misp-circl-feed/feeds/circl/misp/5a044ec0-f460-4e39-921e-cda3950d210f.json

{"Event": {"info": "M2M -  Locky Affid=3, \".asasin\"/Trickbot \"mac1\" 2017-11-01 : \"Invoice\" - \"12345_Invoice.doc\"", "Tag": [{"colour": "#ffffff", "exportable": true, "name": "tlp:white"}, {"colour": "#006c6c", "exportable": true, "name": "ecsirt:malicious-code=\"ransomware\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:ransomware=\"Locky\""}, {"colour": "#0088cc", "exportable": true, "name": "misp-galaxy:tool=\"Trick Bot\""}], "publish_timestamp": "1510257959", "timestamp": "1510257997", "analysis": "1", "Attribute": [{"comment": "", "category": "Artifacts dropped", "uuid": "5a044ec2-4aac-4839-ac9f-717b950d210f", "timestamp": "1510257957", "to_ids": true, "value": "1949e616ddb130c27c0e65ddb170d5a9", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "", "category": "Artifacts dropped", "uuid": "5a044ec2-1edc-48ad-bf31-cd35950d210f", "timestamp": "1510257957", "to_ids": true, "value": "4cd6a1c9aaf6ef7445900d94a978dfcb", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "", "category": "Artifacts dropped", "uuid": "5a044ec2-921c-4007-9857-4ab6950d210f", "timestamp": "1510257957", "to_ids": true, "value": "5525cc2e9b021a6c5cda63a7c3a3e9c9", "disable_correlation": false, "object_relation": null, "type": "md5"}, {"comment": "", "category": "Network activity", "uuid": "5a044ec2-a6ac-48db-9608-cdb4950d210f", "timestamp": "1510257957", "to_ids": true, "value": "http://cirad.or.id/mnfTRw3", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5a044ec3-d960-48d0-a2b8-429f950d210f", "timestamp": "1510257957", "to_ids": true, "value": "cirad.or.id", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "cirad.or.id", "category": "Network activity", "uuid": "5a044ec4-f87c-4b99-b7a5-cc6f950d210f", "timestamp": "1510257957", "to_ids": false, "value": "202.145.0.45", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "5a044ec4-ffe4-4b1a-8101-cdab950d210f", "timestamp": "1510257957", "to_ids": true, "value": "http://heart-sp.com/mnfTRw3", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5a044ec4-9820-4356-ad87-4661950d210f", "timestamp": "1510257957", "to_ids": true, "value": "heart-sp.com", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "heart-sp.com", "category": "Network activity", "uuid": "5a044ec6-37f0-4d22-8c85-4c47950d210f", "timestamp": "1510257957", "to_ids": false, "value": "111.68.20.150", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "5a044ec6-353c-4c68-a3b2-49bc950d210f", "timestamp": "1510257957", "to_ids": true, "value": "http://hilaryandsavio.com/mnfTRw3", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5a044ec6-ab84-4b85-b123-717b950d210f", "timestamp": "1510257957", "to_ids": true, "value": "hilaryandsavio.com", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "hilaryandsavio.com", "category": "Network activity", "uuid": "5a044ec7-19ac-4bec-b7ed-4e9f950d210f", "timestamp": "1510257957", "to_ids": false, "value": "72.249.127.194", "disable_correlation": false, "object_relation": null, "type": "ip-dst"}, {"comment": "", "category": "Network activity", "uuid": "5a044ec7-6948-4904-bb94-75a9950d210f", "timestamp": "1510257958", "to_ids": true, "value": "http://internet-webshops.de/mnfTRw3", "disable_correlation": false, "object_relation": null, "type": "url"}, {"comment": "", "category": "Network activity", "uuid": "5a044ec7-adb4-4bfe-99ef-4ce6950d210f", "timestamp": "1510257958", "to_ids": true, "value": "internet-webshops.de", "disable_correlation": false, "object_relation": null, "type": "hostname"}, {"comment": "internet-websho