misp-circl-feed/feeds/circl/misp/5a044fae-c0b0-45d4-8f7e-75a9950d210f.json

556 lines
17 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "1",
"date": "2017-11-09",
"extends_uuid": "",
"info": "M2M - Locky Affid=3, \".asasin\" 2017-11-01 : \"Emailing: AZ123 - 01.11.2017\" - \"AZ123 - 01.11.2017.doc\"",
"publish_timestamp": "1510260967",
"published": true,
"threat_level_id": "3",
"timestamp": "1510259437",
"uuid": "5a044fae-c0b0-45d4-8f7e-75a9950d210f",
"Orgc": {
"name": "CIRCL",
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
},
"Tag": [
{
"colour": "#ffffff",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "tlp:white",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#006c6c",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "ecsirt:malicious-code=\"ransomware\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
},
{
"colour": "#0088cc",
2023-05-19 09:05:37 +00:00
"local": "0",
"name": "misp-galaxy:ransomware=\"Locky\"",
"relationship_type": ""
2023-04-21 13:25:09 +00:00
}
],
"Attribute": [
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259431",
"to_ids": true,
"type": "md5",
"uuid": "5a044faf-1740-49d9-81ba-cdab950d210f",
"value": "9280a952e5ff85d8f67bf71f590d00ac"
},
{
"category": "Artifacts dropped",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259431",
"to_ids": true,
"type": "md5",
"uuid": "5a044faf-54f4-4491-b99f-4123950d210f",
"value": "081940b655e22f06ba067fd09467b215"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259431",
"to_ids": true,
"type": "url",
"uuid": "5a044fb0-a288-45d1-9725-991b950d210f",
"value": "http://apply.pam-innovation.com/djhvg3674f343"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259431",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb0-a498-4bd8-ab13-425d950d210f",
"value": "apply.pam-innovation.com"
},
{
"category": "Network activity",
"comment": "apply.pam-innovation.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259431",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb0-6290-4e2b-bc0a-cdab950d210f",
"value": "202.129.207.71"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb1-d70c-44bb-9573-4169950d210f",
"value": "http://ist-profy.ru/djhvg3674f343"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb1-09f4-4c61-a3a5-4d5e950d210f",
"value": "ist-profy.ru"
},
{
"category": "Network activity",
"comment": "ist-profy.ru",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb1-ee0c-4fb5-a145-42e7950d210f",
"value": "90.156.144.159"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb1-2d68-4677-ac89-cda3950d210f",
"value": "http://localesynavesalquiler.com/djhvg3674f343"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb1-4278-4910-a2ee-cd7d950d210f",
"value": "localesynavesalquiler.com"
},
{
"category": "Network activity",
"comment": "localesynavesalquiler.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb2-8a28-4317-8b1e-cd35950d210f",
"value": "91.142.213.150"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb2-9178-468b-a6f4-717b950d210f",
"value": "http://lopezfranco.com/djhvg3674f343"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb2-6970-4667-be0d-4a7f950d210f",
"value": "lopezfranco.com"
},
{
"category": "Network activity",
"comment": "lopezfranco.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb3-ec34-4aee-a8cc-4a40950d210f",
"value": "89.140.72.153"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb3-c344-4a32-aff8-cd7d950d210f",
"value": "http://spooner-motorsport.com/djhvg3674f343"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb3-5620-4538-9949-cdab950d210f",
"value": "spooner-motorsport.com"
},
{
"category": "Network activity",
"comment": "spooner-motorsport.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb3-11f0-49a0-a962-4886950d210f",
"value": "77.72.150.42"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb3-4aac-4822-bfe8-49a1950d210f",
"value": "http://zahntechnik-imlau.de/djhvg3674f343"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb4-924c-4f29-93e8-991b950d210f",
"value": "zahntechnik-imlau.de"
},
{
"category": "Network activity",
"comment": "zahntechnik-imlau.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb4-3848-41bf-96bd-474a950d210f",
"value": "185.138.24.185"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb4-9cf8-4fdd-8f52-cd7d950d210f",
"value": "http://dvprojekt.hr/Omnnd64335"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb4-34a0-41e8-af8b-43c0950d210f",
"value": "dvprojekt.hr"
},
{
"category": "Network activity",
