misp-circl-feed/feeds/circl/misp/5a26b911-af14-4c92-86a9-446c950d210f.json

{
  "Event": {
    "analysis": "1",
    "date": "2017-12-05",
    "extends_uuid": "",
    "info": "M2M - \"..doc\" 2017-12-05 : 'Message from \"G10PR0123456.MYCOMPANY.COM\"' - \"20171205123.zip\"",
    "publish_timestamp": "1512554482",
    "published": true,
    "threat_level_id": "3",
    "timestamp": "1512554476",
    "uuid": "5a26b911-af14-4c92-86a9-446c950d210f",
    "Orgc": {
      "name": "CIRCL",
      "uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
    },
    "Tag": [
      {
        "colour": "#ffffff",
        "local": false,
        "name": "tlp:white",
        "relationship_type": ""
      },
      {
        "colour": "#0088cc",
        "local": false,
        "name": "misp-galaxy:ransomware=\"Fake Globe Ransomware\"",
        "relationship_type": ""
      }
    ],
    "Attribute": [
      {
        "category": "Artifacts dropped",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554363",
        "to_ids": true,
        "type": "md5",
        "uuid": "5a26b912-ec3c-4497-a03d-4bfa950d210f",
        "value": "5da21af74810e3655bcbbe40660f21b8"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554363",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b913-90cc-4e93-b967-46b4950d210f",
        "value": "g10pr0123456.mycompany.com"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554363",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b913-96e4-4366-a195-4699950d210f",
        "value": "mycompany.com"
      },
      {
        "category": "Network activity",
        "comment": "MYCOMPANY.COM",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554363",
        "to_ids": false,
        "type": "ip-dst",
        "uuid": "5a26b913-3aec-4155-ae75-4cb6950d210f",
        "value": "52.5.196.34"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554363",
        "to_ids": true,
        "type": "url",
        "uuid": "5a26b914-d9a0-4056-bb9a-4d7c950d210f",
        "value": "http://hofgrund.de/hudgy356"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554363",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b915-b5a4-486b-99fa-49c6950d210f",
        "value": "hofgrund.de"
      },
      {
        "category": "Network activity",
        "comment": "hofgrund.de",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554363",
        "to_ids": false,
        "type": "ip-dst",
        "uuid": "5a26b915-9680-4889-9755-41a3950d210f",
        "value": "78.111.75.239"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": true,
        "type": "url",
        "uuid": "5a26b915-adb0-40c4-8a3f-4d90950d210f",
        "value": "http://horoskoperstellung.com/hudgy358"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b915-4f90-4288-997d-46a7950d210f",
        "value": "horoskoperstellung.com"
      },
      {
        "category": "Network activity",
        "comment": "horoskoperstellung.com",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": false,
        "type": "ip-dst",
        "uuid": "5a26b915-2bac-4d10-aa7c-4c05950d210f",
        "value": "213.203.202.31"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": true,
        "type": "url",
        "uuid": "5a26b916-5040-4ea8-8df8-4b09950d210f",
        "value": "http://hosting-jw.de/hudgy356"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b916-d638-4d8b-9c2e-c53a950d210f",
        "value": "hosting-jw.de"
      },
      {
        "category": "Network activity",
        "comment": "hosting-jw.de",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": false,
        "type": "ip-dst",
        "uuid": "5a26b916-c440-458b-b20a-4594950d210f",
        "value": "85.214.130.145"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": true,
        "type": "url",
        "uuid": "5a26b916-a12c-4778-8f24-4368950d210f",
        "value": "http://primeassociatesinc.com/hudgy356"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b917-2868-4050-9e9a-4969950d210f",
        "value": "primeassociatesinc.com"
      },
      {
        "category": "Network activity",
        "comment": "primeassociatesinc.com",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": false,
        "type": "ip-dst",
        "uuid": "5a26b917-fe94-4156-8ec9-4984950d210f",
        "value": "209.54.51.32"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554364",
        "to_ids": true,
        "type": "url",
        "uuid": "5a26b918-9010-44f5-95b5-4320950d210f",
        "value": "http://rorymartin8.info/hudgy356"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b918-93c0-48c3-a334-49db950d210f",
        "value": "rorymartin8.info"
      },
      {
        "category": "Network activity",
        "comment": "rorymartin8.info",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": false,
        "type": "ip-dst",
        "uuid": "5a26b918-4224-4a53-aba2-45c8950d210f",
