1 line
3.4 MiB
JSON
1 line
3.4 MiB
JSON
|
{"Event": {"info": "OSINT - SilverTerrier: The Rise of Nigerian Business Email Compromise", "Tag": [{"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:threat-actor=\"SilverTerrier\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:android=\"LokiBot\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:banker=\"Atmos\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:banker=\"Zeus\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"Agent Tesla\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"HawkEye Keylogger\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"ISR Stealer\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"LokiBot\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"Pony\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"iSpy Keylogger\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:rat=\"Predator Pain\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"Agent Tesla\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"predatorpain\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"DarkComet\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"Imminent Monitor RAT\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"Nanocore RAT\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"NetWire RC\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:malpedia=\"Remcos\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-enterprise-attack-malware=\"NETWIRE - S0198\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-malware=\"NETWIRE - S0198\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:rat=\"DarkComet\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:rat=\"Imminent Monitor\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:rat=\"Luminosity Link\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:rat=\"NanoCore\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:rat=\"Netwire\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:rat=\"Remcos\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"LuminosityLink\""}, {"colour": "#054100", "exportable": true, "name": "misp-galaxy:tool=\"NanoCoreRAT\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"darkcomet\""}, {"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#0071c3", "exportable": true, "name": "osint:lifetime=\"perpetual\""}, {"colour": "#0087e8", "exportable": true, "name": "osint:certainty=\"50\""}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}], "publish_timestamp": "0", "timestamp": "1549291685", "analysis": "2", "Attribute": [{"comment": "", "category": "External analysis", "uuid": "5c581c31-7104-43eb-bb9e-414d950d210f", "timestamp": "1549278257", "to_ids": false, "value": "unit42-silverterrier-rise-of-nigerian-business-email-compromise.pdf", "data": "JVBERi0xLjQNJeLjz9MNCjM2NSAwIG9iag08PC9MaW5lYXJpemVkIDEvTCAxMzk2NjYyL08gMzY3L0UgMTYyMzc5L04gMTgvVCAxMzg5MjQ2L0ggWyA3Nzk2IDEwNTVdPj4NZW5kb2JqDSAgICAgICAgIA14cmVmDQozNjUgMzc1DQowMDAwMDAwMDE2IDAwMDAwIG4NCjAwMDAwMDkwMzMgMDAwMDAgbg0KMDAwMDAwOTE5NSAwMDAwMCBuDQowMDAwMDExMjk0IDAwMDAwIG4NCjAwMDAwMTE0MDggMDAwMDAgbg0KMDAwMDAxMTgzNCAwMDAwMCBuDQowMDAwMDEyMjY0IDAwMDAwIG4NCjAwMDAwMTI2MDkgMDAwMDAgbg0KMDAwMDAxMzAyNiAwMDAwMCBuDQowMDAwMDEzNDE1IDAwMDAwIG4NCjAwMDAwMTM4NzEgMDAwMDAgbg0KMDAwMDAxNDg1OSAwMDAwMCBuDQowMDAwMDE1OTk0IDAwMDAwIG4NCjAwMDAwMTcwMTcgMDAwMDAgbg0KMDAwMDAxODI4MSAwMDAwMCBuDQowMDAwMDE5NTM5IDAwMDAwIG4NCjAwMDAwMjA2MDAgMDAwMDAgbg0KMDAwMDAyMTIzMCAwMDAwMCBuDQowMDAwMDIyMzc2IDAwMDAwIG4NCjAwMDAwMjYzMDAgMDAwMDAgbg0KMDAwMDAyNjc3OSAwMDAwMCBuDQowMDAwMDI2ODkzIDAwMDAwIG4NCjAwMDAwMjkyMjMgMDAwMDAgbg0
|