHGGsdsw6", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "59ef2c5d-b6d8-4209-b44f-9959950d210f", "timestamp": "1508919837", "to_ids": true, "value": "urcho.com", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "urcho.com", "category": "Network activity", "uuid": "59ef2c5d-42b4-468c-94d7-4a1c950d210f", "timestamp": "1508919837", "to_ids": false, "value": "87.106.69.81", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "59ef2c5e-848c-49e1-8659-4c33950d210f", "timestamp": "1508919837", "to_ids": true, "value": "http://tatianadecastelbajac.fr/kjhgFG", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "59ef2c5e-6694-457f-be1b-436f950d210f", "timestamp": "1508919837", "to_ids": true, "value": "tatianadecastelbajac.fr", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "tatianadecaste