"comment": "dvprojekt.hr",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb5-9eb0-4dcb-b43b-4214950d210f",
"value": "213.202.100.90"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb5-fd40-4d1c-8fd5-991b950d210f",
"value": "http://fuettern24.de/Omnnd64335"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb5-9624-413b-a55f-41ad950d210f",
"value": "fuettern24.de"
},
{
"category": "Network activity",
"comment": "fuettern24.de",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb5-442c-4309-8df0-cdb1950d210f",
"value": "176.28.9.111"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb5-80fc-4cd0-acfc-43f5950d210f",
"value": "http://pciholog.ru/Omnnd64335"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb6-de14-4a74-9cf2-4f68950d210f",
"value": "pciholog.ru"
},
{
"category": "Network activity",
"comment": "pciholog.ru",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb6-6590-4067-98e9-4ddc950d210f",
"value": "89.253.235.118"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb6-66cc-4a89-91a8-cda3950d210f",
"value": "http://3overpar.com/Omnnd64335"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb6-a04c-46df-a166-4317950d210f",
"value": "3overpar.com"
},
{
"category": "Network activity",
"comment": "3overpar.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb7-64e4-4314-acfc-4ef0950d210f",
"value": "98.124.251.167"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb7-d03c-44af-a1b3-4316950d210f",
"value": "http://first-paris-properties.com/Omnnd64335"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb7-6770-46e6-9bcb-4b36950d210f",
"value": "first-paris-properties.com"
},
{
"category": "Network activity",
"comment": "first-paris-properties.com",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb7-2d3c-446d-b59a-cda3950d210f",
"value": "151.80.157.121"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb7-090c-4132-a448-cd7d950d210f",
"value": "http://mercurysound.es/Omnnd64335"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb8-e9d8-4d64-87a0-cdab950d210f",
"value": "mercurysound.es"
},
{
"category": "Network activity",
"comment": "mercurysound.es",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "ip-dst",
"uuid": "5a044fb8-ab5c-4761-956c-75a9950d210f",
"value": "149.62.173.10"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fb8-21b4-4f97-9b23-cc6f950d210f",
"value": "http://heckhegrijus.net/"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "hostname",
"uuid": "5a044fb8-1790-4307-81a4-4e67950d210f",
"value": "heckhegrijus.net"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "url",
"uuid": "5a044fd7-53f0-4220-b8fe-cdb4950d210f",
"value": "http://kvonline"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 081940b655e22f06ba067fd09467b215",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "sha256",
"uuid": "5a04bae8-5cd8-4824-810c-4ab102de0b81",
"value": "1b087b85b0f1c2b14dfa1b9c82004de598903a89a76af49ee4c4eed03bfefe24"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 081940b655e22f06ba067fd09467b215",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": true,
"type": "sha1",
"uuid": "5a04bae8-1fb0-4d87-a54a-4b0e02de0b81",
"value": "69df47a405d55b935cc0d53ccd54c0a8f9067f36"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: 081940b655e22f06ba067fd09467b215",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259432",
"to_ids": false,
"type": "link",
"uuid": "5a04bae8-a9f8-4bc1-88b2-409d02de0b81",
"value": "https://www.virustotal.com/file/1b087b85b0f1c2b14dfa1b9c82004de598903a89a76af49ee4c4eed03bfefe24/analysis/1509675596/"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 9280a952e5ff85d8f67bf71f590d00ac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259433",
"to_ids": true,
"type": "sha256",
"uuid": "5a04bae9-e030-4c7e-a163-447602de0b81",
"value": "411510e651f5a3b8687d8e20b492d187f37032d57e3480c9a9a15104516de2a1"
},
{
"category": "Artifacts dropped",
"comment": "- Xchecked via VT: 9280a952e5ff85d8f67bf71f590d00ac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259433",
"to_ids": true,
"type": "sha1",
"uuid": "5a04bae9-48e8-4cb5-8358-4b6902de0b81",
"value": "b9b508e6defc4f25d48b75d076311e15b81cb8b4"
},
{
"category": "External analysis",
"comment": "- Xchecked via VT: 9280a952e5ff85d8f67bf71f590d00ac",
"deleted": false,
"disable_correlation": false,
"timestamp": "1510259433",
"to_ids": false,
"type": "link",
"uuid": "5a04bae9-e8c4-4e3e-b4ee-48c602de0b81",
"value": "https://www.virustotal.com/file/411510e651f5a3b8687d8e20b492d187f37032d57e3480c9a9a15104516de2a1/analysis/1510167318/"
}
]
}
}