{"Event":{"info":"OSINT - Silence group targeting Russian Banks via Malicious CHM","Tag":[{"colour":"#72003d","exportable":true,"name":"workflow:todo=\"add-missing-misp-galaxy-cluster-values\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Spearphishing Attachment - T1193\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Remote File Copy - T1105\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Commonly Used Port - T1043\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Mshta - T1170\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Masquerading - T1036\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Command-Line Interface - T1059\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"PowerShell - T1086\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Scripting - T1064\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Deobfuscate/Decode Files or Information - T1140\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"Registry Run Keys / Start Folder - T1060\""},{"colour":"#0088cc","exportable":true,"name":"misp-galaxy:mitre-enterprise-attack-attack-pattern=\"System Information Discovery - T1082\""},{"colour":"#e7007d","exportable":true,"name":"workflow:state=\"incomplete\""},{"colour":"#004646","exportable":true,"name":"type:OSINT"},{"colour":"#0071c3","exportable":true,"name":"osint:lifetime=\"perpetual\""},{"colour":"#0087e8","exportable":true,"name":"osint:certainty=\"50\""},{"colour":"#ffffff","exportable":true,"name":"tlp:white"}],"publish_timestamp":"0","timestamp":"1548432100","Object":[{"comment":"one of the largest banking groups in the Middle East in terms of assets. Russia-based office.","template_uuid":"a8806e40-39ad-435f-be02-ac2a13d6fc7d","uuid":"5c4ae48a-3218-4d00-b1b8-4ea7950d210f","sharing_group_id":"0","timestamp":"1548412875","description":"Victim object describes the target of an attack or abuse.","template_version":"4","Attribute":[{"comment":"","category":"Other","uuid":"5c4ae48a-cdc8-4489-a223-4186950d210f","timestamp":"1548412875","to_ids":false,"value":"financial services","disable_correlation":false,"object_relation":"sectors","type":"text"},{"comment":"","category":"Targeting data","uuid":"5c4ae48a-c010-474c-84eb-4742950d210f","timestamp":"1548412875","to_ids":false,"value":"Emirates NBD Bank (National Bank of Dubai)","disable_correlation":false,"object_relation":"name","type":"target-org"}],"distribution":"5","meta-category":"misc","name":"victim"},{"comment":"West Siberian Commercial Bank (WSCB). Russia.","template_uuid":"a8806e40-39ad-435f-be02-ac2a13d6fc7d","uuid":"5c4ae86b-8dfc-4f6c-91fe-4840950d210f","sharing_group_id":"0","timestamp":"1548413169","description":"Victim object describes the target of an attack or abuse.","template_version":"4","Attribute":[{"comment":"","category":"Other","uuid":"5c4ae86b-05d8-4544-8b3f-4861950d210f","timestamp":"1548413169","to_ids":false,"value":"financial services","disable_correlation":false,"object_relation":"sectors","type":"text"},{"comment":"","category":"Targeting data","uuid":"5c4ae86b-2570-434a-85b7-4cf3950d210f","timestamp":"1548413169","to_ids":false,"value":"Zapsibkombank (Zapadno-Sibirskiy Kommercheskiy Bank)","disable_correlation":false,"object_relation":"name","type":"target-org"}],"distribution":"5","meta-category":"misc","name":"victim"},{"comment":"Russia","template_uuid":"a8806e40-39ad-435f-be02
