misp-circl-feed/feeds/circl/misp/5a3c2fcd-8328-42bb-a95e-4f4402de0b81.json

1 line
55 KiB
JSON
Raw Normal View History

2023-12-14 14:30:15 +00:00
{"Event": {"info": "OSINT - Sednit update: How Fancy Bear Spent the Year", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#e7007d", "exportable": true, "name": "workflow:state=\"incomplete\""}, {"colour": "#850048", "exportable": true, "name": "workflow:todo=\"create-missing-misp-galaxy-cluster-values\""}, {"colour": "#7a0042", "exportable": true, "name": "workflow:todo=\"create-missing-misp-galaxy-cluster\""}, {"colour": "#12e000", "exportable": true, "name": "misp-galaxy:threat-actor=\"Sofacy\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:exploit-kit=\"Sednit EK\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"GAMEFISH\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-malware=\"JHUHUGIT\""}, {"colour": "#0c9900", "exportable": true, "name": "misp-galaxy:tool=\"X-Tunnel\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-malware=\"XTunnel\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-malware=\"ADVSTORESHELL\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"EVILTOSS\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-malware=\"USBStealer\""}, {"colour": "#0c9800", "exportable": true, "name": "misp-galaxy:tool=\"X-Agent\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-malware=\"XAgentOSX\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-malware=\"CHOPSTICK\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:exploit-kit=\"DealersChoice\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:mitre-malware=\"Downdelph\""}], "publish_timestamp": "0", "timestamp": "1513948645", "Object": [{"comment": "Win32/Sednit.AX", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5a3cd5b6-9568-4342-b2ab-4c62950d210f", "sharing_group_id": "0", "timestamp": "1513936310", "description": "File object describing a file with meta-information", "template_version": "8", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a3cd5b6-2850-435f-bd0d-4c62950d210f", "timestamp": "1513936310", "to_ids": true, "value": "Bulletin.doc", "disable_correlation": false, "object_relation": "filename", "type": "filename"}, {"comment": "", "category": "Payload delivery", "uuid": "5a3cd5b6-78a8-4e47-8333-4c62950d210f", "timestamp": "1513936310", "to_ids": true, "value": "68064fc152e23d56e541714af52651cb4ba81aaf", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "", "category": "Other", "uuid": "5a3cd5b6-23d8-43ba-8518-4c62950d210f", "timestamp": "1513936310", "to_ids": false, "value": "Malicious", "disable_correlation": true, "object_relation": "state", "type": "text"}], "distribution": "5", "meta-category": "file", "name": "file"}, {"comment": "Win32/Exploit.CVE-2016-4117.A", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5a3cd604-e11c-4de5-bbbf-c170950d210f", "sharing_group_id": "0", "timestamp": "1513936388", "description": "File object describing a file with meta-information", "template_version": "8", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a3cd604-748c-4fc0-88bf-c170950d210f", "timestamp": "1513936388", "to_ids": true, "value": "f3805382ae2e23ff1147301d131a06e00e4ff75f", "disable_correlation": false, "object_relation": "sha1", "type": "sha1"}, {"comment": "", "category": "Other", "uuid": "5a3cd604-6668-4469-a1c0-c170950d210f", "timestamp": "1513936388", "to_ids": false, "value": "Malicious", "disable_correlation": true, "object_relation": "state", "type": "text"}], "distribution": "5", "meta-category": "file", "name": "file"}, {"comment": "Win32/Exploit.Agent.NUB", "template_uuid": "688c46fb-5edb-40a3-8273-1af7923e2215", "uuid": "5a3cd693-fd9c-4fcf-b69a-439c950d210f", "sharing_group_id": "0", "timestamp": "1513936531", "description": "File object describing a file with meta-information", "template_version": "8", "Attribute": [{"comment": "", "category": "Payload