        "value": "192.185.193.214"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": true,
        "type": "url",
        "uuid": "5a26b918-79bc-414c-9849-4be4950d210f",
        "value": "https://ugf57wl6uexcj7fu.onion.link/shfgealjh.php"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b918-6394-4304-97b1-41fe950d210f",
        "value": "ugf57wl6uexcj7fu.onion.link"
      },
      {
        "category": "Network activity",
        "comment": "ugf57wl6uexcj7fu.onion.link",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": false,
        "type": "ip-dst",
        "uuid": "5a26b919-e41c-4571-8a6f-4d26950d210f",
        "value": "103.198.0.2"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": true,
        "type": "url",
        "uuid": "5a26b919-bf74-40e1-93a9-4a4b950d210f",
        "value": "http://summi.space/count.php?nu=105&fb=110"
      },
      {
        "category": "Network activity",
        "comment": "",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": true,
        "type": "hostname",
        "uuid": "5a26b919-5e30-4dba-b258-4bf6950d210f",
        "value": "summi.space"
      },
      {
        "category": "Network activity",
        "comment": "summi.space",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": false,
        "type": "ip-dst",
        "uuid": "5a26b919-5870-49ba-b32b-44d0950d210f",
        "value": "198.23.241.227"
      },
      {
        "category": "Artifacts dropped",
        "comment": "- Xchecked via VT: 5da21af74810e3655bcbbe40660f21b8",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": true,
        "type": "sha256",
        "uuid": "5a27bf7d-f440-42a7-bad7-553702de0b81",
        "value": "c0ce6c2f03e3174d347eb2136a230883a725fcd5179221f61435ea709a2ba81f"
      },
      {
        "category": "Artifacts dropped",
        "comment": "- Xchecked via VT: 5da21af74810e3655bcbbe40660f21b8",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": true,
        "type": "sha1",
        "uuid": "5a27bf7d-bdfc-400d-a524-553702de0b81",
        "value": "60d60dff0d3af3b564e43bc87ef5a63ff6146da7"
      },
      {
        "category": "External analysis",
        "comment": "- Xchecked via VT: 5da21af74810e3655bcbbe40660f21b8",
        "deleted": false,
        "disable_correlation": false,
        "timestamp": "1512554365",
        "to_ids": false,
        "type": "link",
        "uuid": "5a27bf7d-6474-47d7-84b8-553702de0b81",
        "value": "https://www.virustotal.com/file/c0ce6c2f03e3174d347eb2136a230883a725fcd5179221f61435ea709a2ba81f/analysis/1512549209/"
      }
    ]
  }
}
chg: [feed] added 2023-04-21 13:25:09 +00:00			`{`
chg: [gen] updated 2023-12-14 14:30:15 +00:00			`"Event": {`
			`"analysis": "1",`
			`"date": "2017-12-05",`
			`"extends_uuid": "",`
			`"info": "M2M - \"..doc\" 2017-12-05 : 'Message from \"G10PR0123456.MYCOMPANY.COM\"' - \"20171205123.zip\"",`
			`"publish_timestamp": "1512554482",`
			`"published": true,`
			`"threat_level_id": "3",`
			`"timestamp": "1512554476",`
			`"uuid": "5a26b911-af14-4c92-86a9-446c950d210f",`
			`"Orgc": {`
			`"name": "CIRCL",`
			`"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"`
			`},`
			`"Tag": [`
			`{`
			`"colour": "#ffffff",`
chg: [feed] updated 2024-04-05 12:15:17 +00:00			`"local": false,`
chg: [gen] updated 2023-12-14 14:30:15 +00:00			`"name": "tlp:white",`
			`"relationship_type": ""`
			`},`
			`{`
			`"colour": "#0088cc",`
chg: [feed] updated 2024-04-05 12:15:17 +00:00			`"local": false,`
chg: [gen] updated 2023-12-14 14:30:15 +00:00			`"name": "misp-galaxy:ransomware=\"Fake Globe Ransomware\"",`
			`"relationship_type": ""`
			`}`
			`],`
			`"Attribute": [`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554363",`
			`"to_ids": true,`
			`"type": "md5",`
			`"uuid": "5a26b912-ec3c-4497-a03d-4bfa950d210f",`
			`"value": "5da21af74810e3655bcbbe40660f21b8"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554363",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b913-90cc-4e93-b967-46b4950d210f",`
			`"value": "g10pr0123456.mycompany.com"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554363",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b913-96e4-4366-a195-4699950d210f",`
			`"value": "mycompany.com"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "MYCOMPANY.COM",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554363",`
			`"to_ids": false,`
			`"type": "ip-dst",`
			`"uuid": "5a26b913-3aec-4155-ae75-4cb6950d210f",`
			`"value": "52.5.196.34"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554363",`
			`"to_ids": true,`
			`"type": "url",`
			`"uuid": "5a26b914-d9a0-4056-bb9a-4d7c950d210f",`
			`"value": "http://hofgrund.de/hudgy356"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554363",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b915-b5a4-486b-99fa-49c6950d210f",`
			`"value": "hofgrund.de"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "hofgrund.de",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554363",`
			`"to_ids": false,`
			`"type": "ip-dst",`
			`"uuid": "5a26b915-9680-4889-9755-41a3950d210f",`
			`"value": "78.111.75.239"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": true,`
			`"type": "url",`
			`"uuid": "5a26b915-adb0-40c4-8a3f-4d90950d210f",`
			`"value": "http://horoskoperstellung.com/hudgy358"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b915-4f90-4288-997d-46a7950d210f",`
			`"value": "horoskoperstellung.com"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "horoskoperstellung.com",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": false,`
			`"type": "ip-dst",`
			`"uuid": "5a26b915-2bac-4d10-aa7c-4c05950d210f",`
			`"value": "213.203.202.31"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": true,`
			`"type": "url",`
			`"uuid": "5a26b916-5040-4ea8-8df8-4b09950d210f",`
			`"value": "http://hosting-jw.de/hudgy356"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b916-d638-4d8b-9c2e-c53a950d210f",`
			`"value": "hosting-jw.de"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "hosting-jw.de",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": false,`
			`"type": "ip-dst",`
			`"uuid": "5a26b916-c440-458b-b20a-4594950d210f",`
			`"value": "85.214.130.145"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": true,`
			`"type": "url",`
			`"uuid": "5a26b916-a12c-4778-8f24-4368950d210f",`
			`"value": "http://primeassociatesinc.com/hudgy356"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b917-2868-4050-9e9a-4969950d210f",`
			`"value": "primeassociatesinc.com"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "primeassociatesinc.com",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": false,`
			`"type": "ip-dst",`
			`"uuid": "5a26b917-fe94-4156-8ec9-4984950d210f",`
			`"value": "209.54.51.32"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554364",`
			`"to_ids": true,`
			`"type": "url",`
			`"uuid": "5a26b918-9010-44f5-95b5-4320950d210f",`
			`"value": "http://rorymartin8.info/hudgy356"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b918-93c0-48c3-a334-49db950d210f",`
			`"value": "rorymartin8.info"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "rorymartin8.info",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": false,`
			`"type": "ip-dst",`
			`"uuid": "5a26b918-4224-4a53-aba2-45c8950d210f",`
			`"value": "192.185.193.214"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": true,`
			`"type": "url",`
			`"uuid": "5a26b918-79bc-414c-9849-4be4950d210f",`
			`"value": "https://ugf57wl6uexcj7fu.onion.link/shfgealjh.php"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b918-6394-4304-97b1-41fe950d210f",`
			`"value": "ugf57wl6uexcj7fu.onion.link"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "ugf57wl6uexcj7fu.onion.link",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": false,`
			`"type": "ip-dst",`
			`"uuid": "5a26b919-e41c-4571-8a6f-4d26950d210f",`
			`"value": "103.198.0.2"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": true,`
			`"type": "url",`
			`"uuid": "5a26b919-bf74-40e1-93a9-4a4b950d210f",`
			`"value": "http://summi.space/count.php?nu=105&fb=110"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": true,`
			`"type": "hostname",`
			`"uuid": "5a26b919-5e30-4dba-b258-4bf6950d210f",`
			`"value": "summi.space"`
			`},`
			`{`
			`"category": "Network activity",`
			`"comment": "summi.space",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": false,`
			`"type": "ip-dst",`
			`"uuid": "5a26b919-5870-49ba-b32b-44d0950d210f",`
			`"value": "198.23.241.227"`
			`},`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "- Xchecked via VT: 5da21af74810e3655bcbbe40660f21b8",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": true,`
			`"type": "sha256",`
			`"uuid": "5a27bf7d-f440-42a7-bad7-553702de0b81",`
			`"value": "c0ce6c2f03e3174d347eb2136a230883a725fcd5179221f61435ea709a2ba81f"`
			`},`
			`{`
			`"category": "Artifacts dropped",`
			`"comment": "- Xchecked via VT: 5da21af74810e3655bcbbe40660f21b8",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": true,`
			`"type": "sha1",`
			`"uuid": "5a27bf7d-bdfc-400d-a524-553702de0b81",`
			`"value": "60d60dff0d3af3b564e43bc87ef5a63ff6146da7"`
			`},`
			`{`
			`"category": "External analysis",`
			`"comment": "- Xchecked via VT: 5da21af74810e3655bcbbe40660f21b8",`
			`"deleted": false,`
			`"disable_correlation": false,`
			`"timestamp": "1512554365",`
			`"to_ids": false,`
			`"type": "link",`
			`"uuid": "5a27bf7d-6474-47d7-84b8-553702de0b81",`
			`"value": "https://www.virustotal.com/file/c0ce6c2f03e3174d347eb2136a230883a725fcd5179221f61435ea709a2ba81f/analysis/1512549209/"`
			`}`
chg: [feed] added 2023-04-21 13:25:09 +00:00			`]`
chg: [gen] updated 2023-12-14 14:30:15 +00:00			`}`
chg: [feed] added 2023-04-21 13:25:09 +00:00			`}`