misp-circl-feed/feeds/circl/misp/5a2804a1-9eb4-4d70-82f4-4032950d210f.json

1 line
20 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{"Event": {"info": "OSINT - Champing at the Cyberbit: Ethiopian Dissidents Targeted with New Commercial Spyware", "Tag": [{"colour": "#00223b", "exportable": true, "name": "osint:source-type=\"blog-post\""}], "publish_timestamp": "0", "timestamp": "1512578550", "Object": [{"comment": "Phishing sent to Jawar Mohammed (Executive Director of the Oromia Media Network)", "template_uuid": "a0c666e0-fc65-4be8-b48f-3423d788b552", "uuid": "5a281339-37b0-4576-98d7-4262950d210f", "sharing_group_id": "0", "timestamp": "1512575801", "description": "Email object describing an email with meta-information", "template_version": "7", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a281339-1d54-418e-98d0-4262950d210f", "timestamp": "1512575801", "to_ids": true, "value": "sbo.radio88@gmail.com", "disable_correlation": false, "object_relation": "from", "type": "email-src"}, {"comment": "", "category": "Payload delivery", "uuid": "5a281339-9de0-4039-b254-4262950d210f", "timestamp": "1512575801", "to_ids": false, "value": "Fw: Confidential video made public", "disable_correlation": false, "object_relation": "subject", "type": "email-subject"}, {"comment": "", "category": "Payload delivery", "uuid": "5a281339-86dc-4eff-8b53-4262950d210f", "timestamp": "1512575801", "to_ids": false, "value": "sbo radio", "disable_correlation": false, "object_relation": "from-display-name", "type": "email-src-display-name"}], "distribution": "5", "meta-category": "network", "name": "email"}, {"comment": "Phishing sent to Jawar Mohammed (Executive Director of the Oromia Media Network)", "template_uuid": "a0c666e0-fc65-4be8-b48f-3423d788b552", "uuid": "5a28139e-373c-4efa-b88b-4894950d210f", "sharing_group_id": "0", "timestamp": "1512575902", "description": "Email object describing an email with meta-information", "template_version": "7", "Attribute": [{"comment": "", "category": "Payload delivery", "uuid": "5a28139f-6868-47a2-b2e6-4990950d210f", "timestamp": "1512575903", "to_ids": true, "value": "sbo.radio88@gmail.com", "disable_correlation": false, "object_relation": "from", "type": "email-src"}, {"comment": "", "category": "Payload delivery", "uuid": "5a28139f-aa54-431d-87e0-4e1e950d210f", "timestamp": "1512575903", "to_ids": false, "value": "Video hints Eritrea and Ethiopia war is highly likely to continue", "disable_correlation": false, "object_relation": "subject", "type": "email-subject"}, {"comment": "", "category": "Payload delivery", "uuid": "5a28139f-c5d0-4f07-89db-462e950d210f", "timestamp": "1512575903", "to_ids": false, "value": "sbo radio", "disable_correlation": false, "object_relation": "from-display-name", "type": "email-src-display-name"}], "distribution": "5", "meta-category": "network", "name": "email"}, {"comment": "Real Flash Player update bundled with spyware", "template_uuid": "60efb77b-40b5-4c46-871b-ed1ed999fce5", "uuid": "5a28150d-ea50-4358-b92b-4570950d210f", "sharing_group_id": "0", "timestamp": "1512576320", "description": "url object describes an url along with its normalized field (like extracted using faup parsing library) and its metadata.", "template_version": "4", "ObjectReference": [{"comment": "Malicious URL in the content of the mail", "object_uuid": "5a28150d-ea50-4358-b92b-4570950d210f", "uuid": "5a28153d-ae54-4d67-b3a2-ab72950d210f", "timestamp": "1512576317", "referenced_uuid": "5a281339-37b0-4576-98d7-4262950d210f", "relationship_type": "included-in"}], "Attribute": [{"comment": "", "category": "External analysis", "uuid": "5a28150e-7be4-4c7a-ac56-410a950d210f", "timestamp": "1512576270", "to_ids": true, "value": "http://getadobeplayer.com/flashplayer/download/index7371.html", "disable_correlation": false, "object_relation": "url", "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5a28150e-8370-4798-abf4-4fdc950d210f", "timestamp": "1512576270", "to_ids": true, "value": "getadobeplayer.com", "disable_correlation": false, "object_relation": "domain", "type": "domain"}, {"comment": "", "category": "Other", "uuid": "5a28150e-11f8-484c-a2e8-4f6f950d210f", "timestamp": "15125762