misp-circl-feed/feeds/circl/misp/557fddba-87c0-4ac1-a79a-a56f950d210b.json

458 lines
15 KiB
JSON
Raw Normal View History

2023-04-21 13:25:09 +00:00
{
"Event": {
"analysis": "2",
"date": "2015-06-15",
"extends_uuid": "",
"info": "OSINT Targeted Attacks against Tibetan and Hong Kong Groups Exploiting CVE-2014-4114 by Citizen Lab",
"publish_timestamp": "1456870655",
"published": true,
"threat_level_id": "2",
"timestamp": "1441971856",
"uuid": "557fddba-87c0-4ac1-a79a-a56f950d210b",
"Orgc": {
"name": "CthulhuSPRL.be",
"uuid": "55f6ea5f-fd34-43b8-ac1d-40cb950d210f"
},
"Tag": [
{
"colour": "#004646",
"name": "type:OSINT"
},
{
"colour": "#ffffff",
"name": "tlp:white"
}
],
"Attribute": [
{
"category": "External analysis",
"comment": "Original report",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443390",
"to_ids": false,
"type": "link",
"uuid": "557fddd3-8660-4fae-8afd-a54c950d210b",
"value": "https://citizenlab.org/2015/06/targeted-attacks-against-tibetan-and-hong-kong-groups-exploiting-cve-2014-4114/"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443239",
"to_ids": false,
"type": "vulnerability",
"uuid": "557fdde7-a1b4-4353-8c55-9a18950d210b",
"value": "CVE-2014-4114"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443289",
"to_ids": true,
"type": "email-src",
"uuid": "557fde19-2370-42ff-b177-a578950d210b",
"value": "tibet_net@yahoo.com.hk"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443350",
"to_ids": true,
"type": "md5",
"uuid": "557fde56-f758-440f-ba85-a557950d210b",
"value": "18bb1ce405e4abac4b0fc63054beac6c"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443350",
"to_ids": true,
"type": "md5",
"uuid": "557fde56-2028-4b0e-b56a-a557950d210b",
"value": "8a18a13910838d08e38db80a08e15bd5"
},
{
"category": "Payload delivery",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443350",
"to_ids": true,
"type": "md5",
"uuid": "557fde56-ee28-45c5-b529-a557950d210b",
"value": "2a544922d3ece4351c1af4ca63c24550"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443377",
"to_ids": false,
"type": "link",
"uuid": "557fde71-8300-4656-b6c1-a56f950d210b",
"value": "https://www.virustotal.com/en-gb/file/c895d68a40b9a61dce6758f537a08a289dd4a392202e2d4e7635efb063d58d16/analysis/"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443377",
"to_ids": false,
"type": "link",
"uuid": "557fde71-0ee8-4703-89eb-a56f950d210b",
"value": "https://www.virustotal.com/en-gb/file/45a4a937dd727dad29d46bceeb460bf24fd9f6df44f10692508fbd6ed2b7dfbd/analysis/"
},
{
"category": "External analysis",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443377",
"to_ids": false,
"type": "link",
"uuid": "557fde71-ef04-4184-8bac-a56f950d210b",
"value": "https://www.virustotal.com/en-gb/file/ab118ff89762b8bd32f8bcb754bec06004604380b20349255bc637a197fa5f2d/analysis/"
},
{
"category": "Network activity",
"comment": "",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443424",
"to_ids": true,
"type": "hostname",
"uuid": "557fdea0-24fc-4196-8d74-9a18950d210b",
"value": "free1999.jkub.com"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443544",
"to_ids": true,
"type": "hostname",
"uuid": "557fdf18-691c-46df-8ee6-a578950d210b",
"value": "eset-windows.findhere.org"
},
{
"category": "Payload delivery",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443544",
"to_ids": true,
"type": "md5",
"uuid": "557fdf18-a958-4c1c-a813-a578950d210b",
"value": "705147c509206151c22515ef568bac51"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443544",
"to_ids": true,
"type": "hostname",
"uuid": "557fdf18-8f2c-4fce-87f3-a578950d210b",
"value": "dnsupdate.dynamic-dns.net"
},
{
"category": "Network activity",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443544",
"to_ids": true,
"type": "hostname",
"uuid": "557fdf18-8dfc-4438-a5c7-a578950d210b",
"value": "good.wha.la"
},
{
"category": "Payload delivery",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443544",
"to_ids": true,
"type": "md5",
"uuid": "557fdf18-3280-4a48-94d3-a578950d210b",
"value": "d7832e76ee2c5c48ae428e57599b589e"
},
{
"category": "Payload delivery",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443793",
"to_ids": false,
"type": "filename",
"uuid": "557fe011-bc38-40b7-97e6-a557950d210b",
"value": "Challenge.pps"
},
{
"category": "Artifacts dropped",
"comment": "False Positive - F-Secure Antivirus executable",
"deleted": false,
"disable_correlation": false,
"timestamp": "1441971856",
"to_ids": false,
"type": "filename",
"uuid": "557fe012-b77c-4d62-8b0b-a557950d210b",
"value": "fsavstrt.exe"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443794",
"to_ids": true,
"type": "md5",
"uuid": "557fe012-ac0c-4808-89b7-a557950d210b",
"value": "9459478ab9a9b996de683789f77b185c"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443794",
"to_ids": true,
"type": "filename",
"uuid": "557fe012-3a7c-43b1-891d-a557950d210b",
"value": "FSMA32.dll"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443794",
"to_ids": true,
"type": "md5",
"uuid": "557fe012-83c8-45d9-98d0-a557950d210b",
"value": "8432c77b12343d59d991b0d0e0c12f7d"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443794",
"to_ids": true,
"type": "filename",
"uuid": "557fe012-3e5c-435e-843f-a557950d210b",
"value": "FSMA32.dllfox"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443794",
"to_ids": true,
"type": "md5",
"uuid": "557fe012-8ac8-4dd8-bd7a-a557950d210b",
"value": "db5a9c790e909629aaf7079b6996861f"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443794",
"to_ids": true,
"type": "filename",
"uuid": "557fe012-c6e4-462a-913f-a557950d210b",
"value": "putty.gif.exe"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443794",
"to_ids": true,
"type": "md5",
"uuid": "557fe012-5d90-484d-a016-a557950d210b",
"value": "a990071b60046863c98bcf462fede77a"
},
{
"category": "Payload delivery",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443795",
"to_ids": true,
"type": "filename",
"uuid": "557fe013-e694-4c28-b731-a557950d210b",
"value": "H.H."
