misp-circl-feed/feeds/circl/misp/5a3cbdf8-172c-4738-9b96-c31d950d210f.json

{"Event": {"info": "OSINT - Digmine Cryptocurrency Miner Spreading via Facebook Messenger", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"Digmine\""}, {"colour": "#a0a300", "exportable": true, "name": "dnc:malware-type=\"CoinMiner\""}, {"colour": "#ef0081", "exportable": true, "name": "workflow:state=\"complete\""}], "publish_timestamp": "1518771398", "timestamp": "1540909727", "Object": [{"comment": "", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "c9227520-0ad9-46ab-95c3-cbccbfca0d41", "sharing_group_id": "0", "timestamp": "1518184923", "description": "File object describing a file with meta-information", "template_version": "7", "ObjectReference": [{"comment": "", "object_uuid": "c9227520-0ad9-46ab-95c3-cbccbfca0d41", "uuid": "5a7da9dd-1ed0-4f12-9411-7f4202de0b81", "timestamp": "1518771398", "referenced_uuid": "84ba4228-3be2-4c13-875f-52799e79680f", "relationship_type": "analysed-with"}], "Attribute": [{"comment": "detected as TROJ_DIGMINEIN.A", "category": "Payload delivery", "uuid": "5a7da9d8-6310-4228-9366-7f4202de0b81", "timestamp": "1518184920", "to_ids": true, "value": "772e3fab70b1c8339064d2a8b75413819d9e4a5d", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "detected as TROJ_DIGMINEIN.A", "category": "Payload delivery", "uuid": "5a7da9d8-a880-418f-887d-7f4202de0b81", "timestamp": "1518184920", "to_ids": true, "value": "beb7274d78c63aa44515fe6bbfd324f49ec2cc0b8650aeb2d6c8ab61a0ae9f1d", "disable_correlation": false, "object_relation": "sha256", "type": "sha256"}, {"comment": "detected as TROJ_DIGMINEIN.A", "category": "Payload delivery", "uuid": "5a7da9d9-c964-46cd-860d-7f4202de0b81", "timestamp": "1518184921", "to_ids": true, "value": "d0857aba2c626d554c6982d2d2d4db8a", "disable_correlation": false, "object_relation": "md5", "type": "md5"}], "distribution": "5", "meta-category": "file", "name": "file"}, {"comment": "", "template_uuid": "d7dd0154-e04f-4c34-a2fb-79f3a3a52aa4", "uuid": "84ba4228-3be2-4c13-875f-52799e79680f", "sharing_group_id": "0", "timestamp": "1518184921", "description": "VirusTotal report", "template_version": "1", "Attribute": [{"comment": "detected as TROJ_DIGMINEIN.A", "category": "External analysis", "uuid": "5a7da9d9-1868-4623-acc4-7f4202de0b81", "timestamp": "1518184921", "to_ids": false, "value": "https://www.virustotal.com/file/beb7274d78c63aa44515fe6bbfd324f49ec2cc0b8650aeb2d6c8ab61a0ae9f1d/analysis/1515510769/", "disable_correlation": false, "object_relation": "permalink", "type": "link"}, {"comment": "detected as TROJ_DIGMINEIN.A", "category": "Other", "uuid": "5a7da9da-8140-46c2-be5b-7f4202de0b81", "timestamp": "1518184922", "to_ids": false, "value": "47/67", "disable_correlation": true, "object_relation": "detection-ratio", "type": "text"}, {"comment": "detected as TROJ_DIGMINEIN.A", "category": "Other", "uuid": "5a7da9da-16a0-438f-abe8-7f4202de0b81", "timestamp": "1518184922", "to_ids": false, "value": "2018-01-09 15:12:49", "disable_correlation": false, "object_relation": "last-submission", "type": "datetime"}], "distribution": "5", "meta-category": "misc", "name": "virustotal-report"}, {"comment": "", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "96f46bd7-e112-46d4-b676-1bbb1d0065a4", "sharing_group_id": "0", "timestamp": "1518184925", "description": "File object describing a file with meta-information", "template_version": "7", "ObjectReference": [{"comment": "", "object_uuid": "96f46bd7-e112-46d4-b676-1bbb1d0065a4", "uuid": "5a7da9dd-8358-4db4-bf83-7f4202de0b81", "timestamp": "1518771398", "referenced_uuid": "e48a8058-0d5c-45fe-b3a3-5b1a52e928e6", "relationship_type": "analysed-with"}], "Attribute": [{"comment": "detected as TROJ_DIGMINE.A", "category": "Payload delivery", "uuid": "5a7da9db-70b4-4670-8968-7f4202de0b81", "timestamp": "1518184923", "to_ids": true, "value": "c5db86423e0f50a46daea2f3025fad7d9b7b0d1c", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "dete