1 line
10 KiB
JSON
1 line
10 KiB
JSON
|
{"Event": {"info": "OSINT - ATM Malware using CSCWCNG device handler", "Tag": [{"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:financial-fraud=\"ATM Black Box Attack\""}, {"colour": "#004646", "exportable": true, "name": "type:OSINT"}, {"colour": "#0071c3", "exportable": true, "name": "osint:lifetime=\"perpetual\""}, {"colour": "#0087e8", "exportable": true, "name": "osint:certainty=\"50\""}, {"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#3b0020", "exportable": true, "name": "workflow:todo=\"expansion\""}], "publish_timestamp": "0", "timestamp": "1558336246", "Object": [{"comment": "", "template_uuid": "8ec8c911-ddbe-4f5b-895b-fbff70c42a60", "uuid": "5ce24bd7-65d8-4ee8-a647-4a77950d210f", "sharing_group_id": "0", "timestamp": "1558334423", "description": "Microblog post like a Twitter tweet or a post on a Facebook wall.", "template_version": "5", "Attribute": [{"comment": "", "category": "Other", "uuid": "5ce24bd7-9f24-48d2-b699-4e4f950d210f", "timestamp": "1558334423", "to_ids": false, "value": "Another shitty #ATM #Malware using CSCWCNG device handler. Uploaded to VT yesterday from Mexico. 0 detected rate by AV vendors currently. (link: https://www.virustotal.com/gui/file/4a75be18a3fe0033a9ebdb8f4af81c94e03581d19b5b4373e74e41283fd2615f/summary) virustotal.com/gui/file/4a75b\u2026", "disable_correlation": false, "object_relation": "post", "type": "text"}, {"comment": "", "category": "Other", "uuid": "5ce24bd7-b958-42cc-98e8-4e90950d210f", "timestamp": "1558334423", "to_ids": false, "value": "Twitter", "disable_correlation": true, "object_relation": "type", "type": "text"}, {"comment": "", "category": "Network activity", "uuid": "5ce24bd7-f854-404d-8cbf-45b5950d210f", "timestamp": "1558334423", "to_ids": true, "value": "https://mobile.twitter.com/r3c0nst/status/1129641730813366274", "disable_correlation": false, "object_relation": "url", "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5ce24bd7-d450-4e07-86af-44d2950d210f", "timestamp": "1558334423", "to_ids": true, "value": "https://t.co/ZSAQ5vmLko?amp=1", "disable_correlation": false, "object_relation": "link", "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5ce24bd7-5f0c-4b9f-b88a-4be6950d210f", "timestamp": "1558334423", "to_ids": true, "value": "https://www.virustotal.com/gui/file/4a75be18a3fe0033a9ebdb8f4af81c94e03581d19b5b4373e74e41283fd2615f/summary", "disable_correlation": false, "object_relation": "link", "type": "url"}, {"comment": "", "category": "Other", "uuid": "5ce24bd7-768c-4257-9aac-4173950d210f", "timestamp": "1558334423", "to_ids": false, "value": "May 18, 2019 8:55 AM", "disable_correlation": false, "object_relation": "creation-date", "type": "datetime"}, {"comment": "", "category": "Other", "uuid": "5ce24bd7-c840-4e40-ae93-46d7950d210f", "timestamp": "1558334423", "to_ids": false, "value": "r3c0nst", "disable_correlation": false, "object_relation": "username", "type": "text"}], "distribution": "5", "meta-category": "misc", "name": "microblog"}, {"comment": "", "template_uuid": "8ec8c911-ddbe-4f5b-895b-fbff70c42a60", "uuid": "5ce24d6e-33cc-4003-a107-23aa950d210f", "sharing_group_id": "0", "timestamp": "1558334830", "description": "Microblog post like a Twitter tweet or a post on a Facebook wall.", "template_version": "5", "Attribute": [{"comment": "", "category": "Other", "uuid": "5ce24d6e-e85c-43bf-adbe-23aa950d210f", "timestamp": "1558334830", "to_ids": false, "value": "Another Sample, same origin -> (link: https://www.virustotal.com/gui/file/7dde7f6da73c44cb19cf12e5e9174c2b8b2635e380aff5b89a045204803488a6/summary) virustotal.com/gui/file/7dde7\u2026", "disable_correlation": false, "object_relation": "post", "type": "text"}, {"comment": "", "category": "Other", "uuid": "5ce24d6e-d528-408f-b777-23aa950d210f", "timestamp": "1558334830", "to_ids": false, "value": "Twitter", "disable_correlation": true, "object_relation": "type", "type": "text"}, {"comment": "", "category": "Network activity", "uuid": "5ce24d6e-3fb8-4347-8ef8-23aa950d210f", "timestamp": "15583
|