},
{
"category": "Payload delivery",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443795",
"to_ids": true,
"type": "filename",
"uuid": "557fe013-c4b4-4c17-bea2-a557950d210b",
"value": "LAMA.pps"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443795",
"to_ids": true,
"type": "filename",
"uuid": "557fe013-4b10-4e5c-bace-a557950d210b",
"value": "SX.exe"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443795",
"to_ids": true,
"type": "md5",
"uuid": "557fe013-3ed0-4a80-b8a2-a557950d210b",
"value": "5730866b34ef589bd398c9a9b6d7e307"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443795",
"to_ids": true,
"type": "filename",
"uuid": "557fe013-fd28-4c49-b39c-a557950d210b",
"value": "SXLOC.dll"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443795",
"to_ids": true,
"type": "md5",
"uuid": "557fe013-1d70-43aa-aab5-a557950d210b",
"value": "d839691657ca814be13d5c9c6511d6b2"
},
{
"category": "Payload delivery",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443795",
"to_ids": true,
"type": "filename",
"uuid": "557fe013-9898-4d44-ab23-a557950d210b",
"value": "SXLOC.zap"
},
{
"category": "Artifacts dropped",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443796",
"to_ids": true,
"type": "md5",
"uuid": "557fe014-4658-4ea7-af4d-a557950d210b",
"value": "03c900a1b115e759b32e4172dec52aa2"
},
{
"category": "Payload delivery",
"comment": "Imported via the freetext import.",
"deleted": false,
"disable_correlation": false,
"timestamp": "1434443796",
"to_ids": true,
"type": "filename",
"uuid": "557fe014-be88-4162-8de2-a557950d210b",
"value": "\u00e3\u20ac\u0152\u00e4\u00bd\u201d\u00e9\u00a0\u02dc\u00e4\u00b8\u00ad\u00e7\u2019\u00b0\u00e3\u20ac\u008d\u00e5\u00bc\u2022\u00e7\u2122\u00bc\u00e7\u02c6\u00ad\u00e8\u00ad\u00b0\u00e7\u0161\u201e\u00e8\u0192\u0152\u00e5\u00be\u0152.pps"
},
{
"category": "Artifacts dropped",
"comment": "Automatically added (via 9459478ab9a9b996de683789f77b185c)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455841049",
"to_ids": true,
"type": "sha1",
"uuid": "56c65f19-a4a8-4aba-97c5-5f51950d210f",
"value": "c6d8eabea5bac84b90851c1a6e17c0c30bcf5c27"
},
{
"category": "Artifacts dropped",
"comment": "Automatically added (via 8432c77b12343d59d991b0d0e0c12f7d)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455841051",
"to_ids": true,
"type": "sha1",
"uuid": "56c65f1b-65a4-469f-870a-4a61950d210f",
"value": "62dbbcd115497a7bbbd4d1351d50a328914a8b26"
},
{
"category": "Artifacts dropped",
"comment": "Automatically added (via d839691657ca814be13d5c9c6511d6b2)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455841054",
"to_ids": true,
"type": "sha1",
"uuid": "56c65f1e-461c-4530-864e-458f950d210f",
"value": "cd425ce7f3e4a823d9027780e1b439759c4dc665"
},
{
"category": "Artifacts dropped",
"comment": "Automatically added (via 9459478ab9a9b996de683789f77b185c)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455841050",
"to_ids": true,
"type": "sha256",
"uuid": "56c65f1a-dd00-494f-8ae5-c653950d210f",
"value": "583c8920445feaf0a963fbd3ad8ad24fd9143941e4046cf376cfe08cb9137613"
},
{
"category": "Artifacts dropped",
"comment": "Automatically added (via 8432c77b12343d59d991b0d0e0c12f7d)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455841052",
"to_ids": true,
"type": "sha256",
"uuid": "56c65f1c-0a5c-4bfa-8f6a-59a1950d210f",
"value": "cbb1d6b3c76c77ce1c3397cd607a7642fcb703201b82e07704e7074061d86ea3"
},
{
"category": "Artifacts dropped",
"comment": "Automatically added (via d839691657ca814be13d5c9c6511d6b2)",
"deleted": false,
"disable_correlation": false,
"timestamp": "1455841054",
"to_ids": true,
"type": "sha256",
"uuid": "56c65f1e-afc8-469a-82e6-599c950d210f",
"value": "5ff2bc7267759bde3c02e4c19b8c3144c43c4f7fc2c21f2d4f881ca0b821e00b"
}
]
}
}