1 line
36 KiB
JSON
1 line
36 KiB
JSON
|
{"Event": {"info": "OSINT - Mitigating and eliminating info-stealing Qakbot and Emotet in corporate networks", "Tag": [{"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#00223b", "exportable": true, "name": "osint:source-type=\"blog-post\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"Emotet\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:banker=\"Qakbot\""}], "publish_timestamp": "0", "timestamp": "1511184352", "Object": [{"comment": "", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "uuid": "5a0acc3f-e330-4e19-b44c-4182950d210f", "sharing_group_id": "0", "timestamp": "1510657087", "description": "An IP address and a port seen as a tuple (or as a triple) in a specific time frame.", "template_version": "4", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "5a0acc3f-cc94-4758-b472-4f0d950d210f", "timestamp": "1510657087", "to_ids": false, "value": "995", "disable_correlation": false, "object_relation": "dst-port", "type": "port"}, {"comment": "", "category": "Network activity", "uuid": "5a0acc3f-9d2c-4cb7-86b7-4f26950d210f", "timestamp": "1510657087", "to_ids": true, "value": "64.183.173.170", "disable_correlation": false, "object_relation": "ip", "type": "ip-dst"}], "distribution": "5", "meta-category": "network", "name": "ip-port"}, {"comment": "", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "uuid": "5a0acc5a-879c-469b-b4d6-4e68950d210f", "sharing_group_id": "0", "timestamp": "1510657114", "description": "An IP address and a port seen as a tuple (or as a triple) in a specific time frame.", "template_version": "4", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "5a0acc5a-d424-4572-965f-4399950d210f", "timestamp": "1510657114", "to_ids": false, "value": "993", "disable_correlation": false, "object_relation": "dst-port", "type": "port"}, {"comment": "", "category": "Network activity", "uuid": "5a0acc5a-b168-42f0-b18f-4d2f950d210f", "timestamp": "1510657114", "to_ids": true, "value": "67.213.243.228", "disable_correlation": false, "object_relation": "ip", "type": "ip-dst"}], "distribution": "5", "meta-category": "network", "name": "ip-port"}, {"comment": "", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "uuid": "5a0accd4-f164-4638-8503-080d950d210f", "sharing_group_id": "0", "timestamp": "1510657236", "description": "An IP address and a port seen as a tuple (or as a triple) in a specific time frame.", "template_version": "4", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "5a0accd4-b2d0-4396-ad98-080d950d210f", "timestamp": "1510657236", "to_ids": false, "value": "443", "disable_correlation": false, "object_relation": "dst-port", "type": "port"}, {"comment": "", "category": "Network activity", "uuid": "5a0accd4-b2b8-48f3-830c-080d950d210f", "timestamp": "1510657236", "to_ids": true, "value": "96.67.244.225", "disable_correlation": false, "object_relation": "ip", "type": "ip-dst"}], "distribution": "5", "meta-category": "network", "name": "ip-port"}, {"comment": "", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "uuid": "5a0acced-4fe4-4b29-9407-4db2950d210f", "sharing_group_id": "0", "timestamp": "1510657261", "description": "An IP address and a port seen as a tuple (or as a triple) in a specific time frame.", "template_version": "4", "Attribute": [{"comment": "", "category": "Network activity", "uuid": "5a0acced-c8f8-43ff-b64d-4ac0950d210f", "timestamp": "1510657261", "to_ids": false, "value": "443", "disable_correlation": false, "object_relation": "dst-port", "type": "port"}, {"comment": "", "category": "Network activity", "uuid": "5a0acced-5fe4-4217-b75a-42d9950d210f", "timestamp": "1510657261", "to_ids": true, "value": "173.25.234.18", "disable_correlation": false, "object_relation": "ip", "type": "ip-dst"}], "distribution": "5", "meta-category": "network", "name": "ip-port"}, {"comment": "", "template_uuid": "9f8cea74-16fe-4968-a2b4-026676949ac6", "uuid": "5a0acd03-9880-4d9